This document is a high-level plan for Mozilla's Do-Not-Track and related features (including non-feature efforts) that help users control how they are tracked across the web.
The underlying goals of this effort are to instill users with control over their data, provide greater transparency in data sharing practices, and in general bring consumers in touch with how their data is shared, brokered and used throughout the web. We will accomplish this through a variety of directions including incentives for disclosure of behavior, technology to remove ambiguities with respect to intent of consumers and sites, as well as technological levers to facilitate fair and honest use of consumers' private data.
In working towards a better web, we are focused on the following consumer-focused outcomes from this work. A user should be able to assert the following claims:
- I know what tracking is
- I know who is tracking me
- I can tell them to stop tracking me
- I can discern if they listened to my request to stop
- I can stop sites from tracking me if they don't listen
All of the features or efforts on this roadmap should aim for at least one of these outcomes.
Step 1: Do-Not-Track HTTP Header
Consumers need a way to tell web sites what they think of tracking. In its first incarnation, this voice is a DNT header broadcast as consumers' choice to "tell sites I do not want to be tracked." This feature may evolve into something slightly more complex, but the technology begins as a broadcast of what the user wants.
|P1||Implement DNT header||Done||Firefox 4||Sid Stamm||1,3|
|P1||Implement DNT header for Mobile||Done||Firefox 5||Sid Stamm||3|
|P2||Make DNT signal accessible from the navigator global object||Shipped - pending change||?||Sid Stamm||3|
|P2||Make DNT documentation and pref accessible from first-run page||Not Started||?||Sid Stamm||1,3|
Step 2: Visualizing Tracking
The next class of work that needs to be done to aid transparency and control in tracking is to show consumers exactly what's going on with their browsing history. We must make accessible to Firefox users the tracking beacon and first-third party relationships that show up as they browse the web.
|P1||Tracking Map||investigating places DB, creating script to mine it||Q3 2011||Sid Stamm||2|
|P2||Based on hit-relationship graph, create visual representation so users can identify which sites are tracking them (and from where)||Not Started (depends on graph creation)||?||Sid Stamm||1, 2|
Step 3: Establishing Trust
Once tracking can be identified, it's important for users to be able to discern "acceptable" tracking from "unacceptable" tracking and adjust how they interact with sites they trust.
|P2||Improve Site identity button to show more about how you've interacted with a site in the past (relationship gauge)||Not Started||?||?||3|
|P2||Opt-back-in-from-DNT capability (so sites can ask you to turn off DNT for their site||Not Started||?||Sid Stamm||2,4|
|P2||API for allowing sites to request use of third-party cookies||Not Started||?||?||2|
|P3||API for allowing sites to request various other capabilities like geolocation, a:ping, localstorage, etc||Not Started||?||?||2|
Step 4: Reducing Tracking from Untrusted Parties
Not all sites will honor simple requests, so it is necessary to build in features to enhance user control of tracking.
|P2||Alert mechanism or auto-disabling of third party cookies when excessive tracking is encountered.||Not Started||?||Sid Stamm||2, 4, 5|