Firefox won’t increase privacy by blocking third party cookies by default
Mozilla and Microsoft have both got themselves in a bit of a privacy tizz over their respective browsers. First Microsoft decided to make Internet Explorer 10 come with ‘Do Not Track’ turned on by default, now Mozilla is thinking of a ‘Safari like third party cookie patch‘ where third party cookies won’t be accepted from domains that you have never visited before.
Do Not Track
‘Do not track‘ (DNT) is a browser parameter first implemented by Firefox. If a user selects the box in the settings saying “do not track”, then the browser sends a signal across with every request along with the IP address, browser and a whole host of other things.
This is a great way for users to tell websites and advertisers that they don’t want to be tracked. The websites don’t have to do anything technically different on the pages to make it work, they just pay attention to the data that they get in the background.
The trouble with Do Not Track is that:
- It is entirely voluntary for the website at the end on whether they pay attention to it and it is near on impossible as a user to tell if they are or not. When I say near on impossible, ‘near on’ just left town.
- As far as I can tell, uptake by websites and advertisers have been low. I just spent half an hour googling around and I still can’t tell you with 100% certainty whether Google Analytics pays attention to it. I’m fairly sure it doesn’t.
- Hardly any users seem to know what it is and so uptake has been low.
Microsoft even use it as a USP in their advertising.
Except of course now that Microsoft have implemented it by default, all the advertisers have decided that because it is no longer set by a user, they can complete ignore it. Microsoft might as well have implemented a setting that gave a couple of magic beans to the user, given how much use what they have implemented.
Effectively what Microsoft have done by setting it by default is to turn around to the FDA and say to them
“Make this law or we’ll destroy it as an opt out option”
The FDA, notorious for their light touch regulation, are desperately hoping that advertisers take it seriously so that they don’t have to do anything. Unfortunately they aren’t winning that battle at the moment.
Third Party Cookies
Safari has a unique position when it comes to third party cookies, they block them by default. When you are using Safari on your iPad or iPhone then you won’t be receiving any third party cookies.
Firefox is thinking of implementing something similar, as they said in their blog post back in February:
Mozilla has a long running interest in fostering greater transparency, trust and accountability related to privacy and the many cookie-based practices we see today.
So they are thinking of implementing something similar, although that has evolved a bit over the last couple of months. Firefox’s plan is to block third party cookies except in situations where you have already accepted a first party cookie from the same company.
What is the impact of such a change? Well Mozilla have been taking it very seriously and have highlighted two potential problems:
- False negatives where a site gives you a third party cookie from the company, but not necessarily from the same domain (eg if you go to google.com and you get a cookie from google.co.uk)
- False positives where you get a cookie from a site once, but they are then allowed to track you around everything that you do from then on (eg everything that facebook, twitter, google and all those other popular social networking sites do)
- You view an advert and the advertising agency drops a cookie from their domain
- The next advert looks for the cookie and based on rule sets will decide which advert to give you next time, based on your clicks of the previous adverts and the pages that the adverts were on
- Company wants to buy advertising so allows advertiser to put tracking code on their site too, sometimes passing through parameters for products alongside the cookie id
- The next advert that the user looks at, the advertiser has a profile of the user based on the adverts and the site, so provides a contextual advert based on a rule set
Objectives
Mozilla has a long running interest in fostering greater transparency, trust and accountability related to privacy and the many cookie-based practices we see today.
Leave a Reply