RE: Exemptions and Exceptions.? from TOUBIANA, VINCENT (VINCENT) on 2012-01-30 (public-tracking@w3.org from January 2012)

From: TOUBIANA, VINCENT (VINCENT) <Vincent.Toubiana@alcatel-lucent.com>
Date: Mon, 30 Jan 2012 17:46:30 +0100
To: David Singer <singer@apple.com>, "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
Message-ID: <4D30AC7C2C82C64580A0E798A171B44448894350A8@FRMRSSXCHMBSD1.dc-m.alcatel-lucent.c>

In my understanding, exemptions are authorized uses of the data that a website collected when receiving DNT:1. This is a limited set of uses, which currently include Frequency Capping, Financial Logging, 3rd party auditing, Security (this list is still discussed: http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance.html#TypesofTrackingExemptions).

These exemptions apply to all websites compliant with DNT.

An exception is granted by a user to a website (or a domain) and allows the website to track the user. There are two types of exceptions:

- user-agent managed exceptions. The UA sends DNT:0 to a website which is granted an exception, receiving DNT:0 the website can track him.

- sever managed exceptions. The server receives DNT:1 but thinks that it has been granted an exception (e.g. it recognizes the cookie). In that case, the server should return the response header "third-part-opt" (=p).


I hope that it'll help.

Vincent Toubiana
 
-----Message d'origine-----
De : David Singer [mailto:singer@apple.com] 
Envoyé : lundi 30 janvier 2012 16:19
À : public-tracking@w3.org (public-tracking@w3.org)
Objet : Exemptions and Exceptions.?

This was raised briefly in conversation in Brussels.

Our documents and discussions use both words (Exemptions and Exceptions).  I think Aleecia has a clear idea of their difference, but I know we don't all share that clarity because I, at least, do not :-).

In my understanding, 'exemption' says that the requirements of our specification do not apply to some class of services .  An exception would be when the specification applies, but some class of services are excepted from some of the requirements.

Example from taxation:  some goods in the UK are exempt from Value Added Tax; the tax is inapplicable.  Some goods are zero-rated for Value Added Tax: they are subject to it in theory, but have an exception and are currently untaxed.


I'm not sure we have many 'exempt' classes (services that, receiving a DNT signal, can ignore it, as it doesn't apply to them).  I think we mostly have exceptions.


Aleecia, others, could you help clear my mind (and maybe others') on this?

Thanks!


 
David Singer
Multimedia and Software Standards, Apple Inc.

Received on Monday, 30 January 2012 16:47:03 UTC