Apple has removed Safari support for a technology called Do Not Track because, perversely, it could actually be used to track your online behavior.
The Do Not Track setting in browsers was designed to tell web publishers and advertisers not to track your online behavior. But the effort fizzled as websites largely ignored the setting. And now the mere presence of the option in browsers can help websites identify and therefore profile you through a process called fingerprinting, Apple concluded.
In release notes for Safari 12.1 — available now and built in to the forthcoming iOS 12.2 and MacOS 10.14.4 — Apple said it “removed support for the expired Do Not Track standard to prevent potential use as a fingerprinting variable.”
Fingerprinting tests a browser’s abilities and settings to build a profile of a website visitor. The more settings there are, the more likely your particular configuration can be used to identify you online. Apple and other browser makers are trying to reduce fingerprinting risks.
Even without the fingerprinting problem, Do Not Track is a cautionary tale that shows how hard it is to systematically improve online privacy. Even without the fingerprinting issue, Do Not Track didn’t even work for the most part. That’s why browser makers are, broadly speaking, getting more unilaterally assertive about privacy issues.
Mozilla, Google and Microsoft didn’t comment on their continued use of Do Not Track.
Do Not Track fizzles
The Do Not Track effort began nearly a decade ago, promoted by the Federal Trade Commission and drawing participation from advertisers, web publishers and browser makers. Browser makers trying to advance privacy and our own control of our own data, unsurprisingly, didn’t see eye to eye with advertisers. An effort to resuscitate the Do Not Track standard in 2013 also flopped.
In January, the effort to formalize the Do Not Track technology at the World Wide Web Consortium standards group ended without producing a standard, too. The group tackling the project closed up shop after concluding that Do Not Track “adoption has not proceeded.”
Another problem: Do Not Track raises expectations that the technology simply doesn’t meet, according to survey results that privacy-centric search engine Duck Duck Go published this week. Among those familiar with Do Not Track, 44 percent weren’t aware that websites and advertisers aren’t required to follow it.
“Do Not Track is about as foolproof as putting a sign on your front lawn that says ‘Please, don’t look into my house’ while all of your blinds remain open,” Duck Duck Go said. “In fact, most major tech companies, including Google, Facebook and Twitter, do not respect the Do Not Track setting when you visit and use their sites,” a fact 77 percent of the US adults surveyed didn’t know, the search engine said.
Other privacy efforts in the forefront
Browser makers, meanwhile, are taking matters into their own hands. Apple has built its own technology called Intelligent Tracking Protection into Safari. Startup Brave is even more aggressive, blocking all trackers and offering a super-anonymous Tor-powered privacy option.
Firefox now also has begun cracking down on tracking, too. Browser extensions like Ghostery and uBlock Origin also are in widespread use.
The advertising industry doesn’t like the tracker blocking. But it looks like browser makers are going to expand tracker blocking efforts, not pull back.
Security: Stay up-to-date on the latest in breaches, hacks, fixes and all those cybersecurity issues that keep you up at night.
Apple: See what’s up with the tech giant.