On Mon, Aug 27, 2018 at 1:57 PM Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: > -------- > In message <CAKXHy= > fU4odq4Khtbxk-c+D+hkaCnJyUbEPmk8PiRN+jfND_uw@mail.gmail.com> > , Mike West writes: > > >> But we are not seing this with DNT or private browsing mode, are we ? > >> > > > >We are. Visit the Boston Globe in private mode, [...] > > Works for me, but that's maybe because I'm in GDPR-land ? > Idunno. https://arstechnica.com/information-technology/2017/05/boston-globe-website-no-longer-lets-you-read-articles-in-private-mode/ has a screenshot of what I saw. Perhaps they have some heuristics around the blocking behavior? >You would think that, wouldn't you. My impression is that that's not > >exactly how it's playing out. > > I still think we should let clients set the "ephemeral" bit as appropriate. > > If servers react negatively to that, they automatically self-declare > as not respecting the clients desire for privacy, and that seems > the best outcome: It leaves the initiative with the client who > gets to decide if they want to be tracked or want to boycott the > sites that do so. That's a reasonable argument. I think I fall on the other side, suggesting instead that user agents should attempt to make private browsing appear similar-enough to regular browsing so as to remove the ability to treat them differently, rather than attacking the incentives. Either way, I think assigning meaning to particular bits in the identifier is something user agents could certainly choose to support. -mike
Received on Monday, 27 August 2018 12:06:36 UTC