Apple takes privacy very seriously. It takes its leadership in that care seriously, and getting rid of the voluntary ‘Do Not Track’ setting in its Saf
Apple takes privacy very seriously. It takes its leadership in that care seriously, and getting rid of the voluntary ‘Do Not Track’ setting in its Safari browser is the right decision.
Why disabling Safari’s Do Not Track feature is the right thing to do
Apple introduced support for Do Not Track (DNT) in iOS 7, but removed the feature in Safari 12.1.
The problem with DNT is that the signal it sends to websites, analytics firms, plug-in makers and ad networks is a voluntary request, and can be ignored.
There is no penalty if an organization fails to honor your request, the DuckDuckGo blog reminds us – even though a big chunk (over 20 percent) of surfers want to be left alone.
The private by design search company puts it this way, saying that the voluntary nature of DNT makes it: “About as fool proof as putting a sign on your front lawn that says “Please, don’t look into my house” while all of your blinds remain open.”
However, a huge chunk of people who use DNT are unaware that it is a voluntary scheme and have no idea their request is not being honoured.
They think they are safe from unregulated prying eyes.
They are not.
On trust and ethics
The list of online entities who do not respect DNT requests includes all the usual privacy-eroding suspects, such as Google, Facebook and Twitter. Medium, Pinterest and Reddit do honor these requests, which rather suggests you can find alternative ways to make a business.
It seems reasonable to expect the biggest and most profitable online firms in the world might choose to at least pay lip service to the wishes of the customers who put them there. In current circumstances, with politicians echoing Apple CEO Tim Cook in demanding digital bills of rights for users, you’d think large firms would see the direction of travel and take leadership in this.
I believe it is shameful that they do not.
There are some mitigating circumstances: A bank might use this kind of tracking in order to detect that a browser is logging into an account from an unfamiliar location, while ad networks may need this information to help prevent click fraud.
All the same, the hard truth is that if you are relying on your DNT request to prevent yourself from being tracked online, it’s highly probable you are being tracked anyway.
What can we do?
There are several ways to limit the information you provide.
Apple continues to boost privacy
Apple is taking steps to help educate its users.
In a note explaining the move to abandon DNT, it observed that in a great twist of irony, making the request itself has become a unique feature some parties use to track you as part of a package of fingerprinting techniques.
(Fingerprinting is when online entities use unique features about your device, such as OS, model and so on, to identify you as you travel online).
These aren’t the only steps Apple has taken. The latest version of Safari also includes the following measures designed to help improve your personal control of online privacy:
- It has introduced new controls to prevent VR/AR assets on websites tracking user behavior.
- Apple has improved Intelligent Tracking Prevention to limit long-term tracking.
- Safari users will be warned when visiting sites that don’t have SSL.
- Safari also warns users when they try to visit sites that are flagged as phishing or malicious sites.
- Safari will now log people into sites automatically when the Password AutoFill function fills in credentials on a site.
In conjunction with Apple’s existing security and privacy features there really is no doubt which platform/service provider most respects what its customers need.
This commitment to privacy is good for users, and good for any enterprise that doesn’t want its business-related online activity tracked and analysed without express permission being made.
It’s also good for the future of a digitally-connected planet, in which online identity has been weaponized and even the smallest chink in security can be exploited with major impact on fraud and infrastructure security.