Sat Dec 15 06:53:59 UTC 2012

#6549: Implement "Do Not Track" as privacy-by-design
 Reporter:  mikeperry             |          Owner:  mikeperry
     Type:  project               |         Status:  new      
 Priority:  major                 |      Milestone:           
Component:  Firefox Patch Issues  |        Version:           
 Keywords:  SponsorZ-large        |         Parent:           
   Points:                        |   Actualpoints:           

Comment(by mikeperry):

 From the FTC's report on DNT, page 53 (PDF page 69):

 > "The Commission commends recent industry efforts to improve consumer
 control over behavioral tracking and looks forward to final
 implementation. As industry explores technical options and implements
 self-regulatory programs, and Congress examines Do Not Track, the
 Commission continues to believe that in order to be effective, any Do Not
 Track system should include five key principles:
 > First, a Do Not Track system should be implemented universally to cover
 all parties that would track consumers. Second, the choice mechanism
 should be easy to find, easy to understand, and easy to use. Third, any
 choices offered should be persistent and should not be overridden if, for
 example, consumers clear their cookies or update their browsers. Fourth, a
 Do Not Track system should be comprehensive, effective, and enforceable.
 It should opt consumers out of behavioral tracking through any means and
 not permit technical loopholes. Finally, an effective Do Not Track system
 should go beyond simply opting consumers out of receiving targeted
 advertisements; it should opt them out of collection of behavioral data
 for all purposes other than those that would be consistent with the
 context of the interaction (e.g., preventing click-fraud or collecting de-
 identified data for analytics purposes)."

 While we don't meet all of those right now (we miss !#2 due to tbb-
 usability bugs, and !#3 due to our lack of updater, and !#4 due to the
 above bugs in this ticket's description), there's no technical reason we
 couldn't meet them all. However, the task is impossible for the actual
 DNT:1 header. In particular, there's no way for DNT:1 to ever satisfy
 requirements !#1 or !#4 (and arguably even !#5).

 See also my submission to http://www.w3.org/2012/dnt-ws/papers.html at:

