Should people be able to demand that websites 'Do Not Track' them?

Tiny files called cookies can allow advertisers and even law enforcement officials to track what websites people visit. But negotiations to adopt a universal feature to prevent web tracking has been contentious, leading a group of lawmakers to step in.

The website of the U.S. Central Intelligence Agency (CIA) was unresponsive and unavailable after reports that it had been hacked in June 2011. Adopting a universal feature on all web browsers that would prevent web tracking by law enforcement agencies and advertisers called "Do Not Track" has remained in limbo since being proposed by the Federal Trade Commission in 2010.

Jim Bourg/Reuters file

October 9, 2015

For most web users, the tiny files called cookies, which collect bits of information about a person’s web browsing, mostly go unnoticed.

But they have a surprisingly large influence over how people experience the Web. They can control banner ads and popups, affect which products show up in online advertisements, and even determine what results come up first in online searches.

Cookies are at the center of a battle that has been raging for five years over the so-called “do not track” feature in many Web browsers, which aims to prevent mass harvesting of information about a user’s online habits, particularly when such information is collected without that person’s consent.

Why Florida and almost half of US states are enshrining a right to hunt and fish

A universal do-not-track feature has been advocated by privacy groups after being introduced by the Federal Trade Commission in 2010. But the World-Wide Web Consortium (W3C) – composed of software companies, academics, privacy groups, and others who determine international Web-browsing standards – has long struggled to develop a unified approach for the feature.

The somewhat-arcane debate over Internet tracking has mostly simmered quietly, but now some lawmakers are arguing that a working group the consortium set up to develop the standard has become overly influenced by tech industry concerns, putting those interests ahead of protecting consumers from the possibility of privacy invasion. The group is currently chaired by representatives from Adobe and Intel.

“Unfortunately, the group’s composition no longer reflects the broad range of interests and perspectives needed to develop a strong privacy standard,” Sen. Edward Markey (D) of Massachusetts, Sen. Al Franken (D) of Minnesota, and Rep. Joe Barton (R) of Texas wrote in a letter on Wednesday to the consortium. “The ‘Do Not Track’ standard should empower consumers to stop unwanted collection and use of their personal data. At the same time, the standard should not permit certain companies to evade important consumer protections and engage in anticompetitive practices."

A small number of companies and advertisers, including Pinterest and Twitter, have pledged to honor a user’s choice to select do not track in his or her browser. But because cookies are often collected in the background, even if a site adopts the policy, it cannot guarantee that a so-called third party advertiser or social media company that posts content on the site will also honor that commitment, the lawmakers say.

It’s an argument that has been raised by privacy groups, particularly the Electronic Frontier Foundation, which is involved with the consortium and released its own do-not-track proposal in August, along with software called Privacy Badger that is designed to stop third-party tracking.

Tracing fentanyl’s path into the US starts at this port. It doesn’t end there.

“We believe that any plausible Do Not Track policy *must* offer users more concrete guarantees about the circumstances under which their reading habits will be collected, retained, or shared by various parties,” Peter Eckersley, EFF’s chief computer scientist wrote in an e-mail to the group on Wednesday.

Tracking is a particular concern for advertisers, who use the information collected from many users’ browsing histories to design so-called behavioral ads that change depending on what sites a user visits.

The debate has been long-running, and negotiations have broken down several times. In 2010, Congress held hearings on Internet tracking, responding to media reports that the country’s top 50 websites were installing 64 pieces of tracking technology on the computers of people who visited them, the Christian Science Monitor’s Mark Clayton reported in 2013.

The tracking information is also a boon to law enforcement agencies, one expert told the Monitor.

"Law enforcement loves Facebook, Google, and all this tracking because any facts obtained by by business can later be subpoenaed by law enforcement,” Chris Hoofnagle, a lecturer-in-residence at the University of California’s Berkeley Center for Law and Technology says. “...The idea is: If you [the consumer] are willing to let Google track you, how can you object to law enforcement tracking you and accessing that data as well?”

The advertisers’ stance alarmed the FTC, which regulates anti-competitive practices in the US. In 2013, FTC Chairwoman Edith Ramirez even employed a slew of Shakespearean references to explain the regulators’ strong advocacy of do not track before the country’s oldest trade group of advertisers. Referring to the famous “what’s in a name” soliloquy from "Romeo and Juliet," she told the American Advertising Federation: “At the FTC, we don’t mind what you call that rose, as long as you use easy-to-find, easy-to-understand disclosures to document claims and provide essential information about its sweet smell.”

With this latest round of advocacy, Sen. Markey, Sen. Franken, and Rep. Barton say they would like to see do-not-track become a default feature enabled on all browsers. But they add that they’re not in favor of restricting online competition, just maintaining adequate privacy protections.