Web Standards Group Will Miss July Deadline For Do-Not-Track Proposal
Swire certainly approached the task with optimism. One of his first official statements came in February, when he authored the blog post "Full Steam On Do Not Track," which called for the World Wide Web Consortium's tracking protection group to reach “last call” -- which means putting out a proposal for public comment -- by July.
But Swire told other members of the group this week that there is no longer any chance of meeting that timetable. “There is not a way to get to last call by the end of July,” Swire said, according to a draft transcript of a conference call that took place this week. “Next Wednesday, we will have a discussion about where we are and next steps.”
There is no reason why the group can't continue to work on the proposals. But at this point, the talks have turned so acrimonious that it seems unlikely the group will ever agree about how to handle do-not-track headers that are sent by browsers.
The headers originally were designed as a way for privacy-conscious users to opt out of online behavioral advertising. Every major browser now offers those headers, but they don't actually block tracking cookies. Instead, they send a signal to publishers and ad networks, which are free to react however they like.
The W3C's tracking protection group, made up of advocates, computer scientists and tech companies and ad industry representatives, has been trying to come up with standards to guide companies about how to interpret the headers. When the initiative started, everyone assumed that companies that encountered a do-not-track header (and wanted to respect it) would, at a minimum, stop serving ads to people based on their activity throughout the Web. Privacy advocates wanted the companies to go further and stop collecting data from those people. For many months, the main focus of debate centered on whether ad companies should be able to collect information from users who had turned on do-not-track and, if so, for what purposes.
But several weeks ago, the ad trade group Digital Advertising Alliance proposed a new interpretation of do-not-track. The DAA (and others) floated the idea that companies should take steps to “de-identify” some data when a consumer had turned on do-not-track, but continue serving behavioral ads to those consumers. The industry said that people who want to opt out of behavioral advertising could do so via the AdChoices icon, which takes people to a page where they can click on an opt-out link.
Swire and the other co-chair, Matthias Schunter, rejected that idea this week, writing that the ad industry's stance was “at odds with our chartered aims and the weight of group consensus.”
Ad groups aren't taking the rejection well. In the last two days, various ad industry representatives have demanded more information about how the co-chairs arrived at their decision. For example, the Interactive Advertising Bureau's general counsel Mike Zaneis said in an email to the group that the ad industry is seeking “some clarity as to the process and standards that are being applied to our work.”
But these procedural questions are beside the point. The W3C is not a court of law, and the co-chairs need not follow the same sorts of requirements as judges presiding over trials -- especially when trying to arrive at a consensus for voluntary standards.
Besides, the history of do-not-track makes it obvious that if the term has any meaning at all, it's that companies won't serve people ads based on their activity across the Web. After all, the entire concept originated with privacy groups, who proposed in 2007 that consumers should have a way to easily, and permanently, opt out of online behavioral targeting.