[tor-bugs] #5501 [TorBrowserButton]: enable Do-Not-Track DNT by default

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Thu Mar 29 01:16:56 UTC 2012 

#5501: enable Do-Not-Track DNT by default
------------------------------+---------------------------------------------
 Reporter:  cypherpunks       |          Owner:  mikeperry
     Type:  enhancement       |         Status:  new      
 Priority:  normal            |      Milestone:           
Component:  TorBrowserButton  |        Version:           
 Keywords:                    |         Parent:           
   Points:                    |   Actualpoints:           
------------------------------+---------------------------------------------

Comment(by cypherpunks):

 Replying to [comment:1 mikeperry]:
 > Alright, Mr/Ms/Mrs. Flamebait McTroll, I'm putting my h8r hat on..
 You've been warned.

 I am not a hater. This is not so fatal. You turn it on or not. No matter.
 I continue to use your browser.

 > DNT is not just a statement. It's a regulatory nightmare waiting to
 happen, and what it means depends upon user behavior, website features,
 and a whole lot of site-specific user consent.
 >
 > For example, as a site operator, what the hell does DNT mean if a user
 logs into your site? You have to track them minimally, if only to provide
 functionality and security...

 For example, for google mail it would mean: "Do not scan their mails. Do
 not offer personalized advertisements. Use generic advertisements.".

 > If we can't solve privacy preferences with technological solutions that
 prevent data disclosure in the first place, we're not trying hard enough.

 We try the technological and the political way at the same time. DNT is a
 political statement.

 Replying to [comment:2 mikeperry]:
 > That said, I am all about stopgaps. If you can convince me DNT actually
 makes practical difference, we'll think about turning it on.

 Right now it's too new. It doesn't make a difference right now. It's a
 signal. Not using the signal is like not going to election, "my voice is
 insignificant".

 While normal users turning on DNT can be tracked even better due to DNT,
 Tor is significant and can send a signal (all Tor users share it).

 > Who cares? What can this thing actually mean in any practical sense? If
 I log into facebook/gmail and send a bunch of messages to all of my
 friends' public walls/email lists with DNT set, what does that mean?

 For facebook it means similar "Do not scan my messages. No personalized
 ads."

 > In the worst case it means facebook/gmail says "Sorry, you can't do
 that, you don't want to be tracked." Then the user is forced to disable
 the header globally (and incur the fingerprinting penalty globally), just
 to use a site-specific service.

 That is great! Imagine all the protests, people quitting facebook and
 facebook offering better privacy, less tracking.

 And if something like that ever happens and it worsens the user
 experience, you can deactivate DNT in a further release. Releases are
 quite frequently anyway. And also this would be actually good press. "DNT
 failed. Torproject decided to disable DNT because too many websites
 rejected users who have DNT enabled. Privacy, what's that anyway? The
 thing they cared about in the 19th century? Self regulation failed.
 Stronger privacy laws needed."

 > Moreover, what would the header buy us that
 https://www.torproject.org/projects/torbrowser/design/#DesignRequirements
 doesn't cover?

 It adds and political statement, which is more likely to be counted, than
 counting how many people have Tor IP's.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5501#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list