Under a new policy announced today, Twitter will be suggesting accounts for Twitter users to follow based on data collected from an individual’s browsing habits on websites that have embedded Twitter buttons. While this is sure to garner scrutiny from the press and public, Twitter is also taking a pioneering step toward respecting users’ privacy choices: it has committed to respecting Do Not Track -- a simple browser setting users can turn on to tell website they don’t want to be tracked. Often framed as a signal from users to behavioral advertisers, Do Not Track isn’t actually about ads we see online; it’s about user control over tracking of our web usage that could be used to build an intimate portrait of our online lives. Twitter is showing an inventive way that websites other than behavioral advertisers can respect Do Not Track. We’re heartened to see this forward-thinking approach and hope other sites with embedded widgets will follow suit.

If you haven’t done so already, this is a great reminder to turn on Do Not Track; Twitter has a tutorial for doing this on different browsers.

Here’s how the suggested accounts will work under the new Twitter privacy policy: when you browse around the Internet to pages with embedded Twitter share buttons1, Twitter is able to collect a certain amount of information about you through a unique browser cookie. Then when you sign up for or log into Twitter, the site will be able to suggest that you follow the accounts of individuals who are popular among others who visited the same sites as you. Twitter calls this “tailoring” your Twitter experience based on your web browsing.

For example, many of those who visit BoingBoing.net likely follow the account of @doctorow, the digital-rights-loving BoingBoing founder Cory Doctorow. If you sign up for Twitter and you’ve got a browser cookie from Twitter showing that you recently visited BoingBoing, you might see @doctorow listed as a suggested user even before you’ve started interacting with Twitter. Twitter will be relying on data collected about your browsing habits within the last 10 days (after 10 days, they start discarding data). When you start a Twitter account, you’ll have the option to turn off the tailored suggestions. Unchecking this box won’t just stop the suggestions from appearing – it’ll actually remove the unique cookie that Twitter uses to track your browsing habits and show you tailored user suggestions.2

Established Twitter users may find suggested users under the "Who To Follow" sections of Home and Discover. Just like with new users, established users can uncheck the “tailor” Twitter box in their account settings to stop the data collection about their web browsing.

Do Not Track makes this a lot simpler – no messing with account settings or unchecking any boxes to keep your privacy. If you’ve got Do Not Track selected in your browser settings, then Twitter assumes you just don’t want them collecting details of your online browsing habits in an identifiable way. Users who have turned on Do Not Track will find, upon signing up for Twitter, that the “tailor Twitter” button is unchecked by default. Similarly, established users who had Do Not Track already enabled in the days before the new policy took effect will also find the account personalization turned off by default. Users who enable Do Not Track must change their privacy settings if they want the “tailored” Twitter experience.

As with Facebook, Twitter also treats users differently depending on whether or not they are logged out. If you’re a Twitter user wanting to protect your browsing privacy, then remember to log out when you leave the site so that Twitter won't associate your online browsing habits with your Twitter account.

There’s sure to be a lot of discussion about Twitter’s decision to use data collected through social widgets for increased site personalization. If nothing else, this is a good opportunity for everyone to reconsider the nature of our highly trackable online lives, where corporations we do and don’t have relationships with can vacuum up highly sensitive data about what we do on the web and even a savvy user can’t win the arms race against online tracking. This is exactly the promise of Do Not Track: to make it easy for everyday Internet users to clearly indicate a preference not to be tracked around the web, whether it’s by a social network or an advertiser or another data-hungry corporate entity. 

We’ve previously examined Facebook’s practices when it comes to collecting browsing data on users and urged it to respect the Do Not Track flag. So, in the wake of Twitter’s decision to respect Do Not Track, we’re calling on other social networking sites to start respecting user choice as well. The time has come for websites to start listening to users when it comes to privacy, and there’s no easier way for a user to tell companies “Don’t track me” than to turn on Do Not Track.

Get started now by checking out the tutorial Twitter created for turning on Do Not Track.

  • 1. Eff.org has Twitter icons that allow visitors to share content from our site on Twitter but we have chosen not to embed Twitter code on our site, so visiting eff.org will not result in data about your visit going to Twitter.
  • 2. Note: this doesn’t mean Twitter will stop collecting all data on you. They’ll still be able to collect aggregate data about your browsing habits for analytics and security, but they won’t set a cookie and they won’t use data to suggest users to you or tailoring your Twitter experience.