Presentation is loading. Please wait.

Presentation is loading. Please wait.

Do Not Track: A Universal Third- Party Web Tracking Opt Out draft-mayer-do-not-track-00 Jonathan Mayer Arvind Narayanan Sid Stamm.

Published byBryan Craig Modified over 8 years ago

Similar presentations

Presentation on theme: "Do Not Track: A Universal Third- Party Web Tracking Opt Out draft-mayer-do-not-track-00 Jonathan Mayer Arvind Narayanan Sid Stamm."— Presentation transcript:

1 Do Not Track: A Universal Third- Party Web Tracking Opt Out draft-mayer-do-not-track-00 Jonathan Mayer Arvind Narayanan Sid Stamm

2 One site, many sources

3 Tracking

4 Do Not Track HTTP header DNT = “DNT” “:” BIT 1 => opt out of tracking 0 => opt in to tracking absent => no expressed preference

5 User agent requirements MAY include a DNT header in any HTTP request SHOULD provide a user interface MAY adopt no-expressed-preference or opt- out by default MUST NOT transmit opt-in without user consent

6 Server policy Opt out: a server acting in a third-party capacity MUST NOT track a user or user agent unless subject to an exception.

7 Third party A third party is a functional entity with which the user does not reasonably expect to share data. – E.g., ad networks, analytics providers, social plug- in providers To approximate: – Public suffix plus one domain name (PS+1), or – PS+1 authoritative name servers, or – PS+1 of CNAME records.

8 Tracking Tracking includes collection, retention, and use of all data related to the request and response.

9 Exceptions Explicit user consent for tracking Third-party tracking exclusively on behalf of first party Data unlinkable to a user or UA Single site logs: 2 weeks Logs for ad fraud: 1 month Logs for security: 6 months Logs for financial fraud: 6 months

10 Server requirements Opt-out: server MUST NOT perform third- party tracking Opt-in: server MAY perform third-party tracking No-expressed-preference: server MAY perform third-party tracking (without inferring pref)

11 Server requirements Server SHOULD echo request header GET /thirdpartycontent.html HTTP/1.1 Host: thirdparty.example.com DNT: 1 HTTP/1.1 200 OK Date: Mon, 7 March 2011 01:23:45 GMT Server: Apache/2.2.17 (Unix) Content-Length: 123 Connection: close Content-Type: text/html; charset=UTF-8 DNT: 1

Download ppt "Do Not Track: A Universal Third- Party Web Tracking Opt Out draft-mayer-do-not-track-00 Jonathan Mayer Arvind Narayanan Sid Stamm."

Similar presentations

HTTP HyperText Transfer Protocol. HTTP Uses TCP as its underlying transport protocol Uses port 80 Stateless protocol (i.e. HTTP Server maintains no information.

HTTP HyperText Transfer Protocol. HTTP Uses TCP as its underlying transport protocol Uses port 80 Stateless protocol (i.e. HTTP Server maintains no information.
Web basics HTTP –http://www.ietf.org/rfc/rfc2616.txt –http://www2002.org/CDROM/refereed/444/ URI/L/Ns –http://www.ietf.org/rfc/rfc2396.txt HTML –http://www.w3.org/TR/html401/

Web basics HTTP – – URI/L/Ns – HTML –
IST 535 Week 1 Class Orientation / Review of Web Basics.

IST 535 Week 1 Class Orientation / Review of Web Basics.
HTTP Hypertext Transfer Protocol. HTTP messages HTTP is the language that web clients and web servers use to talk to each other –HTTP is largely “under.

HTTP Hypertext Transfer Protocol. HTTP messages HTTP is the language that web clients and web servers use to talk to each other –HTTP is largely “under.
9/16/2003-9/18/2003 The Application Layer and Java Programming September 16-18, 2003.

9/16/2003-9/18/2003 The Application Layer and Java Programming September 16-18, 2003.
Chapter 2 Application Layer Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross Addison-Wesley, July.

Chapter 2 Application Layer Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross Addison-Wesley, July.
CS 142 Lecture Notes: HTTPSlide 1 HTTP Request GET /index.html HTTP/1.1 Host: User-Agent: Mozilla/5.0 Accept: text/html, */* Accept-Language:

CS 142 Lecture Notes: HTTPSlide 1 HTTP Request GET /index.html HTTP/1.1 Host: User-Agent: Mozilla/5.0 Accept: text/html, */* Accept-Language:
2/9/2004 Web and HTTP February 9, 2004. 2/9/2004 Assignments Due – Reading and Warmup Work on Message of the Day.

2/9/2004 Web and HTTP February 9, /9/2004 Assignments Due – Reading and Warmup Work on Message of the Day.
Instructions for TAs Add these entries to your ‘hosts’ file: – 192.232.222.190 nsa.gov – 192.232.222.190 www.nsa.gov (also feel free to set up a dodgy.

Instructions for TAs Add these entries to your ‘hosts’ file: – nsa.gov – (also feel free to set up a dodgy.
Human-Computer Interface Course 5. ISPs and Internet connection.

Human-Computer Interface Course 5. ISPs and Internet connection.
DNS and HTTP CS 168. Domain Name Service Host addresses: e.g., 169.229.131.109 – a number used by protocols – conforms to network structure (the “where”)

DNS and HTTP CS 168. Domain Name Service Host addresses: e.g., – a number used by protocols – conforms to network structure (the “where”)
Web Server Design Week 5 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/10/10.

Web Server Design Week 5 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/10/10.
Krerk Piromsopa. Web Caching Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.

Krerk Piromsopa. Web Caching Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.
P3P A New Standard in Online Privacy Overview and Demos from Summer 2000.

P3P A New Standard in Online Privacy Overview and Demos from Summer 2000.
FTP (File Transfer Protocol) & Telnet

FTP (File Transfer Protocol) & Telnet
CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.

CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.
TCP/IP Protocol Suite 1 Chapter 22 Upon completion you will be able to: World Wide Web: HTTP Understand the components of a browser and a server Understand.

TCP/IP Protocol Suite 1 Chapter 22 Upon completion you will be able to: World Wide Web: HTTP Understand the components of a browser and a server Understand.
2: Application Layer1 CS 4244: Internet Software Development Dr. Eli Tilevich.

2: Application Layer1 CS 4244: Internet Software Development Dr. Eli Tilevich.
CS 190 Lecture Notes: Tweeter ProjectSlide 1 Uniform Resource Locators (URLs) Scheme Host.

CS 190 Lecture Notes: Tweeter ProjectSlide 1 Uniform Resource Locators (URLs) Scheme Host.
Copyright (c) 2010, Dr. Kuanchin Chen1 The Client-Server Architecture of the WWW Dr. Kuanchin Chen.

Copyright (c) 2010, Dr. Kuanchin Chen1 The Client-Server Architecture of the WWW Dr. Kuanchin Chen.

Similar presentations

Ads by Google