Re: draft-ietf-http-state-mgmt-01.txt LAST CALL from Koen Holtman on 1996-06-15 (ietf-http-wg@w3.org from April to June 1996)

From: Koen Holtman <koen@win.tue.nl>
Date: Sun, 16 Jun 1996 00:29:29 +0200 (MET DST)
To: Marc Salomon <marc@pele.ckm.ucsf.edu>
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: <199606152229.AAA16010@wsooti04.win.tue.nl>

Marc Salomon:
>koen@win.tue.nl wrote to snowhare@netimages.com:
>on emulating 1:n domain cookies...
>|You will have to work more than just slightly harder.  And after you
>|deploy such a system, it will inevitably be discovered, and it will
>|result in bad publicity not just for you but for the entire web.  But
>|at least this bad publicity won't involve stories about browser
>|vendors and the IETF being on your side in the battle over privacy.
>
>Putting on my political science hat, this is essentially a regulatory
>issue.

This is not really a regulatory issue, at least not in Europe.  I have
been told by people who get paid to know that in Europe, it is not
rules and regulations which prevent companies from sharing customer
data (and it sure also is not the lack of technical means to do it),
it is the fear of being crucified by the mass media.

[...]
>If people disable 1:n domain cookie
>confirmation dialogues (with whois data for each domain), as required
>by some IETF draft, then caveat emptor as they take control of the
>situation, and the IETF is still on the side of privacy.

There being a requirement in an IETF draft which might legally put you
on the safe side is not good enough if you are being crucified by the
mass media.  But it is not the public image if the IETF I am worried
about, as far as the general public is concerned, the IETF does not
exist.  It is the public image of browser vendors I am worried about,
because if browser vendors are crucified by the media, this will have
a real negative impact on the internet.

We can't go and standardize mechanisms which increase the chance of
browser vendors being crucified.

[...]
>  But sadly enough, at least here in the USA, the
>prevailing sentiment is that corporations are the overtaxed valiant
>innovators bringing us a world of choice, convenience and a job if
>we're lucky.  Most people here couldn't care less what data are
>gathered and shared about them by corporations and probably see it a
>as feature.

In Europe, people still care a lot about data being gathered and
shared about them.  This is maybe why I am more concerned about
privacy-connected publicity disasters than you are, maybe such
disasters are more likely to happen in Europe.  One of the main risks
to the deployment of internet commerce in Europe is the European
public loosing trust in the internet as a medium that works to protect
their privacy.

>-marc

Koen.

Received on Saturday, 15 June 1996 15:32:55 UTC