A universal do-not-track feature has been advocated by privacy groups after being introduced by the Federal Trade Commission in 2010. But the World-Wide Web Consortium (W3C) – composed of software companies, academics, privacy groups, and others who determine international Web-browsing standards – has long struggled to develop a unified approach for the feature.
The somewhat-arcane debate over Internet tracking has mostly simmered quietly, but now some lawmakers are arguing that a working group the consortium set up to develop the standard has become overly influenced by tech industry concerns, putting those interests ahead of protecting consumers from the possibility of privacy invasion. The group is currently chaired by representatives from Adobe and Intel.
"Unfortunately, the group's composition no longer reflects the broad range of interests and perspectives needed to develop a strong privacy standard," Sen. Edward Markey (D) of Massachusetts, Sen. Al Franken (D) of Minnesota, and Rep. Joe Barton (R) of Texas wrote in a letter on Wednesday to the consortium. "The 'Do Not Track' standard should empower consumers to stop unwanted collection and use of their personal data. At the same time, the standard should not permit certain companies to evade important consumer protections and engage in anticompetitive practices."
(Score: 2) by jmorris on Monday October 12 2015, @11:00PM
If the tech makes it easy to track people across sites then they will be tracked. Policies won't stop it since the pond scum lost likely to abuse it will ignore it. Laws won't work either, how much luck have laws had vs spam? They cross legal jurisdictions, use 'bulletproof hosts' and hijacked Windows PC.
No, the solution has to be tech. Browsers need to discourage cross site content in exactly the same way they discourage other unsafe behavior like cross site scripting. Break the webbugs that allow the tracking in the first place and solve the problem once and for all. This means sites would have to serve up the ads from their own domain if not their own actual servers but that isn't an unsolvable problem once you think about it. But it means doubleclick.newyorktimes.com can't inject a cookie that allows them to track you when doubleclick.politico.com needs to pick an ad based on your earlier viewing because no existing browser will allow it. That ends it, it kills it dead.
But it would be a fair bit of rebuilding, I'm not kidding myself and you shouldn't get behind the idea either without considering the downsides. YouTube is an obvious problem and there is the wasted bandwidth and extra caching implied when all of those bloathog javascript frameworks get locally semi-hosted (DNS record only) on every site that makes use of them. Probably makes hosting them for free impractical to the point each site would have to actually host them on their own which would introduce security issues when they didn't get updated like they should from the central site. And you even have to ban centralized image hosting, remember that ANY url can be converted into a tracking cookie, especially with Javascript enabled. But none of those objections are insurmountable.