All of the big modern browsers offer a Do Not Track feature — you tick a box in the settings, and your browser lets every website you visit know that you don’t want to be tracked across the Internet. It seems like a great idea, but does it really protect your privacy? Do websites respect your wishes? Or does it simply provide a false sense of security that might have some people not protecting themselves adequately?
Let’s take a look at the evidence.
What Is “Do Not Track”?
First, let’s make sure we’re all on the same page when it comes to what we’re talking about. According to DoNotTrack.us,
Do Not Track is a technology and policy proposal that enables users to opt out of tracking by websites they do not visit, including analytics services, advertising networks, and social platforms.
When you tick the Do Not Track box in your browser’s settings, your browser adds an HTTP header to all of your web traffic letting websites know that you don’t want to be tracked; you don’t want tracking cookies from analytics or advertising networks, you don’t want information about your browsing to be transmitted to social networks, and so on.
Ideally, this means you wouldn’t receive browser cookies that enable ad retargeting or the mass collection of data about your browsing habits.
Does It Work?
In a perfect world, any website receiving web traffic with a Do Not Track header would do just that: not track the user. It would be federally mandated that companies respect the wishes of the user, under the threat of facing penalties if they ignored the Do Not Track request. This has been proposed to the Federal Trade Commission (FTC) a number of times. But instead of taking control of this privacy issue, the FTC delegated it to powerful corporate interests.
Deciding not to get officially involved in the privacy of users, the FTC instead tasked the World Wide Web Consortium (W3C) to work out the details of the Do Not Track technology. Who controls the W3C? Adobe, Facebok, Google, eBay, Netflix, PayPal, Kaiser Permanente, Twitter, Yahoo!, and a couple hundred other organizations, many of which are interested in collecting your data.
Does this seem like a good idea?
When you understand that these are the companies in charge of implementing the Do Not Track standard, it becomes obvious why it doesn’t do anything. DoNotTrack.us does have a list of companies that respect the wishes of users who have enabled Do Not Track, but it’s less than impressive.
Here’s an illustrative example. When Internet Explorer 10 was released, Microsoft enabled Do Not Track in the browser by default, stating that users should make a conscious decision to share information with advertisers, and not the other way around. The Digital Advertising Alliance made a fuss. And to make a long story short, Microsoft capitulated. As of Windows 10, users now have to turn on the feature themselves.
At first glance, it looks like Microsoft took a stand for user privacy, even though they ended up backing down in the end. But does Microsoft itself honor Do Not Track requests? Here’s what their privacy statement says:
Because there is not yet a common understanding of how to interpret the [Do Not Track] signal, Microsoft services do not currently respond to browser [Do Not Track] signals.
Not very reassuring.
Although some companies — including, Twitter, Medium, Reddit, and Pinterest — have committed to respecting users’ Do Not Track requests, most advertisers simply ignore it, citing a lack of an implemented standard that they’ve contributed to (Hulu recently announced they would no longer be respecting users’ wishes in this matter). Again, not reassuring.
In short, Do Not Track doesn’t do much at all.
It’s not like these companies can’t limit the tracking they do; many of them allow users to opt out of tracking and ad re-targeting if they log into a specific page and log a request. But that takes more effort, which means fewer people will do it.
What Can You Do?
While Do Not Track is a great idea, the FTC’s delegation of its implementation to the W3C, as well as the widespread industry decision to simply ignore it because they can, effectively killed it. But there are other options you can use to protect your privacy. Here are a few things you can do:
- Set your browser to reject third-party cookies. First-party cookies are from the websites you visit, and they can be very useful. Third-party cookies, however, come from advertisers and social networks, and are used to track you around the Internet.
- Opt out of as many tracking services as you can. There are a lot of them, and many don’t offer opt-out, but you can opt out of the big ones, like Facebook and Google. You can also go to NetworkAdvertising.org/choices to opt out of ad networks, but the effectiveness of this is a bit questionable.
- Use browser extensions to limit tracking. A number of browser extensions are available that protect you from third-party tracking. Disconnect.me is probably your best bet, though you should be able to find some others.
- Use a privacy-focused browser. Some browsers, like Epic and Dragon, are committed to your privacy. Others, like Tor, which we’ve discussed at length, are built to absolutely maximize privacy.
- For a full explanation of avoiding Internet surveillance, check out “Avoiding Internet Surveillance: The Complete Guide.” It has everything beginner and intermediate privacy enthusiasts need to beef up their security.
Take Privacy Into Your Own Hands
Do Not Track is a great idea, but when it comes down it, the technology really has no bite. Companies can — and usually do — choose to ignore it and face no consequences for doing so. It’s a good idea (and you should enable the setting anyway) but if you really want to keep organizations from tracking you across the Internet, you’ll need to do more than just send a polite request. You’ll need to take your privacy into your own hands with more direct measures.
Did you know that companies could just ignore Do Not Track? Do you use other anti-tracking features to ensure your privacy? Or have you just accepted that you’re being tracked everywhere? Share your thoughts in the comments below!
Explore more about: Online Privacy.