Skip to main content

W3C to consider Microsoft’s “do not track” proposal for standard

Image used with permission by copyright holder

The World Wide Web Consortium (W3C) has accepted Microsoft’s submission of the “do not track” technology the company developed for Internet Explorer 9 for consideration as a possible Internet standard. The technology basically operates via “Tracking Protection Lists” that can be published by any number of providers. If Web users like the thought behind a particular list, they can subscribe to it and have the the sites and services specified in the Tracking Protection List automatically blocked as users browse the Web normally.

“The privacy concerns from consumers and academics and governments world-wide have both technical and non-technical aspects,” Microsoft’s Dean Hachamovitch wrote in its official Internet Explorer blog. “Addressing these concerns will involve technology. The W3C’s involvement provides the best forum possible for that technology discussion. Just as the community has worked together at the W3C on interoperable HTML5, we can now work together on an interoperable (or universal, to use the FTC privacy report’s term) way to help protect consumers’ privacy.”

Online tracking sites and services have come under increasing scrutiny from consumer advocates and government policy makers. Tracking services collect information about the sites users visit, what they search for, and even where they click in some sites in order to gather more insights into the users’ behaviors and preferences. This data is then sold to marketers or directly used to target advertising that may be more tailored to a users’ interests. However, while marketers claim many consumers find targeted ads make their online experience more relevant, the privacy concerns can be significant: for instance, consumers might be deeply troubled if they knew marketers were trading information about time users spent online researching a medical condition.

“The proposal with the W3C is a significant step toward enabling an industry standard way for Web sites to (1) detect when consumers express their intent not to be tracked, and (2) help protect themselves from sites that do not respect that intent,” Hachamovitch wrote.

Microsoft’s proposed standard is opt-in: sites would have to voluntarily check for page properties or headers indicating a particular user did not want to have their activity track, and then put mechanisms in place to ensure tracking information was not collected or passed along to third parties. The proposed standard just deals with technological ways of handling tracking preferences; it does not propose any enforcement or compliance monitoring solutions: technically, sites could claim to honor do-not-track preferences and collect tracking information anyway.

Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more