Out-Law News | 29 Oct 2012 | 4:20 pm | 3 min. read
Microsoft has announced its intention to introduce 'do not track' (DNT) privacy settings as a default position for users of its imminent new Internet Explorer browser (IE10). The move would mean that users would actively have to alter their settings in order to allow websites and advertising networks to track their online activity in order to serve personalised content based on their browsing history.
The World Wide Web Consortium (W3C), which is responsible for ensuring that web technology is based on an agreed set of technical standards, has been working on developing a new DNT controls system for operation within web browser settings. Yahoo! has been among the organisations to have participated in the negotiations but to-date an agreed DNT standard has yet to be finalised. The W3C has previously said that DNT should not be switched on by default but should require an explicit instruction to begin working.
Yahoo! said that although it supports DNT "in principle" it had chosen to ignore IE10 users' default settings on the basis that it feels the settings reflect the "intent" of Microsoft and not of individuals.
"Unfortunately, because discussions have not yet resulted in a final standard for how to implement DNT, the current DNT signal can easily be abused," Yahoo! said in a policy blog. "Recently, Microsoft unilaterally decided to turn on DNT in Internet Explorer 10 by default, rather than at users’ direction. In our view, this degrades the experience for the majority of users and makes it hard to deliver on our value proposition to them. It basically means that the DNT signal from IE10 doesn’t express user intent."
"Ultimately, we believe that DNT must map to user intent – not to the intent of one browser creator, plug-in writer, or third-party software service. Therefore, although Yahoo! will continue to offer Ad Interest Manager and other tools, we will not recognize IE10’s default DNT signal on Yahoo! properties at this time," it said.
"Yahoo! is committed to working with the World Wide Web Consortium (W3C) to reach a DNT standard that both satisfies user expectations and provides the best Internet experience possible. We will closely evaluate our support for DNT as the industry makes progress in reaching a meaningful, transparent standard to promote choice, reduce signal abuse, and deliver great personalized experiences for our users," the company added.
Yahoo! is not the first body to raise objections to Microsoft's default DNT settings intentions.
Earlier this month the Digital Advertising Alliance (DAA) in the US said that members of the organisations that comprise it will not be considered to be violating self-regulatory rules that govern their online behavioural advertising practices if they simply ignore the DNT settings in IE10. The DAA is made up of a number of ad industry groups, including the Internet Advertising Bureau (IAB) and Direct Marketing Association (DMA).
Microsoft has defended its approach to DNT. It has said that 75% of PC users in Europe and the US want it to turn 'on' DNT. The company said that users can "easily switch" the settings off if they want.
Regulators have been closely monitoring developments with regards to DNT in both the US and EU. The Commissioner responsible for the EU's Digital Agenda, Neelie Kroes, has admitted that the she is "increasingly concerned" about the "delay" in concluding the "standardisation work" for DNT and said that her primary worry was that the developers had been guilty of "watering down" the standard.
Kroes has been seeking a uniform way for web users to opt out of being tracked by 'cookies', but in a speech earlier this month indicated that she is resigned to accepting that organisations currently developing the DNT standards will not deliver that result.
In 2009 the EU's Privacy and Electronic Communications Directive was changed to demand that storing and accessing information on users' computers was only lawful "on condition that the subscriber or user concerned has given his or her consent, having been provided with clear and comprehensive information … about the purposes of the processing".
An exception exists where the cookie is "strictly necessary" for the provision of a service "explicitly requested" by the user – so cookies can take a user from a product page to a checkout without the need for consent, for example. The Directive's amendments were introduced into UK law through changes to the UK's Privacy and Electronic Communications (ePrivacy) Regulations, with the Information Commissioner's Office (ICO) tasked with monitoring compliance and enforcement of the rules.