W3C home > Mailing lists > Public > public-tracking@w3.org > October 2011

Re: [ISSUE-81, ACTION-13] Response Header Format

From: David Singer <singer@apple.com>
Date: Thu, 20 Oct 2011 11:17:48 -0700
Cc: "public-tracking@w3.org Group WG" <public-tracking@w3.org>
Message-id: <C65A91A4-A9F2-477F-9052-F1672F1D2D2D@apple.com>
To: Bjoern Hoehrmann <derhoermi@gmx.net>

On Oct 19, 2011, at 19:18 , Bjoern Hoehrmann wrote:

> * David Singer wrote:
>> I am not a fan of sending of a "please don't track me" into the void and
>> having no idea which sites, if any, are at the moment tracking me.
> 
> At the moment it is common to not conduct even the most trivial audits
> like "does logging out remove the userid cookie", "does disabling geo
> location tracking turn off geo location tracking", or "does the phone
> purge data after a week as it should, or does it keep it for years". I
> see no reason to assume a "do not track" response would give you any
> idea on what's going on if we cannot expect the largest data mining
> firms on the planet to discover such obvious problems on their own. It
> also seems clear that normal users would have to rely on third party
> analysis to get an actual idea of what's going on (what is this site,
> what does it do, should I block it, and so on). If you go and find out
> about that, you can also take a look at whether their privacy policy
> claims they honour the do not track signal.

I think you are allowing your pessimism to run too far. Strictly, logging out means I can't do anything I'd need to log in to do; it doesn't strictly mean 'forget me'.  But if a site responds "I am not tracking you in this transaction" and it later transpires that it was, that's pretty useful.

> I note that would be possible to require sending a Link header linking
> the "human-readable" privacy policy and require the policy document to
> indicate do not track compliance using meta data.

I don't have any problem with standardizing a location for a privacy policy (human-, machine-, or un- readable :-(), but I think it's out of scope of this activity.

David Singer
Multimedia and Software Standards, Apple Inc.
Received on Thursday, 20 October 2011 18:25:37 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:22 UTC