The Do Not Track header was originally proposed in 2009 by researchers Christopher Soghoian and Sid Stamm.[2] Mozilla Firefox became the first browser to implement the feature.
I wonder how many web developers actually honour Do Not Track. I do, in all the websites I've made for my employer too, but I think I'm only getting away with it because my employer doesn't know. I've even made it so that browsing with Do-Not-Track enabled also skips the cookie consent banner and just assume the user wants no cookies other than the strictly necessary ones (like their session/login cookie), and doesn't include Google Analytics, instead just upping a single view counter on the page, with no PII in there.
A better option would be to just make tracking illegal, and heavily fine companies that are found to be doing it. And make it strict liability, so intent doesn't matter.
I know we all have our pitchforks out, and I hate tracking as much as everyone else here, but "tracking" is a very broad term, and is not always malicious. Unless you want to outlaw access logs, for example.
I see nothing wrong with outlawing access logs. They were invented and standardized at a time when the IP address field did not map 1:1 to the building in which you and your children sleep.
Which is why it should be defined in the law. The GDPR and the ePrivacy directive define what counts as tracking and what is acceptable. See for example:
That's reasonable. Could also decimate the adtech industry and cut them down to just serving ads based on keyword searches and location, like they did 20 years ago
> A better option would be to just make tracking illegal, and heavily fine companies that are found to be doing it. And make it strict liability, so intent doesn't matter.
I don't think it's that easy though. The "just" is doing a lot of work in there. Consider:
Some websites have login with third-party credentials. It doesn't matter that you choose to use these for convenience, because intent doesn't matter, and it is a fact that both the Service Provider and the Identity Provider are tracking you. IdP knows which sites you are logging in to, and SP knows and stores your third-party identity (they might say they need it to know which account you're logging in to, but like I said, intent doesn't matter).
Hacker News is currently tracking me. They might say the cookie is needed for session stuff to work, but intent doesn't matter, and it is a fact that the cookie uniquely identifies me.
My web browser is tracking my mouse position. Mozilla might say they need it for styling stuff to work, but intent doesn't matter, and it is a fact that Mozilla's software is tracking my mouse position in real time (let's not even talk about browser history).
Your browser cache might have two HN posts where my comments appear. If that's the case, then it would be a fact that you are tracking which posts I am commenting on. Intent doesn't matter, so hopefully you're not a company (tracking is fine if you're an individual though (based on the quoted text)).
/s
Hopefully this ride down the slippery slope illustrates some subtleties, at least without a very precise definition of "tracking". But then again, if the definition is too precise, there's gonna be loopholes in the letter of the law; in that case we might say that we should also consider the spirit of the law, but "intent" is part of that.
You're taking exactly the right approach in my book. Thank you!
I don't know if they still do it, but last time I browsed Medium I found that it claimed to respect DNT, which is quite nice.
Lots of self-hosted analytics software also respects DNT out of the box and I don't think site administrators often bother to turn that off.
Still, the vast majority of websites probably ignores the header, especially since it's been deprecated as a standard. If you care about such things, maybe also consider looking into Sec-GPC, its intended replacement.
I do indeed check against both DNT and Sec-GPC (and navigator.doNotTrack and navigator.globalPrivacyControl in JS) basically treating them identically. GPC is ostensibly not about tracking itself, but about sharing data, though I just figured that data that isn't recorded can't be shared either.
There was a much more elaborate standard called P3P recommend by w3c in 2002. It apparently defined a description of how business can use personal data.
But apparently it was considered too complex and "lacking enforcement".
Now maybe if it survived till GDPR it could have it's enforcement, but Mozilla yanked support before that...
Did anyone else notice the object flying by @ 54:26? What was that? Looked bigger than a piece of dust, was moving much faster than the upper stage and payload. Is that normal? Did it pose any risk?
Interesting find! Earlier in the feed you can see a solid piece of oxygen [0] bouncing off the engine. The particle you mentioned is going past the spacecraft (forward), so I can't see it being solid oxygen. My guess is a piece of dust that is being illuminated, and the camera is picking up the reflection but is blurry, making the particle look bigger than it actually is.
It happens right as the spacecraft is recoiling from the separation impulse, so I'd guess it's something coming off from the top of the stage and passing by the camera.
They explained at another point in today's stream that the pieces you see flying around are solid oxygen from a drain on the second stage. Totally normal and you see it on every one of their launch streams!
A couple inches to the left and that dialog would have been comedy gold :b (Although more seriously, I'll speculate that it looks larger than it is because it's reflecting a lot of light).
https://en.wikipedia.org/wiki/Do_Not_Track#:~:text=The%20Do%....