Mozilla will remove the “Do Not Track” privacy option from the Firefox browser, with the change already effective in development versions of the browser.
While Do Not Track is still available in stable releases of Firefox, it is retired in Firefox version 135, with the changes apparent in the latest Firefox Nightly development releases, according to Windows Report.
Do Not Track (DNT) is a feature that was first developed in 2009, with Firefox being the first browser to implement DNT in 2011. When DNT is activated, the browser sends out a header signal to websites indicating the user’s preference to not have their activity data collected, stored or shared.
However, as Mozilla states on its updated DNT support page, many websites ignore the header signal as there is typically no legal or regulatory requirement for them to respect it. Mozilla also stated that “in some cases, it can reduce privacy,” but did not provide further details about how DNT could negatively impact privacy.
SC Media submitted a media inquiry to Mozilla regarding potential privacy risks of DNT and did not receive a response.
There is evidence to suggest that DNT could give users a false sense of security. A survey by privacy-focused search engine company DuckDuckGo in 2019 found that more than three-quarters (77.3%) of respondents were not aware that companies could choose to ignore a user’s Do Not Track preference, including 41.4% of users who had the option enabled themselves.
The DuckDuckGo survey also found that about 23.1% of respondents had consciously enabled DNT on their browsers, which is typically not enabled by default, and that Firefox users were the most likely to have their DNT setting set to “always” compared with users of other major browsers. Nearly a third of Firefox users surveyed (32.3%) selected this option.
Firefox is not the first major browser to ditch the Do Not Track option: Apple removed it from Safari in March 2019, stating in its release notes that the reason was to “prevent potential use as a fingerprinting variable.” This suggests the possibility that a user’s DNT preference itself could be used by websites and advertisers as another piece of data to identify and track a user.
With the removal of DNT from Firefox, users will still have the option to use the “Tell websites not to sell or share my data” setting in the browser, which is based on the Global Privacy Control (GPC) header. GPC, first created in 2020, could be considered a more robust successor to DNT, as it sends similar header signals to websites but is more widely respected and is more strongly enforced through privacy laws like the California Consumer Privacy Act, as noted by the International Association of Privacy Professionals.
The CCPA states businesses cannot sell or share personal information from users who request to opt out, “including via a user-enabled global privacy control,” and in 2022, beauty retailer Sephora agreed to pay $1.2 million settlement with California for its alleged violations of the CCPA due to failures to honor GPC opt-out requests.
Firefox also has additional measures to block websites from tracking its users, including its Enhanced Tracking Protection, implemented in 2019, that blocks third-party tracking cookies by default.
