Do Not Track

April 27th, 2011
donottrack, privacy
The do not track header is moving forward, with an initial draft released in march. The idea is that browsers could be set to send an "I opt out of tracking" header, and any server receiving the header would be supposed to refrain from third party tracking, where:
A third party is a functional entity with which the user does not reasonably expect to share data. In general advertising networks, analytics services, and social plug-in providers are third parties. (p6)
This is mostly fueled with concern about behavioral advertising. The way this currently works is that advertising networks track users from site to site and will try to show ads that are personalized for that user. This is a small fraction of advertising now, but as computers get faster and our capacity for storing and sorting through data grows, this could become very effective and profitable.

If this were to become a standard and the FTC were to make following it mandatory [1], the only sites that could still use behavioral advertising would be huge ones, possibly only google and facebook. Because third party advertising networks couldn't track users, only in-house systems like facebook's or google's (when applied to google) would be able to do it. This could lead to a big push towards consolidation and merging in a market that has historically been highly diverse and distributed, as small sites would get bought by larger sites with the goal of building an agglomeration large enough to do effective in-house behavioral advertising. This would make me sad.

How to fix this? The problem comes from using this "third party" distinction as an approximation of what users want. Users don't care whether they're being tracked on gmail by google's ad network or someone else's one. They care that some server is watching their online activity and deciding what ad to show based on what they've expressed interest in. A real solution would be to prohibit both first and third party tracking. Alternatively, we could decide we don't care.

[1] You could say that users would not be likely to turn "do not track" on in their browsers. I agree, they probably wouldn't, but I think browser companies would turn it on by default. Pop up blocking, another kind of advertising people found obnoxious, went from an opt-in thing to an opt-out thing after browser makers were convinced people would prefer it that way. I would expect this to follow the same path.

Comment via: facebook, substack

Recent posts on blogs I like:

Linkpost for July

Effective Altruism

via Thing of Things July 3, 2026

Agentic test processes, LLM benchmarks, and other notes on agentic coding from Galapagos Island

I've been using AI fairly heavily since last November and the whole thing is a funny experience. An agent will do something that, if a human did it, you'd immediately fire them. My reaction, of course, is to act as if this is great and spin up a t…

via Posts on July 3, 2026

Variable fonts aren't universally supported

I make a lot of webpages. I also use Lockdown Mode on iOS and MacOS for a bit of extra security. Sometimes I realize that I forgot to test on Safari and it looks like crap, or I test and don’t notice that there’s been a problem for months (as was the case…

via Home June 27, 2026

more     (via openring)