Hacker News new | past | comments | ask | show | jobs | submit login

No. Privacy is generally considered a right. Opt-in/off-by-default is the correct position.



I'd be happy to compromise on a single question, asked once per device:

Would you like advertisers to be able to track you (Yes) (No)

Of course advertisers know full well people will press No, and that will harm their income.


Exactly, although I would never hit yes I think it is important to give customers the opportunity to make their own, educated choice.


That isn’t consistent with the difference in dependency on advertising that occurs from app to app. It could be, however, that the device-level prompt could set the default for future app-level prompts. (That sounds annoying in retrospect, but maybe the right way.)

Another consideration is your point that preventing ads will harm advertisers’ income. In some cases, hurting income is an acceptable loss, but in others where the service is sustained by advertising, less so.

Perhaps another compromise could be to allow apps that do not accept the tracking prompt to only access basic functionality, with an explanation that the tracking supports their premium service. That’s a very different world for Facebook and others.


If you want to make tracking opt-in, that's great. Doing so would obsolete the do-not-track header. But do-not-track was never going to do that itself. The purpose of do-not-track was to be an explicit declaration of intent. Trying to co-opt it benefited no-one.


I see what you’re saying. I generally agree with implementing designs and standards along the lines of their intent.

On this particular issue, I’ve pretty much decided for myself that individually tailored advertising, net-wide implicit tracking and surveillance capitalism in general need to be banned, or owned by the commons and walled with fine grained permissions. I’m waiting for the tech world to catch up.


Seeing this from the inside - I believe that large/reputable advertisers have no problem[1] with e.g. GDPR being opt-in, because it's a law that levels the playing field. With DNT, the question was "who blinks first" - it was all too easy for some players to take the stand that "it's not user intention thus it's irrelevant" in order to force everyone else to do the same. MS abused the industry-defined standard and twisted it into something that it was not meant to be, so then it became ignored.

[1] Ok, not "have no problem", it's a lot of technical work that is not "feature" and they need to pay for. But again, rules are the same for everyone, and "full GDPR support" can be sold as a feature, so they're largely fine with it. There's also slightly inconsistent interpretation of the law, depending on company. That's also to be expected, some niche players will push the boundaries of the law hoping to get market share, while the larger ones/that have more to lose will remain somewhat conservative and just tell their clients "our interpretation is correct, if you want to go with the niche players suit yourselves, your risk". In time, as courts set legal precedents for the interpretation, this will smooth out.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: