I am not a Google employee but Chrome does not send the dnt header in incognito mode. It only sends it when you have it turned on, in which case it will send it in both regular and incognito mode.
I don't think it does. One possible explanation is that they don't want the "Edge Effect". If the header is set by everyone than people will just ignore it. Since Edge started setting it for everyone the header is basically useless already.
It would also provide an interesting way to identify incognito users which chrome has been trying to prevent websites from doing it. Of course it won't be perfect, but probably more than 99% of DNT headers would be incognito if they did this because I would bet that very few people enable it manually.
It takes active effort to break into a house. It takes zero effort to ignore a header. It's more akin to everyone having a sign on their yard that says "Please don't break into this house."
> In a nutshell, no, door to door solicitation isn’t illegal. But if you have a no soliciting sign posted on your property, and the salesperson is refusing to vacate the property, they can be assessed trespassing fines and possible legal charges.
> But if you have a no soliciting sign posted on your property, and the salesperson is refusing to vacate the property, they can be assessed trespassing fines and possible legal charges.
How is this different from when you don't have the sign? Do they get to refuse vacating the property without trespassing in that case?
I'm not sure if they do, but one potential reason not to do it is that setting DNT literally gives the server 1 additional bit of information about your configuration. This could be used to track you more effectively.
1 extra bit is the last of my concerns, there's plenty of bits to uniquely fingerprint a browser anyways. I'd gladly trade one inconsequential bit, which requires malicious intent to misuse, to keep my privacy safe when dealing with honorable entities like, I presume, Google.
Oh, there is so much more that can go into a browser fingerprint. There is no one, single "browser fingerprint." Basically any API your browser exposes can leak information that can be used for fingerprinting. See: https://panopticlick.eff.org/
I don't understand. There are dozens, if not hundreds, or even thousands of bits to use to identify any given browser, but providing one extra such bit that politely asks 'Do Not Track' is now a problem because it makes tracking slightly easier?