This week in panospace

DNT Stands for “DO NOT TRACK”

Do Not Track is a simple way for web users to express that they do not want to be tracked.  It is available in most modern browser.  It has been around for four years, and yet the majority of website publishers do not seem to honour it.  RequestPolicy and NoScript keep warning me about web pages that attempt to instruct my web browser to pull in third party content, often from notorious data miners whose sole purpose is to track users.  Few website publisher are mindful of the explicit user request.  One such example is the FreeBSD website: if the Do Not Track preference is set in the browser, it does not send instructions to include Google Analytics.  How difficult is it for other websites to honour the user’s request?  Very easy, as it turns out.  For example, using standard Apache Server Side Includes:

<!--#if expr='!${HTTP_DNT}' -->
<!--#endif -->

The above code will show the third party requested elements only if the user consent to it.  Ignore the user’s express wish not to be tracked and you may be exposing yourself to legal liability.  Web publishers have been warned.