Apple Removing “Do Not Track” Placebo from Safari in Favor of Intelligent Tracking Prevention

Apple will be removing the “Do Not Track” feature in Safari 12.1, citing it as an “expired standard” that actually has the potential to decrease user privacy, preferring to instead focus on its new Intelligent Tracking Prevention feature that debuted with iOS 11 and macOS High Sierra.

According to the Safari 12.1 release notes, the upcoming version of the browser, which is already included in the iOS 12.2 and macOS 10.14.4 betas, will “Remove support for the expired Do Not Track standard to prevent potential use as a fingerprinting variable.” The release notes also indicate security improvements to Intelligent Tracking Prevention, adding “new permission requirements for third-party cookies and new limits for long-term tracking.”

While “Do Not Track” sounds like a great idea, ostensibly offering the ability for users to prevent themselves from being tracked on the web with the simple flick of a switch, in practical application it has absolutely no effect. The setting promised to “send a special signal to websites, analytics companies, ad networks, plug in providers, and other web services you encounter while browsing to stop tracking your activity” but the problem is that nobody was actually required to pay any attention to this “special signal.”

In short, when the setting was enabled, the request made by Safari (and other browsers) would be essentially falling on deaf ears. While many web sites may not have explicitly chosen to ignore the request, there was little motivation for developers to take the time to honor it either.

However, since many users don’t understand this, and it’s very easy to take a setting that says “Do Not Track” at face value, it actually offered a false sense of security, potentially doing more harm than good. A recent study by privacy-focused search engine DuckDuckGo found that 23–25 percent of U.S. adults had consciously enabled the setting in various browsers, and that almost half of the respondents who were even “slightly familiar” with the setting had no idea that it is entirely voluntary for websites to respect it, and that most major tech companies in fact do not.

It can be alarming to realize that Do Not Track is about as foolproof as putting a sign on your front lawn that says “Please, don’t look into my house” while all of your blinds remain open. In fact, most major tech companies, including Google, Facebook, and Twitter, do not respect the Do Not Track setting when you visit and use their sites – a fact of which 77.3% (±3.6) of U.S. adults overall weren’t aware.

DuckDuckGo

“Do Not Track” was originally added to Safari several years ago, making its debut in OS X Lion in 2011. While the standard, which was proposed by the FTC in 2010, seemed like a good idea at the time, it was never made mandatory for either browsers or websites.

Apple also notes that dropping support for “Do Not Track” will prevent its “potential use as a fingerprinting variable,” suggesting that turning the feature on can actually be a privacy risk. While Apple doesn’t expand upon what it means by this, since “Do Not Track” sends a signal with every browsing session, it does provide an additional “fingerprint” that can be used by advertisers and analytics companies with no actual benefit to the user in return.

Apple’s removal of “Do Not Track” is a positive step overall, since it will take away the false sense of privacy that was inferred by the setting. Instead, Apple will continue to focus on its Intelligent Tracking Prevention, which has already been proven to have tangible benefits, as evidenced by the amount of negative feedback that it’s been getting from advertisers. Intelligent Tracking Prevention was released in the fall of 2017 with iOS 11 and macOS High Sierra, and significantly improved into a “version 2.0” with iOS 12 and macOS Mojave last fall.