Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

How to ensure privacy in the age of HTML5

Chris Minnick and Ed Tittel | June 26, 2013
New APIs in the forthcoming HTML5 make it much easier for Web applications to access software and hardware, especially on mobile devices. The W3C is taking privacy seriously as it puts the finishing touches on HTML5, but there are still some important things to consider.

Solutions for Protecting Privacy Few and Far Between
The World Wide Web Consortium's Platform for Privacy Preferences Project (P3P) was designed several years ago to tackle just this sort of problem by creating a standard language websites could use to communicate their privacy policies. With P3P, browsers could inform users of site policies and even let them opt out of visiting sites with policies they weren't comfortable with. P3P never caught on with browser makers, however, and its work has been suspended.

Nowadays, the W3C's Privacy Interest Group and Tracking Protection Working Group represent just two of the ongoing efforts to increase and standardize security and privacy on the Web-and in HTML5.

Perhaps the most notable advance in browser privacy in recent months is the implementation of the Do Not Track (DNT) specification by all major browser makers. Some browsers, including Internet Explorer 10, have gone so far as to enable DNT by default.

DNT is a browser preference sent via the HTTP header to Web sites. As protections go, it's actually pretty weak, as websites currently must voluntarily abide by a user's preference to not be tracked.

Although the advertising industry has generally said it would respect DNT preferences, little has been done about it. The proposed California Right to Know Act of 2013, for example, would allow people to ask businesses for a report of what the business knows about them. After being opposed by Internet industry lobbying groups, the Right to Know act has been withdrawn from consideration for at least the rest of 2013.

Absent a viable voluntary mechanism for websites to disclose their policies, legislation looks like the only good solution to a problem that's only getting worse as marketers gather more data about users. The head of the Federal Trade Commission, Edith Ramirez, recently urged the ad industry to make good on it DNT promise. In the meantime, Do Not Track legislation has been proposed in Congress, and the issue receives more attention as the standard continues to be hashed out.

 

Previous Page  1  2  3  4 

Sign up for CIO Asia eNewsletters.