Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Does "Do not track" work?

Question:

I have “Do not track” add-ons for my IE 9, Firefox, and Google Chrome
browsers. Is this add-on of any real benefit?

In this excerpt from
Answercast #76
, I look at some of the issues around the “Do not track”
initiative on the internet.

]]>

Do not track

There is a lot of misunderstanding and misinformation around “Do not track.” It’s even gotten quite political with Microsoft’s decision to not only include the “Do not track” feature in Internet Explorer 10 – but to turn it on by default. They actually have it enabled when you install IE 10 by default.

Here’s the problem: “Do not track” doesn’t do anything in the sense that it’s not changing what gets tracked on your PC. All “Do not track” does is it includes with every request you make of a web server, a statement that basically says, “Please, do not track me.”

That’s all it does. It makes a request of the server.

Websites don’t need to honor “Do not track.”

Now, the problem is that it’s a request and there is no compulsion for the server to honor or support that request.

In other words, a well-behaving server, probably serving ads or web pages or what not, will of course, pay attention to the “Do not track” request and do whatever “Do not track” means to them. On the other hand, the server might completely ignore it. In other words, it’s the same as not having said it at all.

So, does it add any real value? Well, I guess, maybe. It depends on which servers you talk to on a regular basis and whether or not they’re paying attention to it.

Not concerned about tracking

If you’ve read Ask Leo! for any length of time, you know that I’m not really concerned about tracking. I don’t consider tracking to be a huge issue. As an individual, you and I just aren’t that interesting. The fact that “Do not track” is this messed up really doesn’t concern me that much – because I wouldn’t turn it on myself in the first place, and I don’t.

Where things got weird is when, like I said, with Internet Explorer 10 turning it on by default… some websites have publicly stated that if they see a request coming in from Internet Explorer version 10 with the “Do not track” setting turned on, they will ignore it.

So it’s a complicated mess. Not even simplified in the least by the fact that what does it really mean to track?

What is tracking anyway?

There is no common definition; there is no common understanding of what it means to “track” somebody.

Information is always being kept. How that information relates to other information that’s also being kept is probably what most people think of as “tracking.” But even then, how the information collected over here matches the information collected over there? There may not be a correlation; there may be one.

It may be as simple as simply matching IP addresses. It may be something much more complex, including a convoluted storage of cookies and who knows what. And to be clear, setting “Do not track” has no effect on your browser storing cookies. It continues to store cookies exactly the way that has in the past, mostly because you need cookies for a lot of different things on the web to work.

All the “Do not track” setting does literally is ask servers not to track them – and then trust that they won’t.

There’s no verification. There’s no validation. There’s no enforcement. So to ultimately, to answer your question, “Is it doing anything of any real benefit?” In my opinion, no. Others might disagree.

Those sites that are cooperating with the “Do not track” initiative may in fact be doing something different that some people would consider a benefit. I’m not one of them. I’m not turning it on. The fact that it might be turned on by default in IE 10, I honestly don’t care. It’s just what it is!

The whole “Do not track” initiative, I think, is playing on a lot of people’s confusion about the entire issue to make them feel safer than they really are.

(Transcript lightly edited for readability.)

Next from Answercast 76 – Do tablets need anti-malware software?

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

8 comments on “Does "Do not track" work?”

  1. I don’t worry much about cookies (the nonfattening kind), but in Firefox and probably all modern browsers, there is an option to erase cookies when you close your browser.

    Reply
  2. Dear Leo and friends:Hello!I trust and believe everything you say Leo! I just wanted to say that i have “DoNottrack’ in my Firefox 16 and also in IE8.
    It does have one benefit sir because it does show every Firm and Company that is gathering information of your interests and sites viewed. Leo,Isn’t it true that those sites Do Sell that information for profit? I am not doing anything wrong ,so, I am not worried at all sir. I just think it is a cool thing to have! If nothing else,at least I do know who is watching me right? Thank you again sir.Michka’el.

    Reply
  3. Leo,

    I am disappointed in your lack of concern about tracking. The issue is not just whether your computer might slow down due to many cookies, or whether you do or do not care about getting more targeted ads.

    The issue is that companies did not get your permission to monitor what you did on your computer. Privacy IS important to most people.

    You wait and see. If companies are forced to really get people’s permission to track in the future, I bet that over 80% of people will indicate NO.

    I agree that many people think incorrectly that they have enforceable “Do not track” on their browser now. But I’ll also bet that over 80% of all users think that they SHOULD have automatic enforceable anti-tracking in all browsers. With big fines for companies that do not honor the “do not track”.

    Reply
  4. Having “Do not track” selected prevents you from logging in to some routers, at least with Firefox (I just spent several hours finding out why I couldn’t log in to a Cisco WRT120N).

    Reply
  5. “The issue is that companies did not get your permission to monitor what you did on your computer.” – Jack, December 7, 2012 11:24 AM

    I’m no lawyer, but I think you do give permission to a website to monitor what you do on their website, when you visit their website.

    It’s like having a loyalty card at a store. Sure they give you a discount for being such a loyal customer, but they are also tracking your purchases.

    Does either (website or loyalty cards) really bother me? No. Because hopefully, the website or retailer will use this information to provide me with more relevant information, better experience, etc.

    The big question is always, what do websites (and retailers) do with the information that they have tracked. As long as they keep it private and use it for their own purposes, I don’t really care. I DO CARE when they start selling the information to the highest bidder.

    Reply
  6. I would think that Windows servers would be more likely to honor Internet Explorer “requests” than other manufacturer’s servers. I wonder what percentage windows servers are of all servers. I would think it is quite high.

    I don’t believe it has anything at all to do with the software running on the server. This is a *decision* made by whoever owns, and therefore *configures* the server.

    Leo
    08-Dec-2012

    Reply
  7. I do a considerable amount of browsing on the ‘Net including e-commerce and banking. I use Firefox to which I’ve added AdBlock Plus and Better Privacy. The only anti-virus anti-malware I use is MS Security Essentials. It has been over 5 or 6 years since my computer has been infected by any virus, spyware, or other malware. And I don’t worry about normal cookies. I think Leo says it quite well, “As an individual, you and I just aren’t that interesting.”
    Part of the secret is not visiting Porn sites. I also stay away from Game sites, music down-load sites, and even FaceBook.

    Jack, you state, “The issue is that companies did not get your permission to monitor what you did on your computer.” They Don’t! They don’t monitor what you do ON your computer, but do monitor what you do ON THEIR Site.
    If you want to be concerned, check out ‘Super Cookies’, a name for LSOs. In the last 16 days Better Privacy has removed over 233 LSOs from my computer which were inserted every time adobe flash was used (which is nearly every time I’ve visited a web site which contains any kind of video. ) So, If you are concerned about cookies, forget the small fry. A Wikipedia anticle states, “By default, a SWF application running in Flash Player from version 9 to 11 (as of Sept 1, 2011) may store up to 100 kB of data to user’s hard drive.”
    I copied the following from a recent UC Berkeley report:
    “More than half of the internet’s top web sites use a little known capability of Adobe’s Flash plug-in to track users and store information about them, but only four of them mention the so-called Flash Cookies in their privacy policies.”

    Perhaps Leo can post a blurb on LSOs. ??

    LSO’s, or Flash Cookies, are mentioned here: What’s a “super cookie”? (listed in the related articles above) – in reality to a site determined to track is pretty hard to stop.

    Leo
    08-Dec-2012

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.