It seems to me that web browsers are increasingly addressing all kinds of security/privacy issues from CSS history hacks to almost anti-virus-like heuristics for XSS protection.<p>Maybe the most controversial example on the privacy side is the "Do Not Track" HTTP header.<p>What I don't understand however, and what my question is about, is why in the world do browsers first send identifying, personal information about the user('s browsing habits), without consent from the user, across sites that may not even be affiliated in any way and _then_ tell that site "please, ignore this data".<p>Why send it in the first place? If the browser vendors don't care about privacy, why did they implement the "Do Not Track" header? If they do, why did they implement the "Do Not Track" header?<p>Why are cross-domain cookies and referrers still allowed by default?
It's no coincidence that the leading browser (Chrome) is produced by the world's largest advertising network (Google).<p>And so you ask, why isn't cross-browser cookies disabled by default? Well... why would a company do something to their free product that reduces the amount of revenue that they earn on their other products.