W3C home > Mailing lists > Public > public-tracking@w3.org > November 2011

RE: Action 32 -- Proposed language for site-specific exception

From: Shane Wiley <wileys@yahoo-inc.com>
Date: Wed, 9 Nov 2011 08:14:16 -0800
To: John Simpson <john@consumerwatchdog.org>, "Aleecia M. McDonald" <aleecia@aleecia.com>, Nicholas Doty <npdoty@w3.org>
CC: "public-tracking@w3.org Group WG" <public-tracking@w3.org>
Message-ID: <63294A1959410048A33AEE161379C8023D03958C40@SP2-EX07VS02.ds.corp.yahoo.com>
Thank you John – helpful starting point.  I’d suggest we not assert only a cookie as the “exception” memory mechanism but a recommended one.  It could be equally viable and appropriate to store this information in a registration key, a browser setting, or some other technical mechanism.

- Shane

From: John Simpson [mailto:john@consumerwatchdog.org]
Sent: Wednesday, November 09, 2011 8:00 AM
To: Aleecia M. McDonald; Nicholas Doty
Cc: public-tracking@w3.org Group WG
Subject: Action 32 -- Proposed language for site-specific exception

Proposed language for a site-specific exception using a cookie:

When a DNT enabled user agent grants a site-specific exception, the site places a site-specific opt-in cookie on the user agent allowing the site to respond as a First Party.  The DNT header must remain enabled so that if the user returns to the site, both the user's general preference for DNT and the site-specific exception will be clear.  This could enable the site to provide a higher level of privacy than if DNT were not enabled, but less than if the exception had not been granted. Opt-in site-specific exception cookies should expire within three months, enabling the site to determine periodically whether the user intends to continue to grant an exception.

John M. Simpson
Consumer Advocate
Consumer Watchdog
Tel: 310-392-7041

Received on Wednesday, 9 November 2011 16:15:21 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:59 UTC