Spy Cookie HTML5 Flash

Microsoft Not Backing Down On IE10 ‘Do Not Track’ By Default

Microsoft still wants DNT by default in IE10 even though it would not comply with the latest proposed specification

On by Thomas Brewster 2

Microsoft is still planning on keeping a ‘Do Not Track’ (DNT) feature as default in Internet Explorer 10, despite reports suggesting it would not be able to do so.

Just last week, Microsoft impressed privacy advocates but infuriated advertisers by announcing it would turn DNT on by default – something that other major browser makers like Google and Mozilla have not ventured to do.

DNT, a specification that will eventually be finalised by the W3C (World Wide Web Consortium), offers users a way of telling those trying to put cookies on their machines that they do not want to be tracked.

But a proposed draft specification for DNT, drawn up by the Electronic Frontier Foundation’s Peter Eckersley, Mozilla’s Tom Lowenthal and Stanford University’s Jonathan Meyer, said DNT should only be switched on by the user, not by the browser maker. If that stipulation, printed by Wired, came into effect in the final specification, IE10 would not be compliant with the official guidelines.

Microsoft responds

Yet Microsoft has said it still wants a privacy setting on by default. “We are engaged with the W3C, as we are with many international standards bodies. While we respect the W3C’s perspective, we believe that a standard should support a privacy by default choice for consumers,” said Brendon Lynch, chief privacy officer from Microsoft.

Microsoft also pointed TechWeekEurope to a W3C-led recap of a meeting in which DNT was discussed, in which participants noted that the specification was only at draft stage and in no way disrupted Microsoft’s plans for DNT by default.

Aleecia McDonald, who works on privacy issues for Mozilla, had to backtrack on a previous statement in which she said, under the current group consensus, IE10 would not comply with W3C’s guidelines. “Microsoft IE, as a general purpose user agent, will not be able to claim compliance with DNT once we have a published W3C Recommendation. As a practical matter they can continue their current default settings, since DNT is a voluntary standard in the first place. But if they claim to comply with the W3C Recommendation and do not, that is a matter the FTC (and others) can enforce,” McDonald said.

In a subsequent email discussion, participant Bjoern Hoehrmann said in response to McDonald’s claims: “There is no basis for claiming that ‘Microsoft IE will not be able to claim compliance’.”

“Bjoern makes a fair point that it will be quite a while before we have a final recommendation with which to comply or not,” McDonald responded.

“Draft texts can change, including through the path of Formal Objections. But at this point in time, I do believe I accurately captured the consensus of the group, with those caveats and process points in place.

“Another very important note: at least one person misread my post as I suggesting I believed Microsoft would eventually claim compliance when they do not comply. That is not at all what I was suggesting. My apologies to anyone who misunderstood me. I was not trying to malign Microsoft here.”

How well do you know web browsers? Try our quiz!

Thomas Brewster
Author: Thomas Brewster
Security Correspondent, TechWeekEurope
Thomas Brewster Thomas Brewster Thomas Brewster
Techweekeurope for mobile devices
Android-App Google Currents App for iOS

Last comment




2 replies to Microsoft Not Backing Down On IE10 ‘Do Not Track’ By Default

  • On June 11, 2012 at 10:16 am by brian m

    Nice to see Microsoft doing the right thing, respecting the privacy of those who are not up to speed on privacy issues and technology.

    If the DNT specification finally says this should be off by default, then that’s like a co-operative of thieves saying doors and windows should not be locked by default!

  • On June 18, 2012 at 1:11 pm by Martin B

    I do not think that likening browser makers to “a co-operative of thieves” is fair just because the DNT is not switched on by default.

    Quoting something above “we believe that a standard should support a privacy by default choice for consumers”. The important word here is choice. Perhaps a clearer solution would be to have a ‘first run’ dialogue that gives the user a choice as to whether to activate DNT or not with some information about the differences. That way the user has a choice and does not have something turned off that they later can’t find how to switch on.

Leave a Reply

  • Required fields are marked *,
    Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>