W3C home > Mailing lists > Public > public-tracking@w3.org > June 2012

Re: tracking-ISSUE-150: DNT conflicts from multiple user agents [Tracking Definitions and Compliance]

From: Tamir Israel <tisrael@cippic.ca>
Date: Mon, 04 Jun 2012 18:34:14 -0400
Message-ID: <4FCD37E6.7000509@cippic.ca>
To: "Roy T. Fielding" <fielding@gbiv.com>
CC: "public-tracking@w3.org protection wg" <public-tracking@w3.org>
Thanks kindly for this.

On 6/4/2012 4:43 PM, Roy T. Fielding wrote:
> Please understand that a server would not be required to ignore
> an invalid DNT field -- they just have the right to because the
> protocol exchange is invalid.  Furthermore, the result of ignoring
> the invalid field is to fall back to the current state of
> "no preference" being expressed.  Hence, there would be no impact
> on Canadian or EU laws, nor would it change a server's obligation
> to comply with those laws in the absence of DNT.
> ....Roy

I really do not wish to interfere with agreements of the working group 
that have already been made, and I appreciate the merits of the 'no 
default under any circumstances' compromise described here.

I'm just trying to understand: A server indicating they respect and have 
enabled the DNT spec (to Canadian or other users) would have the right 
to ignore DNT-1 if deemed to have been set by UA default. I see this 
having different impact between Canada and the EU as 'unset' triggers a 
different response in each. In EU law, it requires a positive election 
prior to tracking by servers. whereas Canadian law does not currently 
appear to require any positive election as a pre-requisite. If this is 
how it is, it seems a recipe for potential confusion, as CDN users 
seeing DNT set to 1 in their browser settings will believe they are are 
DNT-1 enabled though they are not.

(others have raised more general concerns for dealing with 
privacy-friendly UAs, such as: how would a server determine which UA's 
should be specified as 'rogue' due to a DNT-1 default election; how 
would a server distinguish between DNT-1 by UA default & DNT-1 by user 
election on a 'rogue' UA; how will it be explained to users they must to 
disregard the DNT-1 by UA default setting on specific UAs, etc.).

Best regards,
Received on Monday, 4 June 2012 22:34:47 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:44:50 UTC