W3C home > Mailing lists > Public > public-tracking@w3.org > December 2012

Re: Sitecom adds Do Not Track to its routers

From: Craig Spiezle <craigs@otalliance.org>
Date: Fri, 30 Nov 2012 22:18:12 -0500
Message-Id: <4AB73E73-ECE1-4E20-9E03-345A701C5351@otalliance.org>
Cc: Shane Wiley <wileys@yahoo-inc.com>, Brendan Riordan-Butterworth <Brendan@iab.net>, JC Cannon <jccannon@microsoft.com>, W3C DNT Working Group Mailing List <public-tracking@w3.org>
To: "SULLIVAN, BRYAN L" <bs3131@att.com>
This is within the context that I was seeking clarification, it could be a router or other device, a sw solution or a standardized desktop configuration set by an admin / employer.  

The challenge and concern is we are seeing more interest in the enterprises for such solutions not only for the privacy of their employees but for the data that might be collected and aggregated/profiled on their company.

Ii fail to understand the idea of not honoring such signals coming from a business who explicitly chooses to enable DNT for all employees.  

What am I missing?  

Sent from my phone

On Nov 30, 2012, at 8:30 PM, "SULLIVAN, BRYAN L" <bs3131@att.com> wrote:

> Apologies if this is implicitly/explicitly out of scope of the compliance context, but just confirming: you are talking about a router installed in a public network context, right? In an enterprise or home (private network) context, the configuration of this function via a router would be a decision of the administrator of that private network. That may involve any manner of explicit or implicit notice to users (or none at all…) that this is the policy in that context, which is within the right of the network owner.
>  
> Thanks,
> Bryan Sullivan
>  
> From: Shane Wiley [mailto:wileys@yahoo-inc.com] 
> Sent: Friday, November 30, 2012 3:06 PM
> To: Craig Spiezle; Brendan Riordan-Butterworth
> Cc: JC Cannon; W3C DNT Working Group Mailing List
> Subject: RE: Sitecom adds Do Not Track to its routers
>  
> Craig,
>  
> This is one systems administrator activating DNT for all users who receive traffic through that router – which could be a considerable number of individual, independent users who are not making this choice for themselves.  As such, this would be a violation of the draft standard as currently worded.
>  
> - Shane
>  
> From: Craig Spiezle [mailto:craigs@otalliance.org] 
> Sent: Friday, November 30, 2012 3:57 PM
> To: Brendan Riordan-Butterworth
> Cc: JC Cannon; W3C DNT Working Group Mailing List
> Subject: Re: Sitecom adds Do Not Track to its routers
>  
> As JC and i also confirmed this is an opt in device are you suggesting it would be non-compliant?  
>  
> As more sw and hw solutions come to market specially designed to block ads, enhance privacy or third party calls I believe the intent of the user will be met through the user's purchase. That said I would hope there is a user string detectable so the site can detect such usage and determine what content / services are made available 
>  
> 
> Sent from my phone
> 
> On Nov 30, 2012, at 5:13 PM, Brendan Riordan-Butterworth <Brendan@iab.net> wrote:
> 
> http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#dnt-header-field
>  
> “An HTTP intermediary must not add, delete, or modify the DNT header field in requests forwarded through that intermediary unless that intermediary has been specifically installed or configured to do so by the user making the requests. For example, an Internet Service Provider must not inject DNT: 1 on behalf of all of their users who have not expressed a preference.”
>  
> If the router has a single point to configure the DNT header field for all outbound traffic, and the LAN it is in front of has more than one user making HTTP requests, then the Sitecom functionality is not compliant with the requirements on intermediaries as defined in section 4.2 of the TPE document. 
>  
> /brendan.
>  
> From: JC Cannon [mailto:jccannon@microsoft.com] 
> Sent: Thursday, November 29, 2012 1:14 PM
> To: W3C DNT Working Group Mailing List
> Subject: Sitecom adds Do Not Track to its routers
>  
> “The Do Not Track functionality is disabled by default, and requires the user to visit the router's configuration page to enable it. Sitecom has confirmed  that, in addition to launching the software on third-generation X-Series routers, it will bring the Do Not Track option to existing devices with Sitecom Cloud Security through a free firmware update.”
>  
> http://www.bit-tech.net/news/hardware/2012/11/29/sitecom-do-not-track/1
>  
> JC
Received on Saturday, 1 December 2012 03:18:05 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:38 UTC