It means nothing "do not track" never worked.
this post was submitted on 10 Dec 2024
78 points (94.3% liked)
Privacy Guides
16988 readers
2 users here now
In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.
This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.
You can subscribe to this community from any Kbin or Lemmy instance:
Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!
Want to get involved? The website is open-source on GitHub, and your help would be appreciated!
This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.
Moderation Rules:
- We prefer posting about open-source software whenever possible.
- This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
- No soliciting engagement: Don't ask for upvotes, follows, etc.
- Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
- Be civil, no violence, hate speech. Assume people here are posting in good faith.
- Don't repost topics which have already been covered here.
- News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
- Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
- No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
- No misinformation: Extraordinary claims must be matched with evidence.
- Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
- General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.
Additional Resources:
- EFF: Surveillance Self-Defense
- Consumer Reports Security Planner
- Jonah Aragon (YouTube)
- r/Privacy
- Big Ass Data Broker Opt-Out List
founded 2 years ago
MODERATORS
That is exactly the reason for this change. It often didn't work and probably makes you easier to fingerprint.
The new thing is the same but worse.
This option is built on top of the Global Privacy Control (GPC). GPC is respected by increasing numbers of sites and enforced with legislation in some regions.
Sounds like Mozilla at least think it's better
That doesn't absolve them.
With the feature removed, websites can act like they didn't even go against my wishes.
There’s nothing to “absolve.” Feature was worthless.
ᵗᵃᵏᵉ ᵇᵃᶜᵏ ᵗʰᵉ ʷᵉᵇ
However, as we approach 2025, with growing concerns about online privacy and data protection, Mozilla believes that DNT is no longer an effective privacy measure. Many websites ignore the DNT signal. Therefore, Mozilla has removed the DNT signal from Firefox version 135.
...
Mozilla believes that privacy preference is not honored by websites and that sending the Do Not Track signal may impact your privacy. The company has updated Firefox’s Do Not Track help support page to confirm that.
...
The company recommends using the Global Privacy Control setting as an alternative to prevent websites from tracking user data.
I think the article made a typo that claims GPC is the same as DNT.
When you enable the feature, the GPC sends a signal... This signal is sent via a special HTTP header called DNT: 1 (Do Not Track)
But the GPC spec does say it sends a new signal: Another header (like DNT) and a JavaScript variable the client would set. I don't see why this couldn't be used for tracking too.
A user agent MUST generate a Sec-GPC header
So if it generates a header, it can still be used for fingerprinting, but this header is actually less restrictive for what the receiver must do.
DNT was "do not track," and GPC is "do not sell:
GPC is also not intended to limit a first party’s use of personal information within the first-party context (such as a publisher targeting ads to a user on its website based on that user’s previous activity on that same site).
If you wish to ask websites to respect your privacy, you can use the “Tell websites not to sell or share my data” setting. This option is built on top of the Global Privacy Control (GPC). GPC is respected by increasing numbers of sites and enforced with legislation in some regions.
So is the difference that DNT was asking for no tracking at all while this GPC setting allows for tracking data to be created but not forwarded to third parties? That seems reasonable, not all "tracking" is malicious. Though I wonder why, if DNT isn't respected, any other vaguely similar setting would be.
Some company got sued or smth for ignoring gpc and it was ruled to legally count as opting out of data sharing