HTTP DNT (Do-Not-Track) Demystified
Do Not Track Logo |
The Do Not Track (DNT) header is the proposed HTTP header field DNT that requests that a web application should disable its tracking of an individual use. This feature is currently being standardized by W3C, and will function similar to Do Not Call registry. Today, there is no clear definition what it means to be "tracked" (according to IETF draft: Tracking includes collection, retention, and use of all data related to the request and response), advertisers aren't legally bound to comply the Do Not Track requests, and it still remains up to application developers to implement.
Lets assume you want to be the one app developers who foresees that DNT will be mandatory in next 12 months and would like to incorporate this in your app. How would you detect if user has enabled it?
Depending on browser and your app nature, you have two options:
- Use HTTP headers
- Use JavaScript variables
In PHP, you would detect it from $_SERVER variables:
<?php echo (isset($_SERVER['HTTP_DNT']) && (1 == $_SERVER['HTTP_DNT'])) ? 'DNT Enabled' : 'DNT Not Enabled' ?>
In JavaScript you would try something like this:
<script type="text/javascript"> console.log(navigator.doNotTrack); console.log(navigator.msDoNotTrack); // for IE9 </script>
For most of the browsers, this setting is buried deep under the settings; however according to Microsoft, this option is turned now on by default since December 2012, and there is no turning back.
Big companies like Google and Facebook claim that this is too complicated for end users to understand, and have decided to ignore this setting. Both are heavily focused on retargeting and one-to-one marketing, which essentially is relying on 3rd party cookies and tracking your behavior. Should you follow the big leaders, or will you respect opt-out settings by browsers?
Want to know more, visit http://donottrack.us
Comments
Post a Comment