Arvind Narayanan : 2011 Security Workshop


Monday, April 11, 2011
Location: Fisher Conference Center, Arrillaga Alumni Center

"Tracking on the Internet and the DoNotTrack Header"
11:15am - 11:45am


Online tracking is one of the hot-button privacy issues today. Third-party web tracking is pervasive: the average top-50 website incorporates 64 independent mechanisms for tracking visitors over time and across sites. It is also unpopular: numerous studies have shown the vast majority of Americans oppose the practice.

Do Not Track is a simple and universal mechanism to opt-out of third-party tracking: it is a single browser setting which triggers an HTTP header to be sent along with all web requests indicating to websites that the user does not wish to be tracked. It is superior to the cumbersome and failure-prone status quo of setting opt-out cookies. An evolving standards specification defines the steps that websites need to take to comply with the Do Not Track header.

Over the last several months, Stanford student Jonathan Mayer and I have created and maintained, a source and clearinghouse for technical specification and policy analyses of Do Not Track. In my talk I will describe the problems with tracking and a range of technical and policy solutions including Do Not Track.


Arvind Narayanan is a post-doctoral fellow at the Stanford Computer Science department and a Junior Affiliate Scholar at the Stanford Law School Center for Internet and Society. He studies privacy from a multidisciplinary perspective, focusing on the intersection between technology, law and policy. His research has shown that data anonymization is broken in fundamental ways, for which he jointly received the 2008 Privacy Enhancing Technologies Award. He is one of the researchers behind the "Do Not Track" proposal ( and blogs at