Many websites track users’ visits and actively degrade content or provide unwanted personalization.
The following sites use tracking to block content for repeat visitors:
Glassdoor
NYTimes
Medium
Sites like YouTube will track what you watch and personalize the homepage.
Google/Facebook track people’s activity across websites for advertising purposes.
There are two features I’m considering to make user tracking more difficult.
Feature 1:
As a user,
I want to not be tracked across multiple websites by companies like Facebook/Google,
So my browsing history is more difficult for them to piece together.
Feature 2:
As a user,
I want a fresh experience on certain websites,
So websites will have difficulty actively degrading or personalizing my experience.
The solution I had in mind was to namespace cookies (in addition to the existing per-request namespacing) to the ETLD+1 (effective top level domain plus one) in the location bar.
E.g.
Feature 1 possible implementation:
Given cookie namespacing is enabled for (.*\.)*example\.com, and
Given I visit www.example.com, and
When the initial request is made for www.example.com, or
When subsequent requests are made by the page loaded at www.example.com,
Then the only cookies that will be sent with the request are cookies that were obtained while operating in the namespace associated with www.example.com
Feature 2 possible implementation:
Given I have designated a namespace as ephemeral,
When I close all tabs associated with the ephemeral namespace,
Then the cookies in the ephemeral namespace are deleted.
This would be most effective on an opt-out basis, but I understand that may break the user experience on some websites (e.g. moving from mystore.com to mystore.ecommerceprovider.com). There are ways to address this (e.g., namespace stickiness, or many-to-one ETLD+1-to-namespace mappings).
I’m not sure what the best user experience may be. I suspect opt-in would be the best way to launch the feature and metrics could show how often users have to add multiple ETLD+1s to a namespace.
What do people think about the suggested privacy enhancements? Any better approaches come to mind? Any additional problems to what I’ve already highlighted?