Or the risk of offending the biggest source of funding? Why does being tracked be the norm and you have to explicitly say don't track me? In real life you don't have to go to a government agency and register "I wish to not be stalked". What is wrong with saying it is the user's choice that they be tracked. Default is don't because that's how real life is.<p>(If you really really really care about a user's choice like you say you do then make the user make a choice. On first launch get the user's choice and refuse to work without being told what they'd prefer.)<p>Edit 1: I read the W3 draft on Do Not Track and seems like there is a section for "Explicit Consent Requirement".[0] Although whether the committee is influenced by corporation in way that the industry is tasked with policing itself is a different topic altogether.<p>Edit 2: Brain Smith from Mozilla responded with websites ignoring the flag if set by default. That's what Yahoo! did.[1] But that's the problem with any honor-based system.<p>[0] <a href="http://lists.w3.org/Archives/Public/public-tracking/2012Jun/att-0095/compromise-proposal-pde-tl-jm.html" rel="nofollow">http://lists.w3.org/Archives/Public/public-tracking/2012Jun/...</a>
[1] <a href="http://allthingsd.com/20121026/yahoo-dings-do-not-track-default-and-search-partner-microsoft/" rel="nofollow">http://allthingsd.com/20121026/yahoo-dings-do-not-track-defa...</a>
The problem with "Do Not Track" is that it is misnamed, and the entire debate has been misframed around that. The feature was dead in the water from the moment it was called that.<p>To the end user, the idea of being tracked sounds like being followed around by some stalker, and is about as enticing as having your home robbed. People, in general, don't understand either the bad (the extent to which web sites can build a deep profile on you) or the good (how much of the web that everyone loves is financed through targeted advertising). As such, how things are presented is tremendously important.<p>Imagine if it was called "Disable Ad Personalisation", or even, "Do Not Tip" where the notion of denying monetization to the web sites you use (which is what Do Not Track will do) is invoked. It would have a very different response, I think.
I think there's an easy solution to this: when one first launches Firefox (or another browser), it can prompt the user. Firefox already has a "know your rights" thing that comes up. Internet Explorer asks what search engine and other stuff you want to use. Having a "Do Not Track" option as part of that would be reasonable.<p>As for Mozilla and this letter, Do Not Track isn't legislated. Basically, it's a way for you to tell websites that you don't want to be tracked, but they have no obligation to follow your wishes. Some advertisers [citation needed] have indicated that they will follow Do Not Track if it's an opt-in system. A cursory search shows that Yahoo ignores the setting from IE10 because Microsoft made it a default (<a href="http://www.theregister.co.uk/2012/10/26/yahoo_to_ignore_ie10_do_not_track/" rel="nofollow">http://www.theregister.co.uk/2012/10/26/yahoo_to_ignore_ie10...</a>). As the article notes, the W3C says that Do Not Track should be opt-in.<p>So, on the one hand, advertisers seem to be saying "if Do Not Track is a default setting, it isn't a user choice and we'll ignore it." If Mozilla makes it a default, it doesn't help anyone. However, I think browser makers could call their bluff by making it a very apparent option when starting the web browser.<p>I think Do Not Track should be the norm. However, it isn't. The norm <i>is</i> tracking. Once a norm has been established, it's hard to replace it with a new norm. Cigarettes would never get approved for sale if they were invented/discovered today. If subways were a new invention, it seems like they would be built with walls preventing people from being pushed onto the tracks. But norms were established and it's hard to move away from them.<p>In this case, I think there's an easy solution: explicitly asking on first launch. Browsers already ask to be the default, some try to tell you about rights, some ask you about search engines, etc. Just add Do Not Track to that process. Then we explicitly have a user opinion on the matter.
I find this whole argument moot. DNT is binding neither in a legal nor in a technical sense. If you don't trust someone to handle your internet tracking history, why would you trust them to keep an informal promise, ESPECIALLY considering they have a get out of jail free card saying they accidently ignored your DNT header because they thought you were using IE 10?<p>Microsoft did right(for once) with making DNT default on IE. It exposes the DNT idea for what it is: Snake oil.
Do-Not-Track has been designed to represent the <i>explicit</i> choice of the user to not be tracked.
As per the DNT[1] draft :<p><pre><code> 6.2. User Interface RECOMMENDED
A user agent that implements Do Not Track SHOULD provide a user interface
for modifying preferences. The user interface design is left to the
user agent.
6.3. Default
A user agent MAY adopt NO-EXPRESSED-PREFERENCE or OPT-OUT by default.
It MUST NOT transmit OPT-IN without explicit user consent.
</code></pre>
Another important aspect, that I don't see mentioned much, is that DNT is only supposed to prevent third-party tracking. First-party remains unaffected.<p>[1] <a href="http://tools.ietf.org/html/draft-mayer-do-not-track-00" rel="nofollow">http://tools.ietf.org/html/draft-mayer-do-not-track-00</a>
Because it breaks websites. It blocked cookies for me on an FRAME (yes, I know) for a MasterCard SecureCode transaction for personal stuff on a local business site, and the website uses cookies to pass from one server to another and the transactions failed the following day when I enabled Do Not Track. Even companies like MasterCard cannot function with it enabled, how do we push smaller companies to get it done?
And this is why industry self-regulation will continue to fail.<p>Opt-out from privacy invasion is not sufficient. In Europe at least, it is politically and socially unacceptable that people have to opt-out. So as long as the industry comes up with half-assed protocols and self-regulation that is based on the assumption "we have the right to violate your privacy unless you stop us" instead of the other way around, this will continue to trigger ever stronger anti-tracking legislation.<p>And please don't think that the faltering so-called "cookie-law" will be the end of it. That was just the softest option, and just like with early anti-spam laws the industry chose to sabotage it instead of trying to make it work. I wouldn't be surprised if this ended with a full blown ban on any form of cross-site tracking.<p>Of course "do not <i>stalk</i>" should be the default. The whole notion that having your privacy violated by the marketing industry is somehow about individual choice is bullshit. It's as idiotic as "do not film me in the privacy of my own home" being opt-out and we're all Big Brother contestants by default.
This does not make any sense.<p>Mozilla is claiming they do not want to enforce a preference for the user, and instead would like the user to make the choice. But Mozilla has previously enforced their preference for a number of different features:<p>* Mozilla has disabled java plugins and silverlight in the past to protect their users (from security vulnerabilities).<p>* Mozilla has enforced their preference for blocked popup windows in the past to protect their users (from annoying content).<p>* Mozilla has enforced their preference for the handeling of cookies to protect their users (from privacy violations). <a href="https://blog.mozilla.org/privacy/2013/02/25/firefox-getting-smarter-about-third-party-cookies/" rel="nofollow">https://blog.mozilla.org/privacy/2013/02/25/firefox-getting-...</a><p>Why not disable tracking features to protect your users (from privacy violations)?<p>Their explanation does not make sense.
the problem is that Mozilla <i>introduced</i> do not track.<p>if they had both introduced the feature AND made it default, since following the hint is voluntary from the advertisement providers (ie server side decides to honor it or not), well, NONE would have followed it.<p>The situation with 3rd party cookies is different, because it's up to the client, not to the server side.<p>So, this has little to do with the Google search engine deal, in fact.
> We won’t turn on Do Not Track by default because then it would be Mozilla making the choice, not the individual.<p>I don't buy that. They are making a choice either way, whether they enable or disable it by default. Just like they are making a choice about the hundreds of other options Firefox has. A few examples of how Mozilla thinks:<p>> JavaScript enabled by default. Why? Developers and designers can do some really awesome websites with it and we want users to have that experience.<p>> SSL enabled by default. Why? It improves your security.<p>> Do Not Track disabled by default. Why? Because we don't want to fuck with the people who are paying us (i.e. Google).
I always wonder why people don't have the courage to mention the elephant in the room - that a very significant part of Mozilla's revenue comes from Google's ability to track Firefox browser users. That, at least, deserves a mention.
This is bs. I consider myself far more computer literate than the masses. Yet, I wasn't aware that the iOS safari had the capability of DNT. I accidentally found out about it while playing with the settings on my development device. DNT is a relatively new capability, which used to be handled with plugins such as Ghostery. Browser vendors should teach their users about this shiny new feature, otherwise it is practically useless, as it will not protect those who need it the most.
<i>We won’t turn on Do Not Track by default because then it would be Mozilla making the choice, not the individual.</i><p>That's just as true of leaving it turned off by default. What sort of idiots do you take us for?
Internet explorer has made any effect that DNT might have had completely useless. It's much more effective just to nuke the stuff locally with Ghostery.
That was 2011. While Mozilla still will not turn on DNT by default, they are now going to block most third-party cookies by default, which to a large extent has the same effect: <a href="https://blog.mozilla.org/privacy/2013/02/25/firefox-getting-smarter-about-third-party-cookies/" rel="nofollow">https://blog.mozilla.org/privacy/2013/02/25/firefox-getting-...</a> . (Edit: typo.)