Do Not Track: A Universal Third- Party Web Tracking Opt Out draft-mayer-do-not-track-00 Jonathan Mayer Arvind Narayanan Sid Stamm.

Slides:



Advertisements
Similar presentations
HTTP HyperText Transfer Protocol. HTTP Uses TCP as its underlying transport protocol Uses port 80 Stateless protocol (i.e. HTTP Server maintains no information.
Advertisements

Web basics HTTP – – URI/L/Ns – HTML –
IST 535 Week 1 Class Orientation / Review of Web Basics.
HTTP Hypertext Transfer Protocol. HTTP messages HTTP is the language that web clients and web servers use to talk to each other –HTTP is largely “under.
9/16/2003-9/18/2003 The Application Layer and Java Programming September 16-18, 2003.
Chapter 2 Application Layer Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross Addison-Wesley, July.
CS 142 Lecture Notes: HTTPSlide 1 HTTP Request GET /index.html HTTP/1.1 Host: User-Agent: Mozilla/5.0 Accept: text/html, */* Accept-Language:
2/9/2004 Web and HTTP February 9, /9/2004 Assignments Due – Reading and Warmup Work on Message of the Day.
Instructions for TAs Add these entries to your ‘hosts’ file: – nsa.gov – (also feel free to set up a dodgy.
Human-Computer Interface Course 5. ISPs and Internet connection.
DNS and HTTP CS 168. Domain Name Service Host addresses: e.g., – a number used by protocols – conforms to network structure (the “where”)
Web Server Design Week 5 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/10/10.
Krerk Piromsopa. Web Caching Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.
P3P A New Standard in Online Privacy Overview and Demos from Summer 2000.
FTP (File Transfer Protocol) & Telnet
CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.
TCP/IP Protocol Suite 1 Chapter 22 Upon completion you will be able to: World Wide Web: HTTP Understand the components of a browser and a server Understand.
2: Application Layer1 CS 4244: Internet Software Development Dr. Eli Tilevich.
CS 190 Lecture Notes: Tweeter ProjectSlide 1 Uniform Resource Locators (URLs) Scheme Host.
Copyright (c) 2010, Dr. Kuanchin Chen1 The Client-Server Architecture of the WWW Dr. Kuanchin Chen.
Sistem Jaringan dan Komunikasi Data #9. DNS The Internet Directory Service  the Domain Name Service (DNS) provides mapping between host name & IP address.
Mastering Windows Network Forensics and Investigation Chapter 11: Text-Based Logs.
Tools for Web Applications. Overview of TCP/IP Link Layer Network Layer Transport Layer Application Layer.
Security and Performance Issues Mark J Cox UK Web Ltd.
How P3P Works Lorrie Faith Cranor P3P Specification Working Group Chair AT&T Labs-Research 4 February 2002
1 Introductory material. This module illustrates the interactions of the protocols of the TCP/IP protocol suite with the help of an example. The example.
Proxy Lab Recitation I Monday Nov 20, 2006.
Web Server Design Week 8 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 3/3/10.
1 CS 4396 Computer Networks Lab TCP/IP Networking An Example.
Web Server Design Week 4 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/03/10.
Web Server Design Assignment #1: Basic Operations Due: 02/03/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin.
CIS679: Lecture 13 r Review of Last Lecture r More on HTTP.
A Little Bit About Cookies Fort Collins, CO Copyright © XTR Systems, LLC A Little Bit About Cookies Instructor: Joseph DiVerdi, Ph.D., M.B.A.
1-1 HTTP request message GET /somedir/page.html HTTP/1.1 Host: User-agent: Mozilla/4.0 Connection: close Accept-language:fr request.
Form Data Encoding GET – URL encoded POST – URL encoded
WWW: an Internet application Bill Chu. © Bei-Tseng Chu Aug 2000 WWW Web and HTTP WWW web is an interconnected information servers each server maintains.
Web Server Design Assignment #2: Conditionals & Persistence Due: 02/24/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010.
WEB SERVER Mark Kimmet Shana Blair. The Project Web Server Application  Receives request for web pages or images from a client browser via the internet.
2: Application Layer 1 Chapter 2: Application layer r 2.1 Principles of network applications  app architectures  app requirements r 2.2 Web and HTTP.
ECMM6018 Enterprise Networking for Electronic Commerce Tutorial 7
The Basics of HTTP Jason Dean
Web Server Design Week 7 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/24/10.
Web Server Design Week 13 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 4/7/10.
A quick overview of Network communications A quick overview of Network communications Anthony Lomax Anthony Lomax Scientific Software Mouans-Sartoux, France.
Data Communications and Computer Networks Chapter 2 CS 3830 Lecture 7 Omar Meqdadi Department of Computer Science and Software Engineering University of.
Web Server Design Week 6 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/17/10.
1 Introductory material. This module illustrates the interactions of the protocols of the TCP/IP protocol suite with the help of an example. The example.
WEB1P webarch1 Web architecture Dr Jim Briggs. WEB1P webarch2 What is the web? Distributed system Client-server system Characteristics of clients and.
Web Server Design Week 10 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 3/17/10.
Web Server Design Week 5 Old Dominion University Department of Computer Science CS 495/595 Spring 2012 Michael L. Nelson 02/07/12.
CMPE 494 Service-Oriented Architectures and Web Services Platform for Privacy Preferences Project (P3P) İDRİS YILDIZ
Web Programming Week 1 Old Dominion University Department of Computer Science CS 418/518 Fall 2007 Michael L. Nelson 8/27/07.
Web Server Design Week 13 Old Dominion University Department of Computer Science CS 495/595 Spring 2012 Michael L. Nelson 04/03/12.
Web Server Design Week 15 Old Dominion University Department of Computer Science CS 495/595 Spring 2009 Michael L. Nelson 4/20/09.
Some from Chapter 11.9 – “Web” 4 th edition and SY306 Web and Databases for Cyber Operations Cookies and.
Web Server Design Week 6 Old Dominion University Department of Computer Science CS 495/595 Spring 2006 Michael L. Nelson 2/13/06.
Web Cacheability of CRLs David Groep, Jan 26 th, 2009.
Block 5: An application layer protocol: HTTP
HTTP – An overview.
How P3P Works Lorrie Faith Cranor P3P Specification Working Group Chair AT&T Labs-Research 4 February
Computing with C# and the .NET Framework
Latest Updates on BlackHawk Mines Music : Privacy Policy
Web Statistics Statistics collected from
Uniform Resource Locators
HTTP Request Method URL Protocol Version GET /index.html HTTP/1.1
Web Server Design Week 15 Old Dominion University
Web Server Design Week 10 Old Dominion University
Uniform Resource Locators
Web Server Design Week 14 Old Dominion University
Presentation transcript:

Do Not Track: A Universal Third- Party Web Tracking Opt Out draft-mayer-do-not-track-00 Jonathan Mayer Arvind Narayanan Sid Stamm

One site, many sources

Tracking

Do Not Track HTTP header DNT = “DNT” “:” BIT 1 => opt out of tracking 0 => opt in to tracking absent => no expressed preference

User agent requirements MAY include a DNT header in any HTTP request SHOULD provide a user interface MAY adopt no-expressed-preference or opt- out by default MUST NOT transmit opt-in without user consent

Server policy Opt out: a server acting in a third-party capacity MUST NOT track a user or user agent unless subject to an exception.

Third party A third party is a functional entity with which the user does not reasonably expect to share data. – E.g., ad networks, analytics providers, social plug- in providers To approximate: – Public suffix plus one domain name (PS+1), or – PS+1 authoritative name servers, or – PS+1 of CNAME records.

Tracking Tracking includes collection, retention, and use of all data related to the request and response.

Exceptions Explicit user consent for tracking Third-party tracking exclusively on behalf of first party Data unlinkable to a user or UA Single site logs: 2 weeks Logs for ad fraud: 1 month Logs for security: 6 months Logs for financial fraud: 6 months

Server requirements Opt-out: server MUST NOT perform third- party tracking Opt-in: server MAY perform third-party tracking No-expressed-preference: server MAY perform third-party tracking (without inferring pref)

Server requirements Server SHOULD echo request header GET /thirdpartycontent.html HTTP/1.1 Host: thirdparty.example.com DNT: 1 HTTP/ OK Date: Mon, 7 March :23:45 GMT Server: Apache/ (Unix) Content-Length: 123 Connection: close Content-Type: text/html; charset=UTF-8 DNT: 1

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.