I assume that's a joke :) I agree that Do Not Track and anything that looks like that RFC are useless, but they assume bad actors and includes software that doesn't run on the users machine. What I'm talking about assumes good actors and code running only on the users machine. MS and others already have ways to disable the telemetry, usually, so they want to play nice. With open source software, it's easy enough to check the code is looking at the environment variable and doing the right thing with it. Closed software still shouldn't be trusted, nothing will fix that.

Check the date on the RFC.

HA! And yet 'Do Not Track' was proposed in 2009 and actually put into practice. Guess they didn't get the joke either :)

What I'm proposing isn't either of those things though. It doesn't rely on just promises of other people. I can see the code I'm compiling and running on my machine and, as long as I don't let anyone else modify it arbitrarily, I can be sure it's doing what the code said. Yes, mistakes happen and sneaky code happens but, for a vendor that actually wants to play nice, too many mistakes or even a single attempt at sneaky code will ruin their reputation.

And, again, I know this won't fix closed source code or malware.

Microsoft sends enough telemetry that they alone could make the DO_NOT_TRACK registry key completely worth it.