AdguardBrowserExtension icon indicating copy to clipboard operation
AdguardBrowserExtension copied to clipboard
verified publisher icon AdguardTeam

'Do Not Track' feature should be removed from the Tracking Protection section

Open SeriousHoax opened this issue 5 months ago • 15 comments

Issue Details

The Do Not Track feature is not respected by most websites and in fact often it is used for the purpose of tracking. Firefox in version 135 removed it from their browser for this reason. Apple removed it from Safari in 2019.

Image

Relevant links: https://techcrunch.com/2024/12/11/mozilla-removes-do-not-track-setting-from-firefox-because-it-was-useless/ https://gizmodo.com/do-not-track-the-privacy-tool-used-by-millions-of-peop-1828868324 https://umatechnology.org/why-enabling-do-not-track-doesnt-stop-you-from-being-tracked/

Proposed solution

The Ask websites not to track you feature should only support Global Privacy Control.

Image

Alternative solution

This should be done not just for the AdGuard Extension but also for all AdGuard products like AdGuard for Windows, AdGuard for Android and so on.

SeriousHoax avatar Jul 15 '25 16:07 SeriousHoax

@SeriousHoax Hello! Thanks, we'll think about it

dmitriivqa39 avatar Jul 16 '25 14:07 dmitriivqa39

@SeriousHoax

Yes, I also find the coexistence of GPC+DNT annoying. So I disabled the setting. I wrote a rule that enables GPC on the client side. The rule resolves 2/3 of the test specifications:

Image

, but unfortunately an extension is required on the server side. I chose to use ModHeader - Modify HTTP headers to send Sec-GPC 1.

Image Image

SampeiNihira avatar Aug 10 '25 17:08 SampeiNihira

@SampeiNihira Thanks for the suggestion. I was able to set it up using your suggested extension. But what rule do you use for the client-side detection? I am having to use an userscript. Is it possible via an adblock rule?

SeriousHoax avatar Aug 10 '25 19:08 SeriousHoax

Enter this rule I wrote in AG:

*#%#//scriptlet('set-constant', 'navigator.globalPrivacyControl', 'true')

P.S.

Of course, the opposite approach would also be possible. Leave the GPC+DNT setting enabled and block “navigator.doNotTrack” with a rule, + block HTTP DNT with ModHeader.

But my first method is better because it can also be exported to other adblockers, such as uBlock Origin. Obviously, with a different rule syntax to be entered in my filters.

SampeiNihira avatar Aug 10 '25 21:08 SampeiNihira

@SampeiNihira Thanks for the simple solution. I was asking AI chatbots before seeing your answer and none of them suggested using scriptlet. After giving ChapGPT this scriptlet it suggested to me use trusted-set-constant.

*#%#//scriptlet('trusted-set-constant', 'navigator.globalPrivacyControl', 'true')

Apparently this makes it seem like a native browser like implementation and forces websites to honor it and not try to change the value. I don't know how accurate this info is.

SeriousHoax avatar Aug 11 '25 05:08 SeriousHoax

In my opinion, my rule is more compatible but less aggressive. The rule you wrote is more aggressive but may not work on all websites. Considering that the GPC and BrowserLeaks tests GPC+DNT have been passed, I remain faithful to my rule.

Of course, only an expert from the AG team knows the exact answer.

SampeiNihira avatar Aug 11 '25 07:08 SampeiNihira

Gemini wrote this scriptlet for uBlock Origin that tests OK at the the GPC website: *##+js(set-constant, navigator.globalPrivacyControl, true)

sillyjaybird avatar Aug 11 '25 16:08 sillyjaybird

Just saw that in the Privacy Badger issue, it was mentioned that the German court banned LinkedIn from ignoring "Do Not Track" signals in 2023. So the argument is that the DNT signals still has value in some cases. So I'm a bit more confused now. Maybe a separate option as suggested by the OP of the below issue would be the better solution https://github.com/AdguardTeam/CoreLibs/issues/1982

SeriousHoax avatar Aug 12 '25 13:08 SeriousHoax

@SeriousHoax The separate option idea was rejected by PB developer. See the last comment. https://github.com/EFForg/privacybadger/issues/2950

sillyjaybird avatar Aug 12 '25 15:08 sillyjaybird

@sillyjaybird Yeah, I saw that. Let's see what AdGuard decides.

SeriousHoax avatar Aug 12 '25 15:08 SeriousHoax

It is interesting to note that in Firefox, “navigator.doNotTrack” = unspecified, whereas in my Edge browser, for example, it has a value= null. To achieve almost the same thing, Edge considers it "undefined", so an rule would need to be added:

Image

SampeiNihira avatar Aug 12 '25 16:08 SampeiNihira

Hello @SeriousHoax! Do you have any new suggestions?

dmitriivqa39 avatar Sep 02 '25 17:09 dmitriivqa39

@dmitriivqa39 Hi! I think for the sake of user choice, giving separate options for each feature might be the better solution. So if a user wants to only use Do Not Track, then they can enable that; if they want only Global Privacy Control, then they can enable that. Those who want both can enable that also. The current state of combining both into one option is not ideal, IMO.

SeriousHoax avatar Sep 02 '25 17:09 SeriousHoax

@SeriousHoax Thanks, we'll think about it

dmitriivqa39 avatar Sep 02 '25 18:09 dmitriivqa39

@SampeiNihira According to code, the unspecified value is defined by Firefox. The default value of navigator.doNotTrack is null in all chromium-based browser when do not track header is not enabled. No need to worry about that, because DNT is "Non-standard: This feature is not standardized", therefore the different browser(like gecko-based / chromium-based) may define their default values differently.

shNzshNz avatar Sep 14 '25 20:09 shNzshNz