Do Not Track – Tracking? No thanks!

Do not track: HTTP header

Enable or disable tracking, that is the question. Being tracked makes many of us feel uncomfortable – whether in the analogue or digital world.But personal user data is exactly what almost every company is after, because such data can be excellently converted into money. Cookies, tracking pixels and other website tracking methods are welcome helpers.

On the other hand, it is in the interest of many Internet users to browse the vastness of the World Wide Web as anonymously as possible and, at best, not to disclose any personal data. This is where the so-called “Do Not Track” technology comes into play. In this article, you will find out what exactly is behind this method, how effective it is and how website operators can easily implement online tracking in a legally compliant manner.

Attention: This article is not legal advice! We as developers of WordPress plugins and contractors of website projects have dealt intensively with this topic, as it is essential in our daily work. However, we are neither lawyers, nor can we guarantee the completeness, timeliness and accuracy of the following information. In case of doubt, always consult a lawyer.

Do Not Track – what is that?

It is advisable to clarify in advance what exactly “tracking” means. The term “tracking” means something like “to follow”. The internet user is followed through the internet. In the course of this, data is recorded and, if necessary, collected, evaluated and used. In a separate article, we explain tracking on the internet in detail and how it works.

“Do Not Track” – often also spelled “donottrack” – is a web technology that is offered in almost every browser. More precisely, the Do Not Track function is an HTTP header field that automatically informs websites that the website visitors do not want their data to be collected and stored.

What data can be tracked?

Now that we have clarified the definition of Do Not Track or tracking in general, the question arises as to what data can be collected at all. The aim of tracking is to collect personal data – i.e. data that contribute to the identification of a person. You can read more about this in our separate article.

Is tracking dangerous?

Many internet users prefer to prevent tracking when browsing. Tracking has its good and bad sides. However, according to many data protectionists, the latter dominates.

Among other things, tracking cookies can help to significantly improve the user experience when browsing the internet, for example by retrieving stored information when a website is visited again. Tracking data can also be used to identify possible errors on a website and thus improve the user experience.

However, tracking cookies also have their downside. Data can be collected by third parties without you as a website visitor being aware of it. This data can then be used for advertising purposes or shared with other companies.

How does Do Not Track work?

The Do Not Track feature is disabled by default in most browsers, but can be enabled with just a few clicks.

For example, if you want to enable Do Not Track in Google Chrome, follow these steps:

  1. After you have opened the Chrome browser, click on the menu symbol in the top right-hand corner, which consists of three dots arranged vertically below each other.
  2. Then click on Privacy and Security → Cookies and other site data.
  3. Now you can activate or deactivate the function under Send a “Do Not Track” request with your browsing traffic.
  4. Done!

The Do Not Track setting can also be enabled and disabled super easily in Firefox. By the way, the function is already activated in private windows. To activate it manually, proceed as follows:

  1. Open Firefox.
  2. Click on Settings in the menu bar at the top.
  3. Go to Privacy & Security. You will now see the section Enhanced Tracking Protection under Browser Privacy.
  4. Under Send websites a “Do Not Track” signal that you don’t want to be tracked, you can now specify whether DNT should be executed or not. If you want to always enable DNT click on Always.

For website operators: A Do Not Track header is constructed in such a way that there is a 1 in the header field, which tells the respective website that the visitor does not want to be tracked. A 0 or another entry leads to the website being signalled that the visitor has no problem with tracking.

Do Not Track and the GDPR

Tracking and data protection are definitely not best friends. Advocates of data protection are of the opinion that Do Not Track headers are an effective means of taking action against the unwelcome processing of personal data within the meaning of Article 21 (5) of the GDPR.

The fact is that GDPR-compliant tracking can only take place if the user gives the active and informed consent and can revoke this consent at any time. The consent must be given according to the so-called opt-in procedure.

How useful is the Do Not Track function?

At first glance, the Do Not Track header seems to make a lot of sense. However, unfortunately only in theory because the signal that DNT (Do Not Track) sends is practically more wish than reality. Many websites do not take the Do Not Track mode very seriously because website operators are not obliged to evaluate the signal. That is why the giant Apple has declared the supposed tracking protection ineffective and has already removed it from its own browser.

This raises the question: Should you enable or disable the Do Not Track header?

First of all, the DNT function is switched off by default in modern browsers. In addition, many search engines – including the big player Google – do not comply with the Do Not Track command. Therefore, the Do Not Track header is only a request, but does not effectively prevent you from being tracked.

Is there an alternative to the Do Not Track header?

A better alternative to the Do Not Track header for website visitors are browser extensions such as adblockers. An adblocker is usually able to recognize and hide advertisements placed on a website. This means that website visitors are spared the display of advertising that is often perceived as annoying. Furthermore, adblockers can prevent user tracking by blocking the storage of cookies from specific advertisers.

However, there are also legally binding regulations for website operators so that they are not simply allowed to track everything and everyone at will.

Cookie Banner

According to the GDPR, the setting of non-essential cookies and the processing of personal data may generally only take place after the user has given active and informed consent – also known as the opt-in procedure. The easiest way to implement this is with the help of a cookie banner.

Global Privacy Control [Not legally binding]

Another alternative to the non-mandatory Do Not Track header is the Global Privacy Control (GPC) project. The initiative already has many supporters who want to work to protect the privacy of internet users.

The initiative advertises with the following slogan:

Online privacy should be accessible to everyone. It starts with a simpler way to exercise your rights.

The GPC feature can be installed in some browsers and plugins. It tells websites that they are not allowed to sell the personal data of the user concerned when visiting the website. In this respect, the GPC differs from many existing data protection tools, because these do not allow tracking, but nevertheless sell user data themselves.

Legally compliant tracking with Real Cookie Banner

With the Cookie Consent Plugin Real Cookie Banner, you can easily and quickly track your website visitors in accordance with the GDPR and ePrivacy Directive. Real Cookie Banner can automatically evaluate the Do Not Track header for you – if you wish.

Even before the user has full access to your website, they can give their consent to the setting of non-essential cookies and the processing of personal data. In this way, you kill three birds with one stone: you can collect relevant user data, provide your users with effective tracking protection and at the same time stay within the realm of the legal.