Commentary

Mozilla Questions IAB's Do-Not-Track Estimates

The Interactive Advertising Bureau's general counsel Mike Zaneis caused a stir last week when he said that around one in five Web users are sending do-not-track signals as they surf the Web.

Zaneis told the Internet standards group World Wide Web Consortium that the proportion of users with do-not-track signals had grown so high that the ad industry couldn't stop serving targeted ads to those people. The industry also believes that many of those signals are turned on by default, or by anti-virus software, and that the headers don't reflect users' actual preferences.

Today, Mozilla's privacy chief Alex Fowler asked for proof of the IAB's contention. “I'm seeing more and more claims of the proliferation of DNT:1 [do-not-track on] online, especially outside the browser context. Can someone point me to a published study or paper that makes this clear and the sources for these signals?” he said in public email to members of the World Wide Web Consortium's tracking protection group. “If we're going to consider this as a factor for which signals are OK and also as a justification for which path we follow, it would be helpful for the basis for this claim to be incontrovertible.”

As of Friday afternoon, no one had posted a public response to Fowler's question.

Also on Friday, members of the W3C began voting on the ad industry's proposal about how to interpret do-not-track signals. (The vote isn't binding on the W3C leadership, but gives the participants a chance to go on record with their objections to the various proposals.) The current industry view is that ad networks need not stop targeting people in response to do-not-track signals. Instead, the industry says that companies should practice “data hygiene” when faced with a do-not-track header. While the concept of data hygiene remains vague, one concrete proposal calls for companies to delete URLs of Web users, but retain information about the sites they visit.

Of course, that information can be extremely detailed -- and even more valuable to marketers than the URLs, which arguably are irrelevant without more context. Privacy advocate Jonathan Mayer makes this point in an email to members of the W3C. “The [ad industry] design misses the forest for the trees: There is nothing inherently problematic about URL data,” he writes. “Rather, privacy risks flow from what can be learned from URL data.”

For now, the privacy advocates and ad industry representatives seem hopelessly at odds with each other. But whatever the outcome of the current talks, it's worth noting that the browser manufacturers always have the option of preventing a prevalent form of tracking by blocking ad networks from setting cookies. Safari already does so by default, and Mozilla has said it intends to do so. In other words, ad networks might have no choice but to stop tracking Web users without their explicit consent, regardless of what happens at the W3C.

1 comment about "Mozilla Questions IAB's Do-Not-Track Estimates".
Check to receive email when comments are posted.
  1. Pete Austin from Fresh Relevance, July 15, 2013 at 4:59 a.m.

    The quote is, "My members seeing 20-25% of user base sending flag". This is incredibly weak, because it's not based on public data, it doesn't distinguish between always sending or sometimes sending, it's not clear what "user base" means, but mainly because it likely means "a few of my members" and people talking on this issue would be a self-selected group consisting of those who see a significant effect.

Next story loading loading..