Collusion for Firefox…

Collusion for Firefox is a browser add-on that, quote:

“Collusion is an experimental add-on for Firefox that allows you to see which sites are using third-party cookies to track your movements across the Web. It shows, in real time, how that data creates a spider-web of interaction between companies and other trackers.”

Firefox plugin

Currently the add-on somewhat informative and displays a visual presentation of tracking sites, see image on the left.

The final version of Collusion will add capabilities for blocking cookies for any node in the graph. It is somewhat interesting to see the companies tracking your Internet activities, and how your activities might be shared between these companies.

The better option is to collectively block tracking altogether by other add-ons, such as DNT+, Ghostery, No-Scripts, etc. DNT+ supports most browsers, except Opera, and Ghostery supports all browsers. The No-Scripts add-ons is available for Firefox only.

If tracking your Internet activity is a concern of yours, you do not need to wait for the final version of Collusion. Other add-ons are available now and do a good job at disabling of your Internet activities tracking.

W3C DNT Draft..

Do Not Track, or DNT, is a W3C proposed HTTP header field standard that request the web server, well, not to monitor end-user Internet activity. The DNT header field standard defines three values:

    1. Value not set: Default setting for browser installation, HTTP DNT header not sent, tracking allowed.
    2. Value set to zero (0): End user explicitly opts-in, HTTP DNT header not sent, tracking allowed.
    3. Value set to one (1): End-user explicitly opts-out, HTTP DNT header sent, tracking is disabled.

In practice, the web server reads the DNT header value, if present, and enables/disables tracking of the individual accessing the website. The DNT standard has not been finalized and honoring the DNT settings is voluntary at the time of writing. As such, users are not guaranteed privacy since advertisers are not legally required to comply with the DNT request and many don’t. Even compliance to DNT standard does not guarantee privacy for the end user; the websites will be allowed to track visitors for “research purposes”, regardless of the DNT setting, after the standard had been finalized.

The draft W3C DNT standard is in line with US privacy laws, where “explicit opt-out” required for individuals to protect their privacy. The privacy laws in Europa point to “explicit opt-in” that contradicts the proposed DNT standard. Quote from the W3C DNT standard draft:

An ordinary user agent MUST NOT send a Tracking Preference signal without a user’s explicit consent.

The draft seemingly complies with both the US and European requirements; however, that is certainly not case. If the user agent is not configured, default installation requirement for the browser, tracking is enabled. The explicit opt-in setting is the same as the default installation, no HTTP DNT header is sent and tracking enabled.

Most of the people accessing the Internet do not know about the privacy risk posed by tracking their activity on the web. For that matter, most of them don’t even know about advertisers tracking them. Those people will not “bother” changing the browsers’ default settings either, due to their limited knowledge of the browsers’ settings.

Ignorance is a bliss and loved by marketing alliances, such as DAA and DMA. These alliances and other businesses had pushed W3C to “water down” the standard to the point, where the finalized DNT standard retains the “status-quo”. That’s good news for US online advertising, estimated to be 40 billion dollars per year.