Dear EFF
Ya'd think ya'd get tired of the squishy sound that results from beating your head against this here advertising wall. Guess not.
The Electronic Frontier Foundation (EFF) is making a second attempt to sell online publishers and ad networks on a Do Not Track specification. The new guidelines have the backing of privacy peeps at Disconnect, blogging website Medium, search engine DuckDuckGo, and analytics biz Mixpanel. Also on board are the developers of …
So, there's a fox in the hen house. All the hens have labels on saying "Please don't kill me!".
What do you think the blind fox will do?
Obey the notice? are you kidding!
The hens need to protect themselves from the fox, like the three little pigs did, and build themselves a brick house that the fox cannot get into. No more need for useless "Please don't kill me!" stickers.
Instead of composing a text file (or maybe in addition to it) to be placed in some obscure place in a server's resources the EFF needs to come up with a means of displaying tracking status to the user.
What they should do is devise and copyright a DNT logo. Rights to display the logo would be granted freely to any website respecting DNT. Users would then assume that, by default, a website not displaying the logo would be tracking them and make their choices accordingly.
This post has been deleted by its author
So long as there's no legal requirement with meaningful punishment for infractions, no policy that requires an ad server to play nice according to client configuration is ever going to work. Like DNT it will just be ignored. All you can do is take deliberate action yourself, block Flash, block third party cookies, install ad-blocking software and put up with all those preachy messages you'll end up seeing in place of the blocked ads.
"That's why we need laws to compel site operators to pay attention to users' privacy wishes."
If wishes were fishes....
Unfortunately all the western governments are much, much too busy trying to draft laws that permit them to ignore the users privacy, then, new laws that declare the old laws legal when the original laws are declared illegal by courts (presumably ad nauseum).
If you want to 'cast nets' for privacy laws these days, better send for a Retarius.
https://en.wikipedia.org/wiki/Retiarius
Like the old saying that the people who seek political office are the ones who should least be allowed to hold it - the problem here is that the only people likely to comply with DNT requests are the ones we wouldn't worry about tracking by in the first place!
I'm on the UK "do not call" list (TPS) - but still get multiple telemarketing calls per day, many of them anonymous, because the worst offenders are the ones who completely ignore the law in the first place. Honest marketers aren't such a problem anyway.
Same for the "do not call" list here in the U.S., though we're supposed to be able to sue for a couple thousand dollars if we can show that one telemarketer is harassing us. That kind of protection doesn't stop the telemarketers from hiding their tracks by repeatedly transferring their call lists to new agencies.
Well, if a server has password protection and you crack it, you go to jail.
Video discs have encryption, and if you crack it, you go to jail.
So, we set the do-not-track option and install cookie blockers, but those that circumvent them don't seem to be going to jail. Do laws like the DMCA seem just a little lop-sided (nodding vigorously)?
Content providers might argue that when I go to a web page, I'm consenting to whatever content they have in whatever form they want to shove down our throats. But, I think there's a problem with that. You can't be sure of what to expect from a web page until you visit that web page. So, just as they have a right to state their terms, we also have a right to state our terms. And, if we set the do not track option and they ignore it, then they've violated our terms, they've violated our right to refuse consent.
And, if they hack past any privacy controls that we put in place, then that violation is clearly intentional.
Of course, if they don't agree to our terms, then they can refuse to serve us content. And, that's fine; I don't want content from someone that doesn't agree to my terms (and I have no intention to bypass any controls they have to block those that don't agree to their terms).
So, if the DMCA says that those who use technology to protect their data can expect to have that protection legally enforced, then there should be similar legal reasoning protecting our personal data--especially where we put safeguards in place along with a public notice, by way of a setting in the protocol, saying we don't want to be tracked.
But, if content providers don't want to be held to the same expectations that we are, then the DMCA should be repealed.