W3C home > Mailing lists > Public > public-privacy@w3.org > January to March 2015

Re: Super Cookies in Privacy Browsing mode

From: David Singer <singer@apple.com>
Date: Mon, 19 Jan 2015 16:01:07 -0500
Cc: public-privacy@w3.org
Message-id: <A7A241D4-0A25-45BD-BBC0-9A8E03C1C31B@apple.com>
To: Rigo Wenning <rigo@w3.org>

> On Jan 19, 2015, at 15:46 , Rigo Wenning <rigo@w3.org> wrote:
> 
> On Monday 19 January 2015 10:35:53 David Singer wrote:
>>> It is yet another signal. Ok, it is not DNT, but it follows the same
>>> paradigm. I understand the branding issue, so let's call it BND (Be Nice
>>> Don’tprofile)
> 
> This was a joke as BND is the acronym of the German secret service... 
> 
>> But that’s not what it is.  It is NOT asking “don’t profile” it’s asking
>> “segregate records”.
> 
> This is much better done on the client side.

I fail to see how I can segregate Google’s history of me, solely on the client side.

Private Browsing DOES this on on the client side;  I am exploring conveying this to the servers as an addition.

>>> 
>> OK, I don’t mind a general statement of “we support this feature”, and you
>> can make this machine-readable if you think it’ll result in any action by
>> the UA.  I rather suspect that having it human-readable is enough, that’s
>> all.
> 
> If only the UA would remember where somebody said he would follow and didn't 
> and we could use the feedback as evidence.

sure, that’s part of the DNT well-known resource motivation.

> Secondly, you have to define what "segregation" means. If it just means that 
> my website is less stupid so that your wife won't find out about the gifts you 
> ordered online, than this is rather intelligent web design than a new feature. 
> All you need is stateful interaction. 

well, I roughly agree.  Not sure what you mean by the last, but in general, they promise that your activity in one persona will not affect what is visible in another, except that they may initialize named persona from the anonymous one.

>>> Because, without feedback, you're in non-binding hand waving.
>> 
>> There is a difference between saying that, for users to know that a server
>> supports the feature, they need to say so somehow, and in requiring that
>> that statement of support be machine-readable.
> 
> In times when ugly cookie - banners trump smart technology like DNT, you'll 
> have to offer an added value (legal certainty) in order to get anything. And I 
> also think that hardcoding the personae into the one use case is too little. 

I am not sure a nice ask, that’s not about tracking/secrecy but about being nice in linking data, needs legal backing.

> 
>>> At this level
>>> and point, a cookie would do. And if you're concerned about the cookie
>>> being ephemeral, use a super-cookie. It is the feedback message, that
>>> changes the nature of protocol and message value, legally…
>> 
>> Cookies are useless here; cookies are specific to a domain, and this request
>> is quite general.  One would need infinite numbers of cookies.
> 
> Why? We already have an infinite number of cookies (have you looked? :) 

Because I am asking every server I visit, whether or not visited before. Cookies are set by the servers, and have a syntax that is specific to each server.

David Singer
Manager, Software Standards, Apple Inc.
Received on Monday, 19 January 2015 21:02:05 UTC

This archive was generated by hypermail 2.3.1 : Monday, 19 January 2015 21:02:05 UTC