Do Not Track Adoption in Firefox Mobile is 3x Higher than Desktop

Alex Fowler

2

In looking at adoption of the Firefox Do Not Track (DNT) setting over the past two months, more than three times as many of our users have turned on DNT in Firefox Mobile than on desktop versions of Firefox.* The percentage is just over 17% on Firefox Mobile, compared with 5.6% on Firefox.

We don’t know the exact reason behind the higher adoption rate for DNT of our users in Firefox Mobile. It may be that people seeking alternative browsers to the default ones on Android devices are more technically savvy and likely to tweak settings than other users. Or it may reflect that the settings UI is stripped down with all the settings appearing on one pane, versus multiple tabs within the desktop preferences window. It could also be that people have increased concerns over privacy and tracking on mobile devices.

By way of background, Firefox Mobile is the only mobile browser that includes DNT today. We implemented the same Do Not Track privacy setting in Firefox Mobile for Android that became available to our desktop users at the beginning of the year. Firefox Mobile users enable the DNT setting in the settings pane and flipping on the “tell sites not to track me” switch. Once on, the mobile browser sends an HTTP header that reads DNT:1 to all first and third parties involved in any particular session.

With users increasingly browsing the web on mobile devices, we need to ensure that any DNT system works in browsers on both desktop and mobile devices, as well as on mobile apps used to access content, services and games on the Internet. It’s important to point out that DNT on a mobile browser doesn’t control how other apps installed on a device operate. This is an area where DNT still needs much more thought, otherwise we create a privacy system that is incomplete and doesn’t fully reflect the ways in which we access the Internet today. I’m also concerned about app-level DNT settings, should they emerge, where users end up having to enable and re-enable DNT from app to app. Perhaps DNT should be an OS-level setting. More work within the mobile industry is definitely required here.

Alex Fowler

*We don’t track users to determine these percentages. These stats reflect aggregate counts that we generate from recording the daily numbers of HTTP headers we receive that include DNT. Any well trafficked site can record these stats, including being able to also count the number of users with DNT enabled via Safari and IE9.

AdTruth Implements Do Not Track

Sid Stamm

2

Mozilla introduced the Do Not Track privacy feature to give users a way to tell companies they don’t want to be tracked online. We’ve seen growth and adoption of Do Not Track and are pleased to note that today, AdTruth, an Associate Member of the Internet Advertising Bureau (IAB), is launching patented device identification technology that honors the Do Not Track header that Mozilla introduced earlier this year. When people enable the Do Not Track feature in their browser, AdTruth’s technology will opt them out of tracking.

Check out the AdTruth announcement for more information.

Sid Stamm
Lead Privacy Engineer

Agreeing on Do Not Track

Tom Lowenthal

1

Last week saw the first meeting of the W3C’s Tracking Protection Working Group, a cross-section of advertisers, browser vendors, publishers and public interest groups come together to agree on a standard for Do Not Track (DNT).

We believe the group’s mission is vitally important. Without a well-defined DNT mechanism, it has been common for Web users to have their reading habits recorded by companies they have never heard of, and have no relationship with. Sophisticated tracking techniques have been appearing faster than users’ ability to defend against them. The mission of this working group is to give readers a simple and meaningful way to regain control.

Last week’s Working Group turnout was comprehensive, with about 40 folks present from a variety of organizations — comfortably more than the ten required by the charter. The chairs, Aleecia McDonald (Mozilla) and Matthias Schunter (IBM), emphasized the need to work quickly in producing this consensus standard and outlined an aggressive schedule, with the next meeting at the end of October, and a Last Call Working Draft expected before the end of the year.

In two days, we made healthy progress, agreeing broadly on the DNT header in its current form, and brainstorming ways to extend it into a more refined standard. There was no shortage of ideas around the table and we put together quite a to-do list of topics to work on in the coming weeks and months. Although there was healthy discussion on most of the issues raised, there was a surprising amount of agreement on many of the substantive questions, which bodes well for the production of a robust and widely-used standard.

The entire workings of the group are public. If you’re interested, then you can sign up for the group’s mailing list, which is also publicly archived. The minutes from both days of last week’s meeting are available, and further updates, including minutes of the weekly conference calls will continue to be archived on the group’s page.

This post was co-written by Peter Eckersley of the EFF, and Tom Lowenthal from Mozilla.

Building Privacy Into Telemetry

Sid Stamm

1

For a while now we at Mozilla have been talking about our privacy operating principles. We’ve been working hard behind the scenes to make sure we deliver on these promises, and want to share a little bit of the backstage work we’ve done to make Firefox live up to these promises.

In the latest version of Firefox, you’ll be given a chance to enable a new feature called Telemetry. This feature measures different bits about how Firefox is performing for you and sends these usage statistics to us so we can figure out where to focus our efforts to make it even better. Here’s how it lines up with our principles:

No Surprises: we ask before enabling Telemetry, and you can turn it off whenever you want in the Firefox options dialog. We’re not gonna collect any of this stuff until you say it’s okay.

Real Choices: When you update or install Firefox, it will ask if you want to help us out, and tells you about the kinds of data we will collect. Additionally, we’ve worked through many of the privacy implications of collecting this data — and that took a little work. We wrote it down for you to see why we’re collecting the data and the risks we’ve considered in our Privacy Review wiki pages for the Telemetry feature and each thing we want to measure. You can also download the about:telemetry add-on to see everything we’re collecting from you.

Sensible Settings: the data is sent to us over a secure (HTTPS) connection to our server, and is off until users enable it.

User Control: as the data collected is not personal information and it is stored in aggregate form, we won’t be publishing any data specific to you. Our performance team will probably talk about the aggregate statistics of the whole Firefox population (averages, trends and such), but we delete the anonymous data you send us when we can no longer use it to help us make Firefox better.

It is really important for us to learn how Firefox performs for you; we have a whole lot of automated tests, but those can only guess how it will work when you’re behind the wheel. So go update or install Firefox, then say “yes” to sending us performance data! You’ll be helping us make Firefox even better in a way that puts you in control of your data, and that’s important because this is your Firefox and we want you to be in charge.

Sid Stamm
Lead Privacy Engineer

Mozilla Publishes Developer Guide on DNT; Releases DNT Adoption Numbers

Alex Fowler

14

As many people know, Mozilla jumped into Do Not Track (DNT) in a big way earlier this year by providing Firefox users on desktop and mobile with a simple way to tell companies to stop tracking them online. We did this before knowing exactly how sites and advertisers would respond. We believed we had to do something to advance the debate and we counted on developers seeing the technical advantages to our approach over current proposals and practices.

Over the past six months, we’ve worked closely with developers at leading advertising, publishing and technology companies to implement DNT. Today we’re publishing our first edition of the The Do Not Track Field Guide.

Based on interactions with developers from leading companies that support DNT today, The Do Not Track Field Guide contains case studies, tutorials and sample code. We’ve also included a background section on our view of what the debate over DNT is all about. We hope that the Guide inspires  developers around the world to embrace the technology and also leads to subsequent editions with new tutorials and sample code.

Why developers care about DNT:

  • Browser Support: Mozilla, Microsoft and Apple include DNT in their browsers.
  • User Adoption: Millions of people are sending the DNT:1 signal today.
  • Better Opt-out: Persistent user preference that can be used to support most opt-out use cases.
  • Easy to Implement: Sites with existing opt-outs are reporting straightforward integration of the DNT header into their systems.

With the exceptions of Google Chrome and Opera, all the other major web and mobile browsers support DNT. We’ve had DNT in full production releases of Firefox and Firefox on Android since version 4. Microsoft’s IE9 includes the DNT header with its Tracking Protection List feature. Apple’s Safari added support for the DNT header in the release of Lion this summer.

Our Metrics team has been following adoption (in a privacy friendly way) over the past few months and we’re seeing almost 5% of our user base with DNT enabled (see today’s companion post from the Metrics team on the details). It’s been fascinating to watch the almost .01% increase each day. Another study published a few weeks ago looked at 100 million Firefox users and reported a slightly higher adoption rate of more than 6%. We’ve heard from publishers that they are seeing 1-3% higher rates than ours. If you have a web site, then you, too, can see how many people are asking you not to track them!

One of the most important things we learned in writing The Do Not Track Field Guide is that the companies that offer opt-outs for various tracking and profiling activities today have an easier time implementing changes to look for and respond to a user’s DNT signal. For instance, we spoke with an engineer who implemented DNT at an advertising company. He came to work one morning, read about DNT in Slashdot, wrote a few lines of code and was done before lunch. The advertising company already had an existing code base to support opt-out cookies so he was able to reuse existing code.

Another key learning is that not all opt-outs are created equal. We heard from developers who are excited to support the DNT header because it may someday soon enable them to remove ineffective cookie-based privacy opt-outs that did little to engender trust and sustain a user’s choice across their many desktop and device browsers. Not only is putting the control in the hands of the user better for the user, but it’s also better for the sites and apps from a technical and compliance perspective.

Here’s the PDF version of The Do Not Track Field Guide or you can click on the cover image above. Also, the sample code from the tutorials is available as a Zip file. Finally, you can find the Guide on the Mozilla Developer Network here, where we hope developers will begin to contribute additional implementations for the community.

Alex Fowler

Acknowledgments: This Guide is the result of substantial contributions from Aleecia M. McDonald, Sid Stamm, and our graphic designer Ty Flanagan. We’re grateful to the engineers who shared their implementations with us, as well as the many colleagues who provided us with input on the various drafts.

Update: I removed the statement that more people have DNT on than are using Adblock Plus. We took another look at the numbers and were concerned that we’d compared apples to oranges.

DNT Gaining Traction in Europe

Alex Fowler

The DNT meme has crossed the Atlantic! Two important policy makers in Europe made statements just one week apart supporting Do Not Track (DNT).  It appears there’s genuine interest by these EU regulators to determine how a website’s support for DNT meets compliance with legal obligations under the ePrivacy Directive.

I was in Paris today where Ed Vaizey, UK Minister of the Department for Culture, Media and Sport, told participants at the OECD High Level Meeting on The Internet Economy that “support for DNT is already being explored in the UK” and is part of the discussions underway by his Department’s Browser Working Group.

The strongest call for DNT in Europe came last week from Neelie Kroes, the Vice President of the European Commission responsible for the Digital Agenda for Europe. She told those of us participating in the Online Tracking Protection and Browsers Workshop in Brussels that “we should collectively pay more attention to the emerging ‘do-not-track’ technologies,” and she challenged industry in Europe to make it happen by June 2012. Here’s the key excerpt from her speech (and make sure you read the last sentence below):

DNT is simple: users can instruct their device or application to accompany all network requests with an indication that they do not want to be tracked. Service providers need to react to such explicit requests.

DNT has a lot of potential because it can apply:

  • First, to all networked devices and applications
  • Second, to all types of tracking and
  • Third, to all purposes of tracking.

DNT is already deployed in some web browsers. And some web businesses say they honour it.

But this is not enough. Citizens need to be sure what exactly companies commit to if they say they honour DNT. For example, there is an important difference between a commitment not to record tracks and a commitment not to use them for a specific purpose once recorded. When this is solved more users will deploy DNT – and it will become simpler – and companies will go along. So we are looking at a virtuous circle.

How do we get there? We need a standard! We need to standardise how the DNT signal and the expected reaction should look. The standard must be rich enough for users to know exactly what compliant companies do with their information and for me to be able to say to industry: if you implement this, then I can assume you comply with your legal obligations under the ePrivacy Directive.

I blogged a few weeks ago how I believe the DNT header can fit with the ePrivacy Directive, but I’ll be very interested to see how the thinking evolves among more knowledgeable policy makers and legal experts. And I’ll be sure to update my blog as I learn more…

Alex Fowler
[Reposted]

What’s the Browser got to do with EU e-Privacy Directive?

Alex Fowler

I’ve been in London this week to participate in a forum hosted by the ISBA on “Cookies, Privacy and Consumers: What Every Business Needs to Know,” as well as to meet with several people from consumer advocacy groups, leading technology companies and representatives of the UK government. The EU Privacy and Electronic Communications Directive goes into effect today in the UK and much discussion is underway about the role of browsers in the coming year here.

In the context of Mozilla’s ongoing support for people to better understand and control their Web experience and based on the meetings I’ve had here in London, my thoughts center on three major points:

  1. It’s important to focus on the intent of the e-Privacy Directive to empower Internet users with greater choice and control over online tracking. Inherently, this is not about cookies, nor is the Directive solely a technology challenge.
  2. I believe browser-based controls for cookies and tracking need to be simplified and harmonized to improve user experience and meet user expectations. We’re exploring ways the browser can help users convey intent regarding tracking in ways that enhance user experience and don’t break the web.
  3. However, the Directive is not about Firefox nor any other browser on the market today, nor does it require browsers to be configured or perform in any particular way. Compliance is solely the responsibility of any and all entities on the web that set cookies covered by the Directive on users’ computers and web-enabled devices.

A number of international law firms have published analyses of the e-Privacy Directive and the current implementations in the UK, France, Germany and other countries (e.g., Hunton & Williams, MoFo), so I won’t spend much time here on the specifics of the Directive. The UK Department of Media, Culture and Sport has published an open letter to the Internet on the the Directive, too, that provides additional guidance on how to interpret the Directive in the UK.

It’s fair to say browsers today have not harmonized the range of cookie controls in such a way as to send one clear, standardized signal to businesses that can be used as a proxy to meet compliance and respect consumer demands. Browser companies are just kicking off standards processes with the W3C and IETF that might be helpful in the future, but realistically it’s going to be months, if not longer, to achieve clarity at a technical level. Then there’s the question of getting users to adopt new versions of browsers with enhanced controls to further support user requirements and ease compliance efforts in this area.

It’s my view that site owners and third parties need to focus on improving privacy notices and statements that inform consumers of their cookie and tracking practices. In addition, any parties engaged in tracking consumers in the EU need to address compliance as if no new browser controls emerge. These are their consumers to loose and its their brand reputations on the line. Is it really our job as browser manufacturers to ensure consumer confidence and trust for their data practices?

Over the past few months, Mozilla has been supporting a new mechanism aimed at empowering users to control tracking online. Firefox 4, Firefox 4 Mobile and Firefox 5 Beta support a Do Not Track (DNT) feature, which when enabled, sends a HTTP header, DNT:1, telling publishers, advertisers and all third parties with which a user interacts online, that the user wishes to not be tracked. Based on browser upgrading trends for Firefox 4 and IE9, we anticipate that upwards of 25% of Internet users worldwide will have access to DNT by the middle of this summer. Apple’s announcement to include the same feature in the next version of Safari will only further accelerate DNT in the market.

Much has been written about DNT over the past few months, but it isn’t clear what the relationship is between DNT and the e-Privacy Directive.

Both DNT and the Directive are intended to provide more transparency, choice and control to users. The e-Privacy Directive requires “prior consent,” for cookie-based tracking, while the DNT feature is an opt-out for all types of online tracking, including cookies. While DNT and the Directive are different in purpose, there is an intersection.

The power of DNT comes from the user turning it on, thereby giving sites and third parties full confidence that the presence of the DNT:1 header is the individual user’s preference to not be tracked online. This is similar to what business and government representatives in the UK are saying right now. By the same token, sites and third parties in Europe engaging in cookie-based tracking will need to solicit permission from users regarding persistent cookies and other tracking techniques at some point in their interaction with these users.

Publishers, advertisers and third parties interacting with users online should consider how to respect users who’ve enabled DNT via the browser. Some data protection authorities may interpret the presence of the DNT setting as an indication that “here’s an informed user” who has opted out of the setting of persistent cookies covered by the Directive. This is one approach and others will need to be considered. Ignoring users with DNT enabled, however, which might be discovered by auditing server logs, could also impact user trust, brand reputation, and perhaps raise questions about compliance with the Directive. So both are going to be important factors worthy of consideration.

Users should be in control of their browsing experience. Cookies influence users’ browsing experience in many important and positive ways. They can also be used in ways that are surprising for users.

I’m supportive of efforts that increase transparency and enable users to manage their personal information online, whether created solely through technology or regulatory/self-regulatory measures or some combination of technology, industry standards and government regulations.

Along these lines, I believe the e-Privacy Directive can further enhance consumer protections for privacy and empower users with greater choice and control, depending on how sites and browsers support the Directive. At the same time, there are other forms of online tracking outside of cookies (e.g., device tracking, browser fingerprints) that need to be addressed, and any browser-based controls focused on compliance with the Directive will only address a portion of the many new ways users access the Internet (e.g., mobile devices and apps).

I’ll continue to work with my colleagues and the Mozilla community to innovate in this area and work with key stakeholders such as industry and standards groups, publishers, advertisers and policy makers. We’re at the beginning stages of evaluating how we can improve tracking protections online that bridge DNT and cookie-based controls with other privacy-enhancing technologies. I think one of our first efforts will need to be to further inform Firefox users about how cookies work and take steps to enhance cookie controls in the browser. One of the advantages Mozilla has as an open source software project is its very active community of users, developers and partners in Europe. I’ll make every effort to engage with that community as we explore browser-based options and tracking protections.

Alex Fowler
[Reposted]

Catching up on DNT Developments

Alex Fowler

Mozilla continues to see progress with regard to Do Not Track, including adoption by online marketing, ad networks and tracking companies.

It’s certainly fair to say that market adoption of Do Not Track will take longer than it took Mozilla to create the mechanism and see it implemented by other major browsers over the span of two short months. While we continue to see positive discussions and strong interest from a broad range of publishers, advertisers, ad networks and data tracking companies, most of the major Internet players appear likely to wait to see what happens next before taking that first step. We’ll continue to support our users in asserting greater choice and control over their online experience, and we’ll work with leading players who recognize the need to embrace those users.

That said, there are several developments worth highlighting, including:

  • The W3C held its first workshop on tracking protection and will issue its report any day now.
  • Three additional online marketing companies have publicly stated their support for DNT: Chitika, Effective Measure and bluecava.
  • The DNT feature is now part of the Privacy Panel in Firefox 5 Beta.
  • We’ve provided UI to enable the DNT feature in Firefox Mobile on Android and Maemo.

Mozilla co-sponsored the W3C Workshop on Web Tracking and User Privacy last month, along with Adobe, Google, Microsoft and Yahoo. From our perspective, the workshop was very well organized and covered a lot of ground in a few days. The W3C stated in a blog post last week that “…the points of agreement suggest that real interoperable progress on tracking protection — the kind that will help the average end user’s privacy — is on the way.” The workshop report is due out any day now, and the W3C says web tracking will soon become the subject of a Working Group to undertake technical standards work.

In addition to the AP News Registry, which we announced had implemented the DNT header across 800 news sites servicing 175 million unique visitors each month, we’re pleased to learn that three more companies have implemented support for DNT across their services.

Chitika, an independent ad network that, according to its site, serves over 3 billion monthly ad impressions across 100,000s of sites. When users with DNT enabled encounter an ad served by Chitika, the company responds as if the user had installed Chtika’s opt-out cookie. If you browse to Chitika’s privacy policy with DNT enabled in your browser, they also demonstrate how use of the DNT signal can be used to personalize a notice.

Effective Measure, which provides “digital audience measurement, website rankings, internet demographics and media planning tools for publishers, agencies and digital marketers,” wrote in a guest blog post on the Privacy Choice blog that they:

“suppress a number of pieces of information that can be identified to the remote users computer – notably their IP address and User Agent” (a value sent by your browser on each request to identify your browser, its version and the operating system used). Inclusive to the solution that we offer, we flag traffic coming from users who send the DNT header. This is then discounted from any of our products or services above and beyond core audience measurement.”

It would be cool to see Effective Measure update its opt-out page to emulate Chitika and show people who have enabled DNT that they’re already opted out.

At last week’s pii2011 event in Santa Clara, my co-panelist David Norris, bluecava’s CEO told the audience that his company respects the DNT header, which is particularly relevant as the company ramps up “to digitally fingerprint 10% of the 10 billion devices connected to the Internet this year.” I don’t know all the details behind bluecava’s DNT implementation, but I’m eager to find out more. Perhaps Jim Brock with Privacy Choice can convince David to guest blog the details, or perhaps I’ll ask him first. It would also be great to see bluecava follow Chitika’s example of recognizing users with DNT enabled on its privacy preferences page.

With this week’s release of Firefox 5 Beta, I’m happy to report that the DNT feature is making the move onto the Privacy Panel within the browser, as opposed to its current location under Advanced settings. Here’s a screenshot of how the new panel looks:

Feel free to download the beta and let us know what you think!

Last, but not least, we released new UI for users of Firefox 4 Mobile for Android and Maemo to turn on DNT. My colleague Sid Stamm issued a post earlier this week on this development, which includes a great screenshot.

As always, your comments and input will be much appreciated!

Alex Fowler
[Reposted]

Industry Adoption of DNT Underway

Alex Fowler

1

Mozilla’s Do Not Track privacy feature in Firefox provides users more control over online behavioral tracking. Two developments bring it closer to being respected by industry.

Mozilla is a nonprofit organization committed to making the Web better and putting users in control of their Web experience. As part of this mission, we’re developing and implementing technologies that give people easy and effective privacy controls.

Mozilla introduced the Do Not Track (DNT) HTTP header approach in January and launched the feature in Firefox 4. We’ve worked closely with more than fifty leading companies and trade groups to help devise ways to implement DNT and offer users more control over how their browsing behavior is tracked and used online. Mozilla is working with the W3C and IETF organizations to standardize the DNT header, and we were pleased to see Microsoft subsequently include the mechanism in Internet Explorer 9.

To provide users more choice and control over online behavioral tracking, it’s essential that publishers and advertisers adopt and implement Web technologies that respect consumers’ wishes to not be tracked across their Web properties and services.

Today there are two significant developments on this front:

  • The AP News Registry service, run by the Associated Press, implemented the DNT header across 800 news sites servicing 175 million unique visitors each month.
  • The Digital Advertising Alliance (DAA), which includes the five major media and advertising agencies, is initiating a process to explore incorporating the DNT header, as proposed by Mozilla, into its Self-Regulatory Program for Online Behavioral Advertising (OBA). The DAA represents more than 5,000 leading media and technology companies that span the entire marketing-media ecosystem.

The Associated Press (AP) is the first company to deploy DNT on a large scale, and it only took a few hours for one engineer to implement. The AP News Registry tracks 1 billion impressions of news content, with 175 million unique visitors per month, and has membership with more than 800 sites. When consumers send a DNT preference via the browser while viewing a story at one of its publisher’s sites, the AP News Registry no longer sets any cookies. The previous solution was for users to opt-out via a link to a central opt-out page referenced in each participating news site’s privacy policy. They still count the total number of impressions for each news story, but aggregate consumer data for those with DNT in a non-identifiable way.

Since Mozilla issued the DNT proposal in late January, we have been engaged in productive and fruitful discussions on DNT with stakeholders across the industry, including the major ad groups and publishers. The turning point in the discussion came a few weeks ago, following a presentation from the FTC and ensuing industry call to discuss melding browser-based DNT implementations with self-regulation. Just last week, the leaders of the five groups that make up the DAA approved moving forward with determining how to include the header into its existing program. As a result, Mozilla will collaborate with the DAA and other stakeholders to explore both business and technical requirements to further support broad implementation of the DNT header.

Over the last eight weeks we’ve heard that the DNT header wasn’t technically feasible, that it would break the web, and that no one would sign up to respect the header. It’s too early to claim victory, as there are many challenges and details yet to be to addressed, but the current momentum and support for DNT, including real-world implementations like the AP’s, certainly suggest that these criticisms may have been too hasty.

We’ll continue working with our users, online advertisers, publishers, developers, consumer groups and policy makers to flesh out DNT implementations and ensure DNT evolves into a meaningful tool for enhancing consumer privacy online. We believe the HTTP header is a constructive approach and one of the many areas we’re exploring to put users in control of their Web experience.

Alex Fowler
[Reposted]

Note: This post is modified from the original one published on the Mozilla blog.
Photo Credit: OlliL

Mozilla’s Comments to the FTC on Privacy

Alex Fowler

Last week we submitted comments to the U.S. Federal Trade Commission in response to their request for comment on a proposal describing a new framework for protecting consumer privacy in both online and offline environments.

The FTC sought input on a broad range of of issues from online privacy protections for children to the blending of distinctions between PII and non-PII. More than 400 comments were submitted from a wide array of interests including  individuals, consumer groups, advocacy coalitions, advertisers, social networks and all kinds of service providers. You can see the complete list here. It’s worth reading a few of these to get a sense of the discourse (i.e., Future of Privacy Forum, Facebook, CDT, and US Chamber of Commerce).

In summary, the Mozilla comments recommended:

  • Expanding the definition of personal information to data that can be reasonably linked to a specific consumer, computer or device. The emergence of browsing history, geolocation, behavioral advertising data, browser fingerprints and the social graph are examples of personal information that warrant additional consideration to prevent unintended secondary uses.
  • Adding industry best practices, standardization and technology tools to Privacy By Design initiatives to help consumers make sense of an array of similar and confusing privacy configurations across the Web.
  • Adoption and creation of a uniform and comprehensive choice mechanism through a new Do Not Track (DNT) HTTP header as part of an evolutionary arc of privacy improvements.
  • Continued FTC leadership to develop consensus on the scope of DNT as it relates to online behavioral advertising and implementation across the online advertising industry.
  • Using contextual notices in conjunction with other enhancements, such as graphical icons, to improve online privacy policies and notices.

We expect the FTC will spend some time evaluating and organizing the feedback they received, and later this year, will issue a follow-up report with suggested next steps. In the meantime, let me know what you think.

Alex Fowler
[Reposted]