Posted: April 2, 2014
What is DNT?
Do-not-track (DNT) is a mechanism that provides consumers the option to deny online service providers and companies hosting commercial websites from tracking and collecting online activity information and using it for the delivery of targeted advertisements. The idea involves a simple mechanism that would persist through the consumer’s online activities sharing the consumer’s DNT choices, as a consumer preference header of sorts, along the way. The idea was first brought forth in 2009, with the intention of increasing consumer online privacy; however, there has been very limited progress.
Despite the idea’s minimal headway, most of the major website browser companies have implemented DNT capabilities into their products. However, the default setting for the DNT settings among browsers differ. Some browsers are designed to allow tracking until a consumer opts out, while others default to DNT and require a consumer to opt in to tracking.
Where are we now?
Several bills have been proposed in the past; however, only one has had any relevant success. Although AB 370, an amendment to the California Online Privacy Protection Act of 2003 (CalOPPA), was signed into law on September 27, 2013, the law does not actually enforce do-not-track compliance. AB 370 only requires commercial websites and online service providers who market to residents of California to post a privacy notice disclosing how the website operator handles do-not-track signals. This is simply a disclosure law; yet, the law seems to have raised more questions than answers for many companies.
There are two federal bills currently introduced, the Do Not Track Online Act of 2013 and the Do Not Track Kids Act of 2013. If enacted, both bills would prohibit operators of online websites from tracking a consumer’s online activity and collecting personal information if the consumer’s preferences indicate an opt-out of such practices. Nevertheless, the chances of either bill passing are highly unlikely.
What’s the future?
Since 2010, the Federal Trade Commission (FTC) has urged major browsers to develop a DNT mechanism. Additionally, the World Wide Web Consortium (W3C) has had web experts working together for several years to try and define DNT standards. Despite these efforts, there still lacks consistency regarding the DNT definition and the advancement of DNT has been deemed “on life support” by some as no comprehensive guidelines around DNT have been developed.
Furthermore, there are differing opinions as to how DNT requests should be treated. The Digital Advertising Alliance believes that if an opt-out request is received, operators are only required to quit targeting advertisements. Conversely, privacy advocates believe a DNT request should require an operator to cease all tracking and personal data collection.
The next question posed is what consumers expect from DNT. Are they expecting a cease in the collection of personal information entirely or just from sites other than the specific website they are visiting at that time?
In order for advancement in the implementation of do-not-track, expectations for businesses and consumers need to be defined and set. With the modern online marketing business having such dependency on targeted advertisements, the ramifications of a federal do-not-track legislation on online marketing could be monumental.
Jordan Eisner is the Director of Sales for CompliancePoint’s Customer Engagement Practice Group which provides consulting services for organizations dealing with privacy regulations such as the GDPR and the TCPA. He’s worked with hundreds of organizations on a variety of initiatives and is passionate about finding the right fit for each and every client. Jordan is a Certified Information Privacy Professional (CIPP/US) by the International Association of Privacy Professionals (IAPP) and a graduate of Georgia College & State University where he received his Bachelor’s Degree and Master of Business Administration. He’s a proud Atlantan and enjoys spending time with his wife and son.