Do Not Track – positive for privacy or the end of the internet as we know it?

As I mentioned in my blog ‘Targeted advertising and privacy’ last week, Do Not Track (DNT) is a system which sends out a line of code to third party websites indicating that they should disable their tracking of a user’s web browser activities.  DNT prevents the gathering of data which enables tailored behavioural advertising.  This system is currently voluntary meaning that a user generally has to opt in to DNT and then rely on a website to understand and respect the DNT signal its browser sends out.

When Microsoft released Windows 8, which includes Internet Explorer 10, last year, it was one of the first companies to set DNT as a default in its browser.  At the time, its Chief Privacy Officer, Brendon Lynch, explained that Microsoft made this decision “because we believe in putting people first. We believe that consumers should have more control over how information about their online behaviour is tracked, shared and used” and that “consumers should be empowered to make an informed choice”.

Now you will probably not be surprised to hear that I am firmly in the ‘keep my browsing activities private please’ and ‘let me make my own choice’ camps, so I tend to agree with Brendon Lynch.  I have, however, encountered some problems with my stance.

The most convincing argument against my ‘pro privacy and choice’ stance is that of free content.  The internet is replete with useful and free content.  This is usually financed by the sale of third party advertising on the relevant sites.  If we restrict the ability of websites to sell targeted advertising, we may end up with pay walls to access the content that is currently free.

There is also the argument that by setting DNT as a default, you are depriving the consumer from making an informed choice as to whether it is happy to receive targeted advertising based on its previous browsing habits.

Another issue with DNT is that it is voluntary, so only respected by certain organisations whilst ignored by others.  The extent to which it is respected by organisations also differs.  Until DNT is recognised worldwide and there is uniform response to it, it is unclear to what extent it keeps your online activities private.

The debate surrounding DNT can be likened to the current debate surrounding online pornography in the UK.  David Cameron announced this week that most households in the UK will have pornography blocked by their internet provider unless they actively choose to receive it.  This is what the Government has decided to do to protect children from indecent content, an objective I think most people would support.  Pornography, like advertising, however, has its place.  The question is, should you have to opt in or opt out? And would both of these be issues if education were better and we, as users, understood exactly what information is collected about us and how to adjust our settings and better control our privacy and content?

Despite being a lawyer, I don’t like to see legislation used in place of education and sensible, technical solutions.  I am not sure we need DNT legislation.  Education around online privacy and blocking content would surmount many of the privacy issues we encounter and give everyone an informed choice.

From a legal standpoint, you need to bear these issues in mind when writing or updating your privacy policy.

Simon Halberstam