Editor’s note: Originally appeared on the Bizo blog.
Debates about the Federal Trade Commission’s call for a “Do Not Track” system to protect consumer Internet privacy have been going on for several weeks now. But only in the last few days has the issue become very “real” for many consumers with the development of actual Web browser features purportedly designed to give users more control. While I won’t go into vast detail, it’s worth taking a brief look at how each of the leading browsers are choosing to handle the issue, and the “grades” I believe each should get for their efforts:
Microsoft Internet Explorer 9 – If a user enables “Do Not Track” functionality, the browser will be able to compile and read a list of sites, with which a user can then use to create an “allow” list or a “block” list.
- I give this a B for the concept, an F for laziness in implementation, an F for usability and an F for coordination with the industry.
Google Chrome – Through a “Keep My Opt-Outs” Extension, the Google Chrome browser will allow the user to opt out and “save” these opt-outs even if they later clear their cookies.
- I give this a C for user experience, an F for effort (it broke our test browser), and an F for user-likelihood to implement.
Firefox 4.0 – Mozilla is developing a feature that will allow users to send a request to websites asking them to “Do Not Track” which the website will then have to agree to honor.
- I give this a B for creativity, and a D for being a blunt instrument.
Net results: two thumbs down – none of these are going to work by themselves. To be fair, each company is still in the process of figuring out its strategy here, and the industry still lacks a best practice approach. However, combine all three in the right way, and there may be a wonderful consumer solution that will allow for continued success and innovation in the ad industry.
There are already standards that have been in use by users for a decade to manage bookmarks and browser updates. Let’s use them! As both a consumer and someone from inside the industry, I would like to apply these accepted and well-understood concepts to the privacy problem. Here is my recommendation on how the system would work:
- Browsers would ship with “safe lists” that organizations such as the Network Advertising Initiative (NAI), The Self-Regulatory Program for Online Behavioral Advertising, and other approved organizations would publish. These would be dynamic lists of approved advertising vendors and domains based on their conformance with agreed-upon privacy principles, which browsers would access and update periodically with the standard browser updates.
- This would be the default setting of the browser, similar to how some bookmarks come pre-shipped in today’s browsers. As with bookmark systems, users would be able to add or remove companies from the “safe lists” with a system that they’re already used to. For example, when a user sees the “Forward i” icon that indicates that the ad is being served by a participating behavioral tracking vendor, they can simply hit “remove from safe list” if they do not want that vendor to track them any longer. With just a simple click, the vendor is forever off the “safe list” unless the user decides to bring them back.
- Browsers would block ALL third-party cookies not on the “safe list” which would force vendors to apply to and conform to the standards of the industry.
- Finally, if a user desired, they could reduce the privacy settings to make the browser ignore the “safe list” to accept more tracking and personalized content. They could also go the other direction and “block all” and the browser would additionally send a header request to the site saying “this user does not want to be tracked” to give the site the ability to address the user differently and potentially with different content knowing their preferences.
In this scenario, users are empowered to take control of their online privacy in an easy-to-use, familiar way, and regulatory bodies as well as industry consortiums can help to provide a standardized set of “safe lists,” which users can then ultimately tailor to suit their preferences. Additionally, vendors who would like to use cookies for tracking will be forced to participate in programs in order to be added to the “safe-lists” or they will have significant trouble getting any traction in the market. Finally, for those users who want to be “off the grid” regardless of the loss of user experience, they can still do so.
Regardless of which browser you use and how that company chooses to handle its “do not track” tools, what it comes down to is this – online privacy for consumers can only be safe-guarded through the joint efforts of industry, technology, and the consumers themselves. A browser is the gateway to the Internet, and by taking the steps above, the industry can continue to innovate, personalize and improve the experience of the Web, while giving the consumer full and easy-to-implement privacy controls.