Draft 'DNT for users' Explanation Page

Friends

we have talked about there being a central neutral page that explains DNT to users, that the browsers can link to (e.g. from their help pages) or indeed anyone else can, and that in turn links on to more material as appropriate.

A bunch of us got together and drafted the text below.  There is clearly a placeholder paragraph towards the end, which would need fleshing out with specifics as they develop.  We envisage that the W3C or WebPlatform.Org (who have not yet been asked) might host this, perhaps as a working group 'note'.

I hope that this doesn't distract from the normative documents on our plate, but instead helps to make progress to providing the materials we need for a balanced understanding in the market.

Chairs:  how would you like to handle comments on this document?  Perhaps a 'product' in the issue/action tracker ('user-explanation')?

Thanks


* * * * * * *

Everything you need to know about Do Not Track

Do Not Track (DNT) lets you express a choice not to be tracked when browsing from site to site on the Web. When the feature is turned on, your browser will communicate that preference to every site that supplies content to you, whether or not that content is visible, telling them that you want to opt out of tracking. It does this by transmitting a bit of code — a Do Not Track HTTP header — every time your browser requests data from the web for you.

Do Not Track distinguishes between sites you visit directly (called “first parties”) and other sites that also supply material (called “third parties”), which together create your browsing experience. The third party sites provide their own content or support first party sites. They might supply ads, other visible content or material that makes the page work, or they may also be there to collect data and statistics, perhaps without any visible content at all.

Do Not Track is designed to not interfere with your online experience. There are few tracking restrictions for first party sites. They can remember things like who you are, that you visited their site and browsed around, that you interacted with them by filling in forms or that you bought something. First parties are not allowed, however, to pass data to the third parties that their pages pull in, unless a particular third party is allowed to have collected the data independently.

When Do Not Track is enabled, third parties are asked to “treat you as someone about whom they know nothing and remember nothing.” Third party sites that implement Do Not Track (though not all do) will, in general, cease to record information that can be traced to you when your browser sends a Do Not Track request.

Even when not tracking, however, third parties are allowed to remember enough information to ensure their site works, and that it’s protected against attacks and fraud. Advertisers are also allowed to collect enough data to be able to collect their fee for having shown an ad, and to have those accounts audited.

As mentioned above, not every site implements Do Not Track or respects the DNT request. Your browser may be able to tell you when your Web activity involves a site that doesn't, or you may be able to find a browser extension or other tool that will.

Some third parties rely on tracking to offer what they consider the best user experience. That experience can include matching you with ads they think are relevant to your online activities (called “behavioral advertising”). Some first party sites may feel that — for their site to function best or to give you the best experience — they and their third parties need an exception to your general request not to be tracked. They may explain this need and ask you for your agreement. If you give it, they then ask your browser to remember that they have an exception to your general Do Not Track request. If you do not grant them the exception, your online experience may be impacted. Your browser may offer ways to see or manage what sites have recorded such exceptions from you.

Do Not Track may also interfere with some personalized services you enjoy. For example, a Do Not Track request might mean you would have to type in your zip code each time you want to view a weather report, rather than having your local weather automatically displayed. Personalization on websites can save you time and repetitive typing, but it requires data.

Do Not Track is one of many privacy solutions. It doesn’t aim to give you absolute online privacy, but to improve it. Do Not Track doesn’t replace your antivirus software, will not encrypt data and is not a security mechanism.

The members of some trade associations and other bodies, such as the<link>XXX</link>   and<link>YYY</link>, have also committed to additional codes of conduct around respecting Do Not Track. Sites – both first and third parties – that belong to these bodies and implement Do Not Track may offer you improved privacy or better safeguards.

The formal standard for Do Not Track is<link>available</link>   from the W3C. There are also<link>documents</link>  that describe how Do Not Track relates to laws and regulations in various parts of the world.

* * * * * * * *


David Singer
Multimedia and Software Standards, Apple Inc.

Received on Wednesday, 26 June 2013 16:25:54 UTC