Microsoft will give Windows 8 users 'Do Not Track' options for IE10

Goes with EU suggestion for 'first-run' choice on browser privacy feature

Microsoft today said users of Windows 8 will be able to change the default setting for the "Do Not Track" privacy feature in Internet Explorer 10 (IE10) when they first run the new operating system.

Do Not Track (DNT) signals whether a user wants online advertisers and websites to track his or her movements. All five major browsers -- Chrome, Firefox, Internet Explorer, Opera and Safari -- can send a DNT signal.

In May, Microsoft announced that DNT would be switched on by default for IE10. That stance has not changed -- if users take no action, the feature will be enabled -- but today the company's chief privacy officer noted that customers can modify the setting if they want.

Setting choices after installation but before software runs is often described as a "first-run" option.

"DNT will be enabled in the 'Express Settings' portion of the Windows 8 set-up experience," Brendon Lynch, Microsoft's chief privacy officer, said in a Tuesday post to a company blog. "There, customers will also be given a 'Customize' option, allowing them to easily switch DNT off if they'd like."

Like earlier editions of the operating system, Windows 8 will offer users alternatives when they first run the software. The Express option accepts the defaults Microsoft has set, including DNT, and is assumed if the user does nothing but proceed with the setup.

Customize lets users modify the default settings before running Windows 8 for the first time. "By using the Customize approach, users will be able to independently turn on and off a number of settings, including the setting for the DNT signal," Lynch promised.

When the user allows Express to complete the Windows 8 setup, they will see what Lynch called a "prominent notice" that tells them IE10 will have DNT switched on.

"Microsoft keeps Do Not Track by default in Win[dows] 8 and IE10, but makes it a first-run option. Hard to argue with that," said Jonathan Mayer in a Tuesday tweet.

Mayer, a researcher at Stanford's Center for Internet and Society (CIS), is one of two Stanford students who devised the HTTP header concept used by browsers to signal a user's DNT decision. He is also active in discussions by the Worldwide Web Consortium (W3C) standards-setting group to finalize DNT's implementation.

In the past, rivals have complained about how Microsoft structures its Express settings, and have claimed that few users select the Customize alternative.

Lynch said feedback drove Microsoft to spell out how IE10 will handle DNT.

"Since [May], we have conducted additional consumer research that confirmed strong support for our 'consumer-privacy-first' approach to DNT," claimed Lynch. "We have also discussed our point of view with many interested parties, who want to learn more about how our customers will first experience and control the DNT setting in IE."

It's clear there are "interested parties" in Microsoft's unilateral decision to turn on DNT.

In June, for example, European regulators urged the W3C to let Microsoft set DNT as on in IE10, even though the standards body leaned toward requiring users to explicitly making a choice.

At that time, Robert Madelin, who heads the European Commission's Information Society and Media Directorate-General, told the W3C that it was enough that users be informed of the default DNT setting and given the opportunity to change it.

Madelin also suggested that a first-run option, like the one Microsoft has adopted, would be appropriate and acceptable to EU officials.

In an interview two months ago with Computerworld, Mayer said at least two other browser vendors were interested in also pushing DNT through a first-run option. He declined to name the browser makers.

Online advertisers have balked at browsers that turn on DNT without asking users, essentially hoping that the standard will not be widely adopted if the signal must be manually switched on.

IE10 will also be available to Windows 7 users, but the process will be different for them, said Lynch. "Windows 7 customers using IE10 will receive prominent notice that DNT is turned on in their new browser, together with a link providing more information about the setting," he said.

Lynch's description could be read as meaning that there will be no first-run option when Windows 7 customers upgrade to the new browser. Microsoft was not immediately able to clarify what DNT choices Windows 7 users will see when they upgrade.

Microsoft has declined to disclose its release plans for IE10 on Windows 7.

Windows 8 -- and thus its version of IE10 -- will go on sale Oct. 26.

While Microsoft and the European Commission may see eye-to-eye on DNT, they are at loggerheads on other browser issues.

Last month, the Commission's top antitrust regulator threatened Microsoft with massive fines after the U.S. firm failed to offer 28 million European customers a choice of browsers.

Microsoft had agreed to show Windows users a browser ballot as part of a settlement it struck with the Commission in late 2009.

The Commission is also reportedly investigating charges that Microsoft has blocked rivals from harnessing the power of Windows 8 for their browsers.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed. His email address is

See more by Gregg Keizer on

Read more about privacy in Computerworld's Privacy Topic Center.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Gregg Keizer

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts