Two years ago, Mozilla announced that Firefox would offer do-not-track headers that, theoretically, enable people to opt out of online behavioral advertising.
The headers don't actually block the tracking cookies that allow ad networks to determine which sites users visit and serve them personalized ads. But Mozilla -- and others, including the Federal Trade Commission -- clearly hoped that publishers and ad networks would honor the signals.
Instead, privacy advocates, industry representatives and computer scientists in the World Wide Web Consortium have spent much of the last two years debating the best way to respond to the signals. Privacy advocates say that ad networks should stop collecting information about the sites that users visit, if their do-not-track headers are turned on. Web companies say they're prepared to stop serving those users personalized ads, but still want to collect information about the sites they visit and the ads they see.
The upshot is that do-not-track headers, now offered by every major browser, remain purely symbolic.
Now, Mozilla is raising the stakes by announcing that its Firefox browser -- which accounts for around 20% of the desktop market -- will soon start blocking third-party tracking cookies by default. Privacy advocate Jonathan Mayer, a Stanford grad student and author of the new no-tracking patch, announced the move Friday on his blog. He said the patch will bring Firefox's settings closer to Safari's settings by blocking third parties that users have no relationship with, but not first parties.
Mozilla privacy head Alex Fowler confirmed today that the company plans to deploy Mayer's patch. "Many years of observing Safari’s approach to third party cookies, a rapidly expanding number of third party companies using cookies to track users, and strong user support for more control is driving our decision to move forward with this patch," he wrote.
At the same time, Fowler says the patch is only in what he calls a "very early developer build of Firefox," adding that it will undergo "Mozilla’s usual vetting process."
Privacy advocates and ad industry executives had very different reactions to the news.
Jeff Chester, a longtime privacy proponent, says that it shows Mozilla's "serious commitment" to addressing online profiling and privacy. He adds that the move shows that people are losing patience with the W3C's efforts to reach a consensus. "Browsers like Mozilla will try to take matters in their own hands," he says.
Chester adds that others are contemplating "countermeasures" to the ad industry -- including blocking technologies.
Not surprisingly, the ad industry isn't taking the news well. Stu Ingis, counsel to the self-regulatory group Digital Advertising Alliance, warns that the patch would "negatively impact the entire Internet ecosystem."
Ingis adds that he considers the patch merely a "proposal." But, he says, should it come about, the development "would be a horrible thing for consumers."
He says that the default settings would remove some anonymous click-stream data from the online ecosystem -- which, in turn, could result in a drop in the ad dollars that finance a good deal of online content. "Is everybody just going to work for free?" he asks.
Still, there's no question that many online ad companies view the prospect of cookie-blocking as a significant threat. Whether that will be enough to spur agreement on do-not-track headers remains to be seen.