In 2002 the ePrivacy Directive was established to safeguard the privacy of European citizens using online services. It mandated giving individuals the ability to refuse the use of data stored in their online devices, complementing the 1995 Data Protection Direcive that regulated personal data processing. Despite this, the burgeoning surveillance industry largely disregarded this requirement. Instead, it ramped up lobbying efforts and initiatives aimed at influencing political processes against strict data protection and privacy legislation...

Recently US states such as California and Colorado have introduced laws demanding websites respect browser opt-out signals, or “universal opt-out mechanisms” indicating that consumers do not want their personal data used commercially or more generally do not want to tracked across websites and services. Existing examples of such browser based ...

The recent ruling of the Berlin Regional Court, reported by VZBV & tweeted by @peterhense, is important because websites will have to assume that people are exercising their right to object if their browsers have been set to send the "Do Not Track" header signal DNT:1.

Browser settings not enough to make the web safe from tracking Mike O'Neill, June 2023 ©2023, Baycloud Systems Ltd. All rights reserved. A decade after efforts to standardise #DoNotTrack were disbanded at the behest of Big Tech, attempts to drain the online tracking swamp via exclusively techniical mitigations continue to ...

Transparency via a Machine-readable Server Identity and Purpose Descriptor. Mike O'Neill, Febuary 2019 ©2019, Baycloud Systems Ltd. All rights reserved. Web pages often contain many, sometimes hundreds, of elements that initiate transactions with servers other than those managed by the top-level website. These "third-party" servers can collect personal data, link ...

Privacy protecting metrics for web audience measurement Mike O'Neill, February 2019 ©2019, Baycloud Systems Ltd. All rights reserved. The online advertisment ecosystem needs accurate information about how often advertisements are interacted with, and when they are viewed. Advertisers need to know where and how often their ads are showing to ...

The Charter of the the W3C Tracking Protection Working Group (TPWG) has expired, and the WG shut down, after publishing the Do-Not-Track technical document as a ' Note '. As the Note's introduction says, there has been very little attempt by browser companies to implement the necessary Consent API, and ...

The world’s biggest advertising group, WPP, through their media buying subsidiary GroupM have just issued a comment to the Do Not Track Tracking Preference Expression public list. Their position is close to that of some of the ad-tech and online media companies that have taken part in W3C discussions on ...

My mother's family are all from Aberdeenshire where I spent the best part of my childhood. We would relocate our company to Scotland in a heartbeat if it stays in the EU. So, I was not happy when a "digital law specialist" from Glasgow, Heather Burns, published my personal data ...

A proposal for restricting user indentifiers to site-specific contexts. The DNT Tracking Preference Expression document ( TPE ) allows for the registration and communication of site-specific consent, but there is no verifiable or transparent way to implement this using HTTP cookies. Although servers can stop using UID cookies when the ...