Security

Do-Not-Track Tools: Hands-On Showdown

Online tracking is a hot topic these days, with the Obama administration and the Federal Trade Commission calling for tougher online privacy protections. The FTC recently issued a report urging voluntary practices for online businesses regarding data collection. Another popular proposal suggests building a universal do-not-track function into future Web browsers.

Do-Not-Track Tools: Hands-On Showdown

The proposed universal do-not-track tool won't be particularly robust, since it would simply make your browser send a "please don't track me" request to a website. Given the past misbehaviors of Internet behemoths such as Facebook and Google, it's hard to put much faith in a solution that depends on the best intentions of site owners.

Nevertheless, that’s the gist of the FTC’s appeal to Internet businesses for voluntary cooperation. Specifically, the agency suggests that privacy controls should be incorporated into new products and services by design (including that do-not-track feature in every browser, perhaps); that consumers should have simple ways to control their personal information; and that corporate data-collection practices should be transparent.

Do-Not-Track Tools: Hands-On Showdown

On balance, however, most of us pay via our eyeballs and our personal data for the majority of the information we access online. Targeted ads--sometimes laughably off-base, sometimes appropriate based on demographics--pop up on many sites in lieu of a paywall. If you really hate the ads, or if you don’t want to share anything about yourself and your browsing habits, you might shell out for ad-free access to a site.

The key here is the call for transparency. Sites commonly use cookies, a bit of code, to recognize you the next time you return. In some cases, cookies are an important part of the way the Web works. You couldn't click a Facebook "Like" button and have it work automatically, for example, without a cookie from the social network determining that you were signed in to Facebook.

But some cookies follow you around the Web. These tracking cookies, stashed in your browser, note your browsing habits and online activity, and can help a tracking company determine appropriate ads. Companies may serve up the ads directly, or sell your data.

The FTC’s proposals ask that privacy be the default, that sites’ collection habits be clear, and that browsers provide some protection from tracking--but remember, those are all just suggestions.

If you really want to stop sites from tracking you, and if you don’t want to rely on a site’s goodwill, you can turn to several browser add-ons that will shield your Web browsing habits from a host of advertising and behavioral-tracking technologies--or at least alert you to their interest, and enable you to grant or reject the request.

Here's a hands-on look at three tools designed to keep your browsing activity private.

AVG Do-Not-Track

AVG's free antivirus program for Windows now comes with a Do-Not-Track browser add-on that works with Google Chrome, Mozilla Firefox, and Microsoft Internet Explorer.

To get started, download AVG 2012 and then run an update to obtain the add-on. Current AVG users will receive the new tool as an automatic update. AVG automatically installs its Do-Not-Track feature in any of the three browsers available on your system.

Immediately after installation, decide whether you want AVG's Do-Not-Track tool to alert you whenever it detects a tracking cookie. To enable this feature, click the AVG icon and select Alert me when active trackers are detected. However, I don’t recommend activating the automatic alert, since it causes the AVG add-on to produce a pop-up window every time it detects cookies on a page; considering that almost every website has some form of tracking on it, dealing with these pop-ups can become tedious pretty quickly.

Settings: Although AVG automatically blocks a wide variety of ad networks by default, it doesn't block several social and Web-analytics features. Among the trackers it leaves unblocked are Comscore Beacon, Facebook Connect, Facebook Social Plugins, Google +1, Google Analytics, LinkedIn, LinkedIn Button, Twitter Button, and Yahoo Analytics. If you'd like to block some of those items, click the AVG Do-Not-Track icon, select Settings, and choose cookies under 'Block the following'.

AVG also adds a "do-not-track" header to your browser. This tells websites that honor the header to respect your wishes and not attempt to set any tracking cookies.

Browsing the Web: AVG's Do-Not-Track add-on keeps a running count of how many trackers it detects on a single page as that page loads. On PCWorld.com, for example, AVG found four trackers: two Web analytics trackers and two social buttons. The tool didn't block any of them, however, since by default it wasn't set to stop such cookies.

When AVG detects a cookie that it is set to block, the tool shows that cookie's name in the pop-up window with a line crossed through it. To see more detailed information about a tracker, you can hover over its entry in the pop-up window.

In the example shown here, AVG is telling me about the Bizo advertising cookie on the Wall Street Journal site. I can see that the cookie collects personal and nonpersonal data, and that it shares its data with third parties. To report on what kinds of data each tracking cookie collects, AVG pulls information from the privacy policy of the company setting the cookie.

Bottom line: In my tests, AVG's browser add-on appeared to work decently, but it was less robust than the other tools I tried. To its credit, AVG allows you to modify which cookies it blocks and which ones it doesn't. The downside, though, is that you must download and install the entire AVG antivirus program to get the Do-Not-Track tool. That's problematic, since AVG still has some bad habits such as installing browser toolbars and attempting to switch your browser's search provider by default.

Next Page: DNT+, Ghostery, and Other Options

Subscribe to the Security Watch Newsletter

Comments