Over the last year, W3C has ramped up its activities in the privacy space: Within the context of the PrimeLife project, we’ve looked at privacy considerations for device APIs, at policy languages, and we’ve taken a look at the broader Web and Internet privacy picture together with the Internet Society, the Internet Architecture Board, and some colleagues from MIT. As part of our strategic planning exercise, we have committed to further increase our focus on the topic.
All of this reflects an increasing interest in privacy in the broader Web and policy community.
As part of that larger online privacy debate, the discussion about online tracking (for example for behavioral advertising) and possible countermeasures has picked up a lot of steam. We have seen this discussion reflected in policy papers from the FTC and the Department of Commerce. We have seen it in the advocacy by the donottrack.us community. We see “do not track” appear in various policy discussions.
We have also seen this discussion reflected in various recent announcements from browser vendors about code deployments. To name just a few:
- Microsoft announced the inclusion of anti-tracking technology based on tracking protection lists in IE9
- Mozilla announced support for a “do not track” header.
- Google released a browser extension that permits users to persist opt-out cookies.
One striking observation for most of these technologies is the relative simplicity of the technical approach, and the complexity of defining what the real meaning of “Do Not Track” is, on a global Internet.
Today, we have acknowledged the Web Tracking Protection member submission from Microsoft. The submission proposes to standardize two elements: Filter lists that can prevent user agents from making requests to known Web servers that track users, and a do not track user preference that is exposed both as an HTTP header and a DOM property.
As always for a Member Submission, we’ve written a formal Team Comment that summarizes the submission and outlines next steps.
In this case, the next step will be a W3C workshop: On 28 and 29 April, Princeton University will host us for a day and a half of discussion about what Recommendation-track work W3C should start in this area. We expect to publish a Call for Participation shortly. Why a workshop? As we move forward in this space, we aim to build a broad consensus. We think that this is a topic that affects a broad range of stakeholders in the Web ecosystem: Vendors, Web site operators, privacy advocates, but also those who make use of user tracking to provide their services.
Update, 2011-03-03: The call for participation is now published.