W3C home > Mailing lists > Public > public-tracking@w3.org > April 2012

RE: An alternative to site-specific user granted exceptions (Issue-111)

From: Kevin Smith <kevsmith@adobe.com>
Date: Fri, 20 Apr 2012 09:03:07 -0700
To: "TOUBIANA, VINCENT (VINCENT)" <Vincent.Toubiana@alcatel-lucent.com>, "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <6E120BECD1FFF142BC26B61F4D994CF307D0A01847@nambx07.corp.adobe.com>
I like this suggestion.  I have expressed many times that I believe passing in 3rd parties into the specific javascript calls will only work in the very simplest of cases.  I think this will extend the usefulness of the JS API because it is much more scalable to manage your list of 3rd parties in a single location than on a per page per JS request basis.  In practice, if I were forced to use the JS API as is, I would probably mimic this behavior using centralized global JS variables to represent the 3rd party groups.  However, this approach would be much cleaner.

However, I do not understand how it solves the ad chain problem.  If the 1st party does not know who is in the ad chain, and the ad chain is dynamic, then it cannot put the 3rd parties in this doc any more easily than it could put them directly in the JS call.

-----Original Message-----
From: TOUBIANA, VINCENT (VINCENT) [mailto:Vincent.Toubiana@alcatel-lucent.com] 
Sent: Tuesday, April 17, 2012 12:04 PM
To: public-tracking@w3.org
Subject: An alternative to site-specific user granted exceptions (Issue-111)


I suggest an alternative to site-specific exceptions (Issue-111). Instead of providing the list of 3rd parties through the JavaScript API, this list could be provided through Tracking Status Representation (available through the well-known URI).
There is already a field to send that list to the UA (See section 5.1.2 in TPE document) but it is currently optional. If we replace the MAY by a MUST, then users could get the list of third parties present on a site before they visit it and then decide if they are ready to grant a site-wide exception. 

Pros:
-	User grant exceptions knowing which third parties could track them
-	This does not broke the chain in ad-exchanges
-	Publisher do not have to ask new user granted exceptions when they add third parties
Cons:
-	Users have to check the well known URI more often
-	Users can not provide feedback about the third parties present on a website (a non granted exception is - in my opinion-- an explicit feedback).

I still prefer the site-specific exception mechanism as it gives users more choices, but I believe this solution could be seen as a middle ground.

Vincent
Received on Friday, 20 April 2012 16:04:13 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:27 UTC