Mayer's research when at Princeton studied the feasibility of tracking web browsers with partial identifiers like display resolution and extensions. His advisor was Professor Edward William Felten. Mayer's research found that it was possible to fingerprint web browsers, but could not guarantee the global uniqueness of a browser's fingerprint. The Electronic Frontier Foundation's subsequent study reached the same conclusions using a bigger data set. There are businesses now using browser fingerprints in products.
In mid-2010, Mayer and another Stanford researcher Arvind Narayanan argued for Do Not Track in HTTP headers. They built Do Not Track prototypes for clients and servers. Working with Mozilla, they wrote the influential Internet Engineering Task ForceInternet Draft of Do Not Track. Ultimately the World Wide Web Consortium has begun standardizing Do Not Track through the Tracking Protection Working Group. Mayer was an active and influential participant in this group and has been described as "key spokesperson" who had a "more interesting and productive career as a student than most tenured faculty". Mayer's thoughts about Do Not Track have concerned online advertising businesses. Randall Rothenberg, CEO of the Interactive Advertising Bureau, called him a "Bolshevik of the Internet world" and "anathema to anybody who's trying to earn any kind of living using the digital supply chain." At one point, the Senior Director of IAB tried to get Mayer kicked out of his studies at Stanford. On July 30, 2013 Mayer resigned from his job with the W3C working group. His resignation letter faulted advertising members for impeding progress and W3C for bad leadership. Some working group members later tried to bring him back as a leader but this did not happen.
Between 2011 and 2012 Mayer posted on illegal web tracking businesses. His contributions include the following.
Most advertising businesses track users even after users opt out of cookies.
Epic Marketplace has used CSS history sniffing to uncover medical and financial information for advertising purposes. The business contested Mayer's research as "bogus". However, the Federal Trade Commission later brought complaints against Epic Marketplace, citing Mayer's research.
Microsoft has used ETags to track people and create zombie cookies on some websites. Microsoft stopped this practice after it was brought to their attention.
User websites leak personal information to other websites. In 2012, Mayer found leaks on Barack Obama's and Mitt Romney's election websites even though both candidates claimed that all this information was anonymous.
Google and other businesses have circumvented Apple Safari cookie blocking, as the 'Wall Street Journal reported on its first page. After this, the Federal Trade Commission fined Google $22.5 million. Google settled with state attorneys general for $17 million. This FTC fine was the largest in that agency's history.
Mobile application privacy policies
The California Online Privacy Protection Act requires websites to post privacy policies. Attorney GeneralKamala Harris argued that this law applies to mobile applications as well. Mayer was a consultant for implementing that law on mobile applications. That initiative produced a large settlement with all mobile platforms on February 22, 2012.
In December 2012, Mayer proposed that Mozilla Firefox use the same cookie blocking mechanism as Apple Safari. He wrote the code patch as a community contributor and Mozilla adopted it. Representatives from the online advertising business have objected and criticize both Mayer and Mozilla. Businesses also had Congress members write letters to Mozilla. It was expressing false concerns about abducted children and natural disasters. Mozilla has since changed from Safari's cookie blocking mechanism, instead joining up with Cookie Clearinghouse's privacy initiative. Mayer has said that he is disappointed in Mozilla's decision but remains involved on the advisory board for Cookie Clearinghouse.
After Edward Snowdenleaked documents in 2013, Mayer has researched National Security Agency laws. One of Mayer's projects has focused on Internet surveillance with FISA Amendments Act. Mayer concludes that NSA's "one-end foreign" rules allow them to spy on American citizens. His conclusions are part of the Director of National Intelligence Review Group on Intelligence and Communications Technologies reporting. Another of Mayer's projects has looked at telephone metadata in conjunction with the Patriot Act. Working with another Stanford researcher, Patrick Mutchler, Mayer concludes that metadata is very sensitive.
