RE: tracking-ISSUE-150: DNT conflicts from multiple user agents [Tracking Definitions and Compliance] from Shane Wiley on 2012-06-05 (public-tracking@w3.org from June 2012)

From: Shane Wiley <wileys@yahoo-inc.com>
Date: Tue, 5 Jun 2012 08:22:00 -0700
To: Justin Brookman <justin@cdt.org>, "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <63294A1959410048A33AEE161379C8023D18590220@SP2-EX07VS02.ds.corp.yahoo.com>

Justin,

At some point we need to draw line in the sand to call out bad actors as "bad".  We've agreed users should expressly activate DNT on their own (expect in cases where the act of installing a CLEARLY privacy protective product is their goal).  If bad actor UAs cross that line (i.e. IE10 :-) ), then Servers should have the flexibility to respond appropriately.  This will make the situation very transparent to users (response header/well known URI) and allow them to exercise choices the Server provides (list of supported UAs, for example).

Your belief that ALL Servers should honor the ALL DNT:1 header requests, while very simple, is the basis for a pure opt-in world which all sides had previously agreed is the not the appropriate outcome for the Internet.  Is the CDT taking a different stance on this topic?

Thank you,
Shane

-----Original Message-----
From: Justin Brookman [mailto:justin@cdt.org] 
Sent: Tuesday, June 05, 2012 8:09 AM
To: public-tracking@w3.org
Subject: Re: tracking-ISSUE-150: DNT conflicts from multiple user agents [Tracking Definitions and Compliance]


On 6/5/2012 11:53 AM, Dobbs, Brooks wrote:
> Hi Rigo,
>
> So a little follow-up:
>
>
>> Rob (Article 29 WP) suggested to have a selection screen at first
>> startup. After all the noise about the defaults, can we assume that
>> using a certain browser means sending DNT;1?
> No. We can't.  This is the same point I raised with Justin.  With no
> disrespect to the hard work this group does, DNT really just isn't top of
> mind share for Joe Consumer and is exceedingly unlikely to be the primary
> motivation for choosing a browser and/or reflect his/her personal preference
> on DNT.  Realistically would anyone ever choose browser A over 3 primary
> competitors because it had DNT by default where the others made me go
> through Preferences->Privacy->DNT?  Doesn't it generally take more than 3
> clicks to install/switch to a new browser?
Even if a user does not *choose* a browser because DNT is enabled by 
default, the user may well be *aware* that DNT is turned on by default.  
Or the user might go to turn on DNT and notice that it was already 
checked.  The ad network is never going to know what the user's 
knowledge and intent is in any case.  For this reason, I believe ad 
networks should respect the signal regardless.  Assuming that the group 
wants to ensure that users knowingly choose to transmit the DNT signal, 
wouldn't it make more sense to put the burden on the implementing 
browsers?  This would give the browsers an affirmative responsibility to 
conform to the specifications in the standard and would prevent a 
situation where all third parties are making subjective determinations 
about user intent and the legitimacy of any particular UI.

Received on Tuesday, 5 June 2012 15:23:07 UTC