CookieLaw Blog November 16, 2011

W3C Do Not Track Draft Standard and the Cookie Law

Do Not Track (DNT) is a browser based mechanism designed to enable a web user to communicate their privacy wishes to a website, with the idea that the website will then be able to respond in a way that respects that wish.

Firefox was the first major browser to create a DNT function, but their competitors have responded with their own similar, yet different, versions.

Now the World Wide Web Consortium (W3C), the main standards setting body for web technologies is working on producing a standard that aims to define what DNT means, how it is communicated, and what the website response should be to the request in order to qualify as respecting it.

Their draft specifications can be found here: Tracking Preference Expression and Tracking Compliance and Scope

A quick look through these will demonstrate just how many issues and questions need to be resolved before these documents can be finalised.

The intention behind DNT is to give consumers a mechanism to stop advertising networks tracking them across websites – tracking which enables the networks to deliver behavioural advertising to users.

Providing users with this kind of functionality is definitely to be applauded, but it is important to note that it is a long way from being a solution to enable websites to comply with the cookie law.

Firstly, switching on DNT does not stop a website from placing cookies in a browser – unless the website recognises the DNT request and blocks the cookies in accordance with that request.

Secondly, DNT is an ‘opt-out’ function, not a consent based approach.  Just because people don’t use DNT to say ‘no’ to cookies, it cannot be assumed that are saying ‘yes’. Firefox have made it clear in their privacy blog that the default position when the browser is installed is to have DNT switched off. 

The fact that a visitors’ browser has DNT switched off cannot be assumed by a website to have been a conscious choice to allow cookies.  It is just as likely to be an indication that they don’t know how to change their settings.

It may be that one day the communication mechanisms between a website and browser will be sophisticated enough for people to be able to use them to indicate their consent or otherwise for the use of their data.  DNT is a first step in that direction.  However, for the time being it does not look like it will be much more than that, and it will certainly not enable website owners to do nothing to become compliant with the cookie law.

Recent Posts

January 13, 2017
Future of EU Cookie Compliance Webinar: ...

GDPR and now the proposed E-Privacy Regulation mean a stricter regime for cookie compliance, web governance and use of online tracking technologies. Join p...

View Article
Recent blog thumbnail
December 14, 2016
Draft EU ePrivacy Regulation Leaked...

A draft of the proposed legislation to replace the outdated EU ePrivacy Directive was leaked on the (PDF) website this week. The proposal is fo...

View Article
Recent blog thumbnail
November 3, 2016
GDPR Compliance Means Cookie Notices Mus...

Are you one of those people that ticked the cookie law box ages ago and not thought about it since? Well the game has changed and now is the time to re-vis...

View Article
Recent blog thumbnail
September 21, 2016
Optanon Acquired by OneTrust...

We are pleased to announce that Optanon, along with parent company Governor Technology, has been acquired by OneTrust....

View Article

Be in the Know

Subscribe to our newsletter

Onetrust All Rights Reserved