Where Do Not Track gets complex is in deciding what actions to take when your website receives a DNT header. This guide does not attempt to define tracking, nor does it proscribe what it means for your site to comply with an incoming DNT header. The purpose of this guide is to help you understand some of the common choices available to you, so that you can make the best decisions for your site and your users.
There are many different definitions of tracking that have been published. You may find it useful to read some of the additional resources at the end of this document. For example, some advertisers are calling for “Do Not Target” rather than “Do Not Track,” allowing data collection to continue unchanged. However, the original FTC staff document called for limitations of data collection, not just data use, after users express a Do Not Track preference. FTC Commissioners and staff continue to discuss Do Not Track as pertaining to both data collection and use.
Another point of contention is whether DNT applies to first-parties as well as third-parties, plus disagreement on what a first-party is. For example, are widgets like the Facebook Like button first-party or third-party? Are analytics companies bound by that are contract not to use data beyond analysis for their clients to be treated like first-parties? Even with the contours of DNT agreed upon, different parties call for a variety of exemptions. For example, financial companies want to collect and use data for fraud prevention, even for users signaling DNT. Other possible exemptions that companies have requested include billing for ads, analytics, ad rotation or frequency capping, research and development, federated login, and to provide data to law enforcement.
Early research shows that users expect DNT to be broadly defined across first and third parties, that it would include data collection as well as data use, and that they would be surprised by exemptions, with the possible exception of fraud prevention and law enforcement. The more broadly you define DNT, the more likely you are to meet your users’ expectations and earn their trust.
Previous: How Do Not Track works
 McDonald, Aleecia M., and Peha, Jon M. User Expectations for Do Not Track. 39th Research Conference on Communication, Information and Internet Policy (Telecommunications Policy Research Conference) September 23-5, 2011, in preparation.