Do Not Track Roundup


  • A lot of the reportage here is from NYT.
  • Even the copy-pasters in the blogosphere are using NYT material directly.


Who & What

  • Abine
  • AdBlock Plus
  • Adobe Flash Player with local storage objects (LSO)
  • Dan Auerbach; staff technologist; Electronic Frontier Foundation
  • Mary Ellen Callahan; a partner at Jenner & Block; former Chief Privacy Officer for the Department of Homeland Security.
  • Children’s Online Privacy Protection Act
  • Brian Kennish; Disconnect; ex-Google
  • Google DoubleClick
  • Electronic Frontier Foundation
  • Erin Egan; Chief Privacy Officer, Facebook.
  • Brendan Eich; founder, Mozilla
  • Keith Enright; Chief Privacy Officer, Google.
  • Roy Fielding; Adobe, also Apache
  • Alex Fowler; Chief Privacy Officer, Mozilla.
  • Hunton & Williams, NY.
  • Stuart Ingis; a lawyer for the Digital Advertising Alliance,
  • Samy Kamkar; of the Supercookie
  • Fatemeh Khatibloo; analyst, Forrester
  • Jon Leibowitz; chairman, F.T.C.
  • Bob Liodice; CEO of ANA
  • Brendon Lynch; Chief Privacy Officer, Microsoft
  • Jonathan Mayer; advocate, student, Stanford
  • Moms With Apps
  • Arvind Narayanan; and Vitaly Shmatikov.
  • Path; an app; spanked for u13 violations by the FTC; statement
  • Paul Ohm; professor (of law); Boulder CO?
  • Online Behavioral Advertising, or OBA.
  • Jules Polonetsky; founder, Future of Privacy Forum.
  • Privacy by Design
  • Peter Swire; law prof?; chair, DNT WG at W3C
  • Morgan Reed; executive director, Association for Competitive Technology, a trade group representing app developers.
  • Joel R. Reidenberg; professor, Center on Law and Information Policy, Fordham Law School
  • Senator John D. Rockefeller IV; VA-D.
  • Lisa J. Sotto; managing partner of Hunton & Williams, NY.
  • David C. Vladeck; professor; Georgetown Law; through 2013-01, director of the Bureau of Consumer Protection at the F.T.C.
  • Vitaly Shmatikov; and Arvind Narayanan
  • Wave Systems, product Scrambls
  • Worldwide Web Consortium (W3C)
  • W3C Tracking Protection Working Group
  • Mike Zaneis; general counsel, IAB.


Archaeological order, as usual

  • ; Why Do Not Track faces an uphill road; In Fortune; 2013-03-04.
    Teaser: ‘Do Not Track’ sounds a lot like ‘Do Not Call.’ But unlike telemarketing, online ad-tracking takes place unobtrusively, behind the scenes.
  • ; Web Privacy Becomes a Business Imperative; In The New York Times (NYT); 2013-03-02.
  • Do-Not-Track Online Act of 2013; Senators Rockefeller & Blumenthal; the bill itself. 12 pages.
  • Brendan Sasso; Rockefeller introduces bill to limit online tracking; In Hillicon Valley; 2013-02-28.

  • Natasha Singer; Senator Seeks More Data Rights for Online Consumers; In The New York Times (NYT); 2013-02-28.
  • ; In the Tracking Wars, It’s Browser Makers vs. Advertisers; In The New York Times (NYT); 2013-02-25.
  • Peter Swire (W3C); Full Steam On Do Not Track; In Their Blog; 2013-02-13.
    Statement: standard by 2013-Q3 (summer).

    1. Create a standard through the W3C.
    2. Be consistent with the group’s charter.
    3. Make a change from the status quo.
    4. Justify why a user’s choice of DNT reduces tracking for participating web sites.
    5. Drive adoption of the final standard.
  • Mobile Privacy Disclosures: Building Trust Through Transparency; Federal Trade Commission (FTC); 2013-02-01.

  • DAA Statement on DNT Browser Settings; press release; 2012-10-09.

    • The DAA is a consortium of, among others:
      • American Association of Advertising Agencies (4A’s)
      • the American Advertising Federation (AAF)
      • the Association of National Advertisers (ANA)
      • the Direct Marketing Association (DMA)
      • the Interactive Advertising Bureau (IAB)
      • the Network Advertising Initiative (NAI)
    • Locations
    • The DAA Principles
      • Self-Regulatory Principles for Online Behavioral Advertising
      • Self-Regulatory Principles for Multi-Site Data.
    • Quotes:
      • <quote>The trade associations that lead the DAA do not believe that Microsoft’s IE10 browser settings are an appropriate standard for providing consumer choice. Machine-driven do not track does not represent user choice; it represents browser-manufacturer choice. Allowing browser manufacturers to determine the kinds of information users receive could negatively impact the vast consumer benefits and Internet experiences delivered by DAA participants and millions of other Web sites that consumers value. In addition, standards that are different than the consensus-based DAA Principles could confuse consumers and be difficult to implement. A “default on” do-not-track mechanism offers consumers and businesses inconsistencies and confusion instead of comfort and security.</quote>
      • <quote>The DAA Principles, self-regulatory program, and consumer choice tool is the only mechanism in the marketplace that truly provides consumers with clear transparency, choice, and meaning about how their data will and will not be used. For these reasons, the DAA’s constituent trade associations continue to support these efforts by the DAA.</quote>
  • Microsoft turns on ‘do not track’ by default in IE10; In CNN Money; 2012-06-01.
  • Jeff Blagdon; ‘Do Not Track’ Explained; In The Verge; 2012-10-12.
    Summary: historical survey

    • Lots of pointers to previous articles in The Verge
  • Christopher Soghoian; The History of the Do Not Track Header; In His Blog; 2011-01-21.
  • Paul Ohm; Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization; In UCLA Law Review; Vol. 57, No. 1701; 2010.
  • Philippe Golle; Revisiting the Uniqueness of Simple Demographics in the US Population; In Proceedings of WPES; 2006-10-30.
    Abstract-of-Abstract: The results generally agree with
    the findings of [10], although we find that disclosing one’s gender, ZIP code and full date of birth allows for unique identification of fewer individuals (63% of the US population) than reported previously.

    • L. Sweeney; “Uniqueness of Simple Demographics in
      the U.S. Population”; In Proceedings of LIDAPWP4; Available from Carnegie Mellon University, Laboratory for International Data Privacy; Pittsburgh, PA; 2000.
  • Arvind Narayanan and Vitaly Shmatikov; Robust De-anonymization of Large Sparse Datasets; 2008.
    Abstract-of-Abstract: We apply our de-anonymization methodology to the Netflix Prize dataset, which contains anonymous movie ratings of 500,000 subscribers of Netflix, the world’s largest online movie rental service. We demonstrate that an adversary who knows only a little bit about an individual subscriber can easily identify this subscriber’s record in the dataset. Using the Internet Movie Database as the source of background knowledge, we successfully identified the Netflix records of known users, uncovering their apparent political preferences and other potentially sensitive information.
  • Center for Democracy & Technology (CDT); Consumer Protection from Behavioral Advertising; 7 pages; 2007-10-31; Submitted to: Donald S. Clark; Secretary, Federal Trade Commission; In advance of the FTC Town Hall, “Behavioral Advertising: Tracking, Targeting, and Technology,” 2007-11-01 & 02 in Washington, D.C.

Comments are closed.