[fivre]

Cookie disclaimers at this point need to be taken to their logical conclusion: browser vendors and site operators should add a standard Yes-I-Know-What-Cookies-Are header to the next HTTP update, which can then be vomited at sites by default browser configuration to let them know it's okay to auto-hide the banner.

Hell, let's repurpose Do Not Track for it; it's not like it's being used for anything meaningful otherwise.

[stochastic_monk]

Does anyone honor Do Not Track requests?

[criley2]

I feel like honoring Do Not Tracks is like honoring deadbolts on wooden doors. Most people honor it, but you're not using it to keep those people out...

[jake_the_third]

I expect that the reason why most people honor the first is the high likelihood of getting caught or seen. This deterrent does not exist for web tracking.

I think it's more likely that most tracking companies ignore do not track.

[klapinat0r]

Medium comes to mind (for embedded) https://medium.com/policy/how-we-handle-do-not-track-request...

[wgx]

We do (at https://prodlytic.com) - if a client sends do not track, we treat every session as a new user. ie: We don't track that user across sessions.

[Frizi]

The DNT header reminds me of evil bit RFC [0]. It was funny back then, but times change I guess.

[0] https://www.ietf.org/rfc/rfc3514.txt

[colejohnson66]

Adafruit does. They put their YouTube videos behind a click if you send a “Do Not Track” header.

[LinuxBender]

Is anyone required to honor DNT requests? What happens if they don't?

[fenwick67]

It's totally voluntary.

[LinuxBender]

That was my understanding as well. I was not sure if perhaps recent legislation in the E.U. may have added any verbiage around that.

[Sylos]

The GDPR rather makes it obsolete, actually. DNT was meant as a general purpose opt-out, whereas the GDPR requires an explicit opt-in for most things.

And well, DNT could have had legal bearing, since most legislations in the world require you to stop tracking when the user tells you not to.

So, if the user goes and sets up this general purpose opt-out, you'd have to have some sort of argument why you're different than what the user had in mind when they turned DNT on.

Could have had that legal bearing. Microsoft as well as Google and Facebook killed it off pretty well.

Microsoft by turning it on by default in Internet Explorer. Meaning that there were now lots of instances where the user had not explicitely gone into the settings to turn it on (nor did they perform some other action that serves as reasonable sign that this is what they'd want, like going into InPrivate Browsing, or specifically installing a privacy-focused browser / operating system.)

Google and Facebook killed it off by saying right away that they would not respect it. With how many webpages bundle a Facebook Like button or Google: Analytics, ads, GStatic, ajax.googleapis.com, JQuery, fonts, ReCaptcha, Maps, YouTube etc.

As such, there were very few webpages left that could have chosen to respect it and no judge would have just ruled that everyone has to respect it. It would have killed the internet for a few months.