W3C: Microsoft's Web privacy proposal "has no formal standing"

Progress of Microsoft's proposed W3C standard greatly exaggerated

There are lot of stories floating around the Internet today about the World Wide Web Consortium (W3C) granting approval to a Web privacy standard proposed by Microsoft.

It sounds great for Microsoft, but there's one problem. It's not true. Well, not exactly.

Microsoft Internet Explorer VP Dean Hachamovitch blogged yesterday about how the W3C "has accepted and published Microsoft's member submission for an Internet standard to help protect consumer privacy."

Retro browser smackdown: IE6 vs. Netscape in 2011

Although Hachamovitch didn't quite say that the W3C has approved Microsoft's proposed standard, this blog, coupled with an email blasted out by Microsoft's public relations team, led to various articles creating the impression that Microsoft's standard is done and approved.

"Microsoft Web Privacy Features Meet W3C Approval," reads one typical headline

I received an email from Microsoft's PR firm yesterday morning with the subject line "W3C Accepts Microsoft's HTML5 Privacy Submission," and was quickly intrigued. I put aside the other articles I was working on and tried to find some proof that the W3C had approved this new privacy standard put forward by Microsoft.

The proof wasn't there, and I ended up going back to the work I had just abandoned. But I was surprised to see a flood of articles emerge suggesting that Microsoft had reached some major milestone. So this morning, I contacted the W3C to see what was actually going on.

Ian Jacobs, head of marketing and communications at the W3C, helpfully explained the standards process and where Microsoft's submission fits into it. The bottom line is Microsoft's submission "has no formal standing."

"Yesterday we announced a Submission from Microsoft," Jacobs writes in an email. "It has no formal standing. It might become input to a W3C Working Group, but it isn't yet. I believe Microsoft has said they would like it to become a standard, but to get there, we'd need a Working Group to take it up and through the usual process."

When I pointed out that the significance of yesterday's announcement seems to have been exaggerated by some, Jacobs replied that "Microsoft would like to see this become a standard. There is a difference between 'W3C has approved that it will become a standard'and 'W3C has published the document, which is potential input to the standards process...but that process hasn't happened yet.'"

"We are happy to have our Members submitting ideas for possible standardization within the broader community. W3C  also tries to be clear very about 'where we are in the process.'"

The final word from Jacobs is that "W3C has a lot of Privacy-related activity going on right now, and this Submission from Microsoft is part of that discussion. But for now it has no formal standing at W3C."

I contacted Microsoft officials this morning to see if they have any further comment, and a company spokesperson confirmed that "there are some inaccurate assumptions being made. The W3C accepted Microsoft's submission. This is basically step 1."

The next step is a workshop in late April to assess support for moving the process forward, Microsoft told me. "The significance of this for us is basically, this is a good demonstration both of Microsoft's commitment to the technology and to privacy, and demonstration that the industry takes our approach seriously and sees it as a potential solution to help provide choice and control for customers over their online privacy," Microsoft said.

While there is confusion over the standards process, the Microsoft submission could be an important step toward greater Internet privacy.

Microsoft's Internet Explorer 9, Mozilla's Firefox and Google Chrome, the three dominant browsers, have all been moving toward offering do-not-track features to consumers. Microsoft's submission is based on IE9's tracking protection.

As W3C explains in a blog, Microsoft's submission "proposes to standardize two elements: Filter lists that can prevent user agents from making requests to known Web servers that track users, and a do not track user preference that is exposed both as an HTTP header and a DOM property." You can read Microsoft's submission on the W3C site.

I'm in favor of almost anything that gives Web users greater privacy, and I'm interested in seeing where Microsoft's proposal will end up.

But has it already been approved? Is it a standard? Absolutely not.

Follow Jon Brodkin on Twitter.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Related:
Now read: Getting grounded in IoT