Sunday, January 23, 2011

opting-out of behavioral ads

One of many planned explorations towards a more elegant and privacy-enhancing approach to user choice and control.

I've recently been blogging about online tracking and behavioral advertising, and I think it's time to take the first step towards a solution. Complete solutions to the transparency gap and lack of user-data control are being actively explored and as part of Mozilla's larger aim to improve users' control over their data, we want to take the first step. I'm proposing we implement a HTTP header that Firefox users can elect to send that tells ad networks they don't want to be tracked.

What is tracking in the context of "Do Not Track" for Online Behavioral Ads?

The definition here is hotly debated, but the general consensus seems to include at a minimum:
Tracking is the accumulation and use of a profile by advertising networks through invisible or subtle noting of which sites an individual visits, and the use of the profile data to customize advertisements displayed.

Currently, to opt-out of online behavioral advertisements, you have to get a site to set an "opt-out" cookie so they won't track you. There are various web sites that help out (NAI, IAB UK) and there are Firefox Add-Ons (TACO, beef taco, etc.) that can streamline this process. But this is a bit of a hack: it's nearly impossible to maintain a list of all the sites whose tracking people may want to opt-out from. It would be more attractive if there was one universal "opt-out" signal that would tell all sites you want to opt out.

Bug 628197 calls for the implementation of a HTTP header that is transmitted with every HTTP request that advertises the Firefox user's desire to not be tracked by advertising networks. A checkbox in Firefox's preferences panel could ask if the user wants Firefox to request opt-out from tracking, and when checked the HTTP header "Tracking-Preference: do-not-track" will be sent. This is a similar approach to others that have explored an HTTP header for opt-out (donottrack.us, UBAO), and I agree it's a good step to take.

Servers don't know about this yet, so it won't have immediate effect on tracking, but in the meantime the presence of the header can be observed by web sites (in a similar way to a cookie) to help understand how desired opt-out of OBA is. Once this feature ships in Firefox, it's time for web sites to do the right thing; honor users' choice when they receive Do Not Track HTTP headers and opt-out these users from tracking.

Mike Hanson has also been thinking about this for a while. He's written a good analysis of problems surrounding online tracking, including a survey of some approaches we could take. An HTTP header that expresses a user's desire to opt-out seems to be the most productive step we can take that doesn't shut off important and innovative bits of the web that fund many of the services and content we make use of in our daily lives.

Do Not Track HTTP headers for behavioral advertising are only one piece of the data choice and control puzzle.

Improving transparency into online data collection and sharing practices is another step that we think will help set peoples' minds at ease. Additionally, we're still working on other technology at Mozilla to improve people's control over how they're tracked online -- features that aim to give people a deeper understanding of how tracking happens, and the ability to shut it down when the Do Not Track request isn't honored. In concert, I hope the HTTP header and future efforts will help people regain transparency and control over how they're profiled or tracked online.

EDIT: Test builds of Firefox are available here if you want to try out my initially proposed implementation. Of course it will change before we ship, but these builds provide a proof of concept.

EDIT: The newest Firefox 4.0 beta has the initial implementation in it. Download the beta if you'd like to try it out!

42 comments:

Giorgio Maone said...

Why inventing yet another header ("X-Tracking-Choice") rather than reusing the "X-Do-Not-Track" proposal, which is already implemented in NoScript and Adblock Plus, and also endorsed by yourself?

Stuart said...

I don't quite understand what this buys us that per-site cookie blocking - already implemented in Mozilla since the days before Firefox was a Phoenix-named blink in someone's eye - doesn't.

On the other hand, UI of per-site cookie blocking UI doesn't seem to have had had any work done on it since the days before Firefox was a Phoenix-named blink in someone's eye either. Some things you might want to do with it are a pain in the neck - try unblocking ebay after you've blocked it, or making any choice stick for tubemogul or disqus.

And I imagine the whole thing only goes so far in a world of Flash cookies and DOM Storage APIs and evercookie.

If Mozilla is going to take do-not-track preferences seriously, surely some work on the do-not-track capability it already has is called for too?

Julian Reschke said...

This header *really* should not have an "X-" prefix, and potentially be
discussed in the IETF websec Working Group.

jmdesp said...

Mozilla belongs to those who use it. An extension to make per-site cookie blocking easier is definitively something that would not be very hard to put in place, and would be a great base to then push to get it included inside the base functionalities.

Also DOM storage does not allow a different site to get the data that has been stored. So it's not a major vector for tracking, at least not without some fairly sophisticated work around that protection that could then easily be extended to allow you to track someone even without any storage.

Sid Stamm said...

@Georgio/3:06A: In my eyes, UBAO was a proof of concept, not a final recommendation -- and a long time ago at that (last real code change was July 2009). I didn't put much thought into the design of the headers. X-Do-Not-Track is specifically an opt-out, and I'd love to see tracking become an opt-in type of thing; if we have a choice header that allows opt-in *or* opt-out, this is easier to accommodate in the future.

@Stuart/6:37A: This buys us two things over cookie blocking: (1) ad networks will know *why* they're not getting cookies and have an opportunity to adjust, and (2) tracking isn't limited only to cookies, and this transcends that.

@Julian/7:56A: Yeah, agreed. I left the X- off in the patch, and we're considering writing an i-d to bring it up with the IETF.

@jmdesp/9:58A: This isn't the end-game! We're working on some new ideas we have for client-side data controls that are functional and intuitive, but they're still young ideas and not ready for prime time.

Chad said...

I like and understand the idea. Also, it an interesting idea to be able to discern when sites are not honoring the DoNotTrack header. Any more insight how Firefox is going to be able to track and report cross browser data sharing. The issue I am not seeing discussed anywhere - is how do these sites that currently support themselves from ads dollars continue to stay online when everyone opts out of ads? Personally, I am cool with paying for some of the services I get for free right now... but do most users?

Sid Stamm said...

@Chad: To be clear, this feature should not opt you out of ads, just cross-site tracking. You'll still see ads, the ad networks are simply being asked to stop recording what sites you visit.

karl said...

I'm split in between the good and evil of "do not track" headers. It is similar to the now useless robots.txt for blocking user agents.

Basically good sites might implement it, but bad sites will continue their tracking behavior, without counting the other sources of tracking.

I usually prefer the silent mechanism than the broadcasting one. That said, there could be a benefit if the movement is really wide and makes it a large trend. It would have statistical significance.

What about adding the Do Not Track when cookies are blocked for a domain?

blog said...

Another "X-" prefix that we will never get rid of...

Anonymous said...

Apple's Safari browser blocks third-party tracking cookies by default. How come Firefox doesn't include this same feature?

The proposed X-Tracking-Choice feature requires the cooperation of the ad networks. However blocking third-party cookies does not.

M said...

I like the idea of an HTTP header, but I'm with Giorgio Maone on this one. Inventing one more header is not going to be useful.

You say that you want to indicate opt-in and opt-out and thus want to have that flagged in the header. But with the X-Do-Not-Track header, the mere absence of it signifies that it's an opt in. For the end user, the UI is just a checkbox, while the innards of the browser handles the details.

Reinventing another header when prominent developers like Adblock Plus and NoScript have implemented a previously discussed and agreed one will only make things more complex for the website developers. Those who intend to comply will have to deal with X-Do-Not-Track as well as X-Tracking-Choice. Why make things so complex and continue driving the implementation divide (as has been happening with a lot of standards and implementations)?

The other way around is make your argument so compelling that Adblock Plus, NoScript and others adopt your proposed header and drop the X-Do-Not-Track header.

Make everybody's lives simpler please!

Anonymous said...

Opt-in additionally to opt-out? So this will go in the direction of P3P?

Terry said...

X-Do-Not-Track header. Completely pointless. Save your energy and save us. Use ad block or allow.

Gabbianone94 said...

Shouldn't this feature be enabled by default when using private mode (aka incognito mode)?

Anonymous said...

You really have to be a geek to understand what you people are talking about when "opting out" of tracking would be very useful to the everyday Internet user too.
When all this tech jargon can be put in language we all can understand, I am quite sure that most of us would like to opt-out of be tracked by cookies.
Please make the announcement when this happens in very clear and simple language for the rest of us.

Tom said...

I love the way Mozilla downloads a new version of Firefox to my computer and proudly announces this feature on a full-screen display - then does not tell me how to enable it, not even here on this page to which I am directed when I click on "Learn more".

Come on, Mozilla, please start considering the vast majority of your users who are not experts.

mz1010101 said...

web content is not free. advertising helps support and pay for the media you are consuming.

by opting out of technologies that are safe and anonymous and help websites get higher payouts from advertisers you are hurting site owners/content creators.

you are going to see the same number of ads despite your decision to "opt out" but the quality of the ads you see may diminish and change. less targeting leads to lower quality and more aggressive ads.

Like it or not, advertising pays for "free" content and in the least you should learn more about cookies and how they work and affect the web ecosystem.

Anonymous said...

Help! I have Minefield 4.0 b12pre and cannot find the Do not track option. How do I enable it?

Can it be found in adbout:config? Because it definitely isn't in the Preferences window (not even the advanced tab).

Anonymous said...

Did any of the ad networks sign up for respecting this? Otherwise it's probably just cluttering the browser (and network..) with an option that won't do anything?

I'd probably find it more useful to be able to set 3-rd party cookie options separately (wipe when closing browser, but keep 1st party cookies). Even IE, as much as I hate it, has this..

And shouldn't the option be under Privacy instead of Advanced?

Anonymous said...

This will only "protect" you from the good ad guys, bad ad guys can just ignore the header and track you anyway.

Strong 3rd-party cookie options would probably be more useful.

Stephan Pretorius said...

I think the way you have positioned this to consumers on the Firefox4 upgrade page is quite misleading. You can't really actively opt out of tracking with this new feature, you can only request to opt-out. All you are now going to get is a large number of everyday web users who think they've opted out of tracking when in fact they haven't. For this reason I would agree with @Stuart that improvements on the per-site cookie blocking UI would be far more productive.

Separately, I think the definition of Do Not Track as being limited to site visits across sites by ad networks completely misses the mark in terms of what is really going on with customer data today. First party tracking, data appending and remarketing would all be allowed in terms of this definition, yet, from a consumer perspective I'd bet my bottom dollar most consumers would consider these practices as being "tracking" and would expect a DNT feature in their browser to prevent that from happening.

@Sid: am I missing the point?

Sid Stamm said...

@mz1010101: Yes, we in no way aim to disable ads. Many ad networks offer tracking opt-out already, and we just want to make users' expression of desire to get out of tracking a uniform expression and not based on 100s of opt-out cookies.

@Anonymous/5:28am: Right, the header approach only helps with the fair players. The fair players, however, have a very large majority of the market so they are an important segment. I agree that we need to do more to address the unfair players (and we will), but there's no reason we can't play nice with the fair players first.

Anonymous said...

Those concerned about privacy should also be aware of browser footprinting techniques, that can uniquely identify visitors of a site without the need for cookies.

Sid Stamm said...

@Stephan Pretorius:
We've written the UI to say "Tell sites" not, "opt-out". Thanks for the feedback, though, and we'll see if we can't be clearer when we release the final version of the product (remember, you're using a Beta).

I agree with you that limiting the definition is not the right approach, but perhaps I wasn't clear enough. We believe tracking is at least cross-site tracking from ad networks. There is more to the picture, but the public discourse surrounding opt-out for ad networks is more advanced than the rest of the tracking discussion, so we want to make sure to address that piece first.

Cameron Hulett said...

What this needs is some control over the different ways the user will want to control how they are tracked. For example one could block 3rd party cookies but not first party cookies. Or one could allow page to page tracking, but not global site tracking.

Mike said...

huh? Im not a techy. Just tell me if I need to change anything in my settings to block the tracking

Anonymous said...

I have absolutely NO idea what
your talking about!!!!

Rooker said...

Why is feature located in Options > Advanced rather than Options > Privacy where it belongs?

Anonymous said...

Aside from the tech aspects, How about a simple indicator that one is being tracked? This would help those desiring privacy to identify immediately any site ignoring a request and thus allowing market share to dictate and encourage site opt-in to the scheme. This should be implementable irrespective of the header sent.
The URL colour identification has been invaluable and greatly affects the sites I and my colleagues visit.

newyuppie said...

Why would we want to opt-in? I want to have this setting "on" by default! Isn't this obvious enough??

Sierra said...

You are a extreme geek boy but that's OK its cool.

Anonymous said...

I think there should be an option in Firefox to visually display to a user whether or not the site they're visiting tracks them. Something like Green background on URL if the site does not track, Red background on the URL if the site does track. This allows the user to easily distinguish between sites which do and don't track. If the URL is red the user can choose to no longer visit that site and it gives an additional incentive to the site to not track the user.

Nimitz1061 said...

While we're at this, why not give it some teeth. Create a mechanism by which we can CHARGE networks for gathering our data and lobby to make it law..

Anonymous said...

I like the red background and green background idea also.
sincerely,
a different anonymous than the one who originally posted the idea.

Anonymous said...

My concern with opting-out of behavioral ads would be that
certain websites may not function
because they use the ads to
fund their sites.
However, the thought is worth continual studies.

Sid Stamm said...

@Anonymous/8:50am: your concern is warranted, however our DNT header approach is intended to allow privacy preserving advertisements, and only opt you out of those that invade your privacy. We don't at all intend to block ads, but rather let the ad networks know you don't want to be tracked. They can still show you ads chosen anonymously.

Anonymous said...

Why is the default do-not-track option off in firefox 4, while it is obvious that a huge majority of users would want this on if they knew about the privacy invasion this represents ?

Let me guess... This way, a large number of users not well informed about the way their privacy is violated by companies like google, will never even know that this option exist, and will still be tracked even if a law is passed some day. Better : without even knowing, they will explicitely declare something like "it's ok track me" to those greedy privacy invading companies. Thanks Mozilla.

Now a coincidence : Mozilla receive a huge amount of money from google, and google makes huge amount of money from privacy invading user tracking.
Everything sounds logical here. General interest does not matter.

Sid Stamm said...

@Anonymous/3:39pm:
The DNT header is off by default in Firefox 4 because it doesn't mean anything to web sites if we make the decision for the user.

If it is a feature you have to seek out and enable, it is a stronger signal that clearly states user intent and not Mozilla's intent. Turning it on by default is just like declaring "Firefox 4 users don't want tracking" and expecting sites to stop tracking for all Firefox 4 users. (I doubt they'd listen to that request.)

God Is Dead? said...

Quoth mz1010101 who said said...

web content is not free. advertising helps support and pay for the media you are consuming.

by opting out of technologies that are safe and anonymous and help websites get higher payouts from advertisers you are hurting site owners/content creators.
-------------------------------
Gee, whatever did we do without the advertisers in the bad ol' days of the interwebs?

Seriously, why not think of a different paradigm for internet, instead of this incessant opt-in/opt-out of advertising tracking?

We have some of the brightest minds in the world, yet we continue down this hopeless road?

Start cracking those minds open boys and girls. You can do better. Think like Marc Andreesen would, or Steve Jobs.

Anonymous said...

I'm reminded of RFC3514 which defined the "Evil Bit".

ankhorite said...

AGH! For those who came here hoping for some guidance on how to actually USE this feature, look for it in

Tools --> Options --> Advanced

(Though why they put it in Advanced instead of Privacy is a good question).

Firefox gave me a big screen bragging about this development -- without saying how it could be activated. AGGHHH!

Sid Stamm said...

@ankhorite: We're moving it in Firefox 5. it will be on the top of the "Privacy" tab of options instead of buried in "Advanced/General". (https://bugzilla.mozilla.org/show_bug.cgi?id=645063)