Chrome Gets ‘Do Not Track’

Google has added the privacy feature to Chrome’s latest developer build, with the release version to get ‘Do Not Track’ by the end of the year

Google’s Chrome browser project is beginning to add built-in “Do Not Track” capabilities to the latest developer’s build of the open-source web browser.

Do Not Track capabilities mean that users can choose to instruct their web browsers not to show personal information about their web searches using the Do Not Track controls that are being integrated into some browsers. By hiding information about their searches, users can block advertisers and websites from collecting and using that information to push targeted online ads and gain details about their surfing.

Privacy feature

The Google Chrome inclusion of Do Not Track features in the latest developer’s build came on 13 September in a posting on the Chromium Project website.

Google did not respond to a written request from eWEEK on 14 September for more information about the move.

However, in an emailed statement to The Wall Street Journal’s All Things Digital section, Google spokesman Rob Shilkin wrote: “We undertook to honour an agreement on DNT that the industry reached with the White House early this year. To that end we’re making this setting visible in our Chromium developer channel, so that it will be available in upcoming versions of Chrome by year’s end.”

The feature adds a request to the header of the browser that theoretically is supposed to be viewed by a website, then acted upon based on the user’s preferences.

According to the Chromium developer’s community, “The Do Not Track HTTP request header (“DNT: 1”) expresses a user’s preference to opt out of web tracking. Firefox 4, Internet Explorer 9, and Safari 5.1 all support Do Not Track, and the header is likely to be standardised” among Internet standards organisations.

“Chromium should be brought to feature parity with its peers,” the Chromium developer post continued.

Voluntary compliance

The problem, though, is that so far, Do Not Track controls built into web browsers only have to be complied with by websites and advertisers on a voluntary basis because there are no laws or requirements that control such information today.

And that, said Melissa Ngo, a privacy consultant who writes a blog called Privacy Lives, is the problem with existing Do Not Track efforts.

“First, this is not Google Chrome’s final product,” said Ngo, so no matter what the intentions are for its use, no one will know what it does in Chrome until it is actually finished and released later. “It’s just some that they’ve given to developers” at this point. “So we haven’t seen how it works yet.”

The effort, though, is worthwhile, she said, because “it is important to give individuals real control over how their personal data is used”.

Ngo said she’s not convinced that such Do Not Track efforts are even effective since adherence with their user requests are only voluntary on the part of advertisers and websites.

“That’s why I believe that it is important to enact enforceable government regulations to protect users and their data,” said Ngo. “That would ensure that when a person says, ‘do not track me,’ that that means something to a website or advertiser as an individual browses or shops online.”

False sense of security?

Such true protections won’t come until enforceable laws are put in place to make it happen, she said, even with efforts like Do Not Track tools in today’s browsers. “Individuals will not be protected until we have that,” said Ngo.

Sarah Downey, privacy analyst and attorney with Abine, a consumer online privacy company that offers a free browser add-on that claims to completely block browser tracking, called Google’s efforts to add Do Not Track capabilities to Chrome “definitely a step forward because it shows that companies… are thinking about this.”

At the same time, said Downey, “we’re a little bit worried that it gives people a false sense of security” since the Do Not Track settings chosen by users do not yet have to be complied with by websites and advertisers. “There are no requirements that anybody has to listen.”

Because such compliance is only on a voluntary basis today, “the vast majority of sites do absolutely nothing” to comply with user requests not to be tracked, said Downey. The only web two sites that she is aware of that presently do comply with Do Not Track requests from users are Twitter and the Associated Press, she said.

Data collection to continue

Two major online advertising groups, the Network Advertising Initiative and The Digital Advertising Alliance, have taken positions on Do Not Track that consumers should be aware of, said Downey. “They say they’re going to continue to collect data [if they run into the Do Not Track headers], but they won’t show users personalised ads based on the data that’s collected.”

That means that even though they read the Do Not Track headers from a user, they are choosing not to leave the user’s completely out of their tracking efforts, making it a half-hearted effort to comply with user requests, said Downey. “The reality of that kind of implementation is that the advertisers don’t line up with the expectation of users’ privacy.”

Abine does offer a free DoNotTrackPlus application that will actively block all advertiser information requests as they come in to the user’s browser, said Downey. By blocking requests as they arrive, no data can be collected about users while using the application, she said.

Are You Plugged Into USB? Take our quiz.