Prefer:safe is bad

Prefer:safe is a new misfeature in Firefox and Internet Explorer that is supposed to make Web “safer” for “young users and family members whose needs related to trust and safety may differ”. Read about it in Mozilla’s blog.

Web browsers implementing this feature report to all visited web sites whether your computer have parental controls enabled by sending a special HTTP header Prefer: safe.

Why it is bad

• It violates privacy. When you turn on parental controls in your operating system you do not expect, your browser to report this choice to every web site. But this is exactly what Prefer:safe does: it makes every web site know that you turned on parental controls.
• It enables ads targeting kids. When your browser reports that you turned on parental controls, it allows advertizers and marketers to target kids.
• It enables banning kids from using web sites.
• It outsources parental controls to website operators.
• It sets a dangerous precedent. What if courts decide to consider not censoring your web site when it receives Prefer:safe as knowingly serving “objectionable” content to minors? What if governments will require censoring web pages based on what HTTP headers are sent by the browser?
• It puts peer pressure on web site operators to self-censor. It is not a web site operator's job to decide what your chidren can and cannot see, but if this header is introduced, some web site operators will receive complaints for not implementing self-censorship, or not implementing enough of it, even if they disagree with what “objectionable” content means.
• It introduces another useless HTTP header. We have enough of them, thank you.