W3C home > Mailing lists > Public > public-tracking@w3.org > June 2012

Re: ACTION-211 Draft text on how user agents must obtain consent to turn on a DNT signal

From: Peter Cranstone <peter.cranstone@gmail.com>
Date: Thu, 14 Jun 2012 07:58:35 -0600
To: Tamir Israel <tisrael@cippic.ca>, "Dobbs, Brooks" <brooks.dobbs@kbmg.com>
CC: Rigo Wenning <rigo@w3.org>, Kevin Smith <kevsmith@adobe.com>, "public-tracking@w3.org" <public-tracking@w3.org>, Shane Wiley <wileys@yahoo-inc.com>, Justin Brookman <justin@cdt.org>
Message-ID: <CBFF486E.33F6%peter.cranstone@gmail.com>
I've seen Microsofts implementation. I downloaded the free version of
Windows 8, installed it and then ran I.E. 10 - the default is turned on.
The real problem I found was where to disable it? It was hidden (in plain
sight) in the advanced tab. The bigger issue for me was that I had to
reboot the OS to get the setting to change.

Your logic below

MSIE: DNT-1 (set by default)
Server: Neg ACK (I have taken a look at MSIE's implementation of the
standard and I do not deem this DNT-1 to be a valid expression of user
choice).
MSIE: prompts the user (through an in-browser dashboard it has
developed): this server has failed to acknowledge your DNT-1. Please
select one of the following a.) I don't want to be tracked by this
server; b.) I do want to be tracked by this server; c.) I'm generally ok
with being tracked, please stop bothering me.
User: I pick 'a.) I don't want to be tracked by this server'
MSIE: DNT-1 (again)
Server: ????

Is correct. The problem you have is that each time a user changes his/her
settings you have to run through the whole logic again. Which means in
essence you have to track the user to know when they changed the setting
last.

The issue you do have in your logic is item C) I'm generally OK with being
tracked, please stop bothering me. I think it's redundant because the
tracking choice is binary (1,0). However this is where the Null value
comes in - so C could be c) I don't have a preference - but this then
introduces another point of confusion. It means one thing in Europe (do
not track) and another thing in the US (tracking allowed). So now you have
to determine the users location before setting a cookie to meet the
preference. 

Again - all easy to do (except on Mobile) but it requires more programming
logic on the server, which increases cost and the chance for bugs.



Peter
___________________________________
Peter J. Cranstone
720.663.1752








On 6/14/12 7:48 AM, "Tamir Israel" <tisrael@cippic.ca> wrote:

>Hi Brooks,
>
>On 6/14/2012 10:39 AM, Dobbs, Brooks wrote:
>>> trouble is that IE 10 is not non-compliant for all possible cases.
>>> >  There are tools that are non-compliant for all possible cases.
>> I am not sure I agree with that statement.  If IE10's compliance job is
>>to
>> communicate user preference in a manner that is discernable to a server,
>> when does it achieve this end?  As has been pointed out, IE makes it
>> impossible to discern between a DNT:1 that is or is not an expressed
>>user
>> preference.
>
>We have yet to see MSIE's implementation, so I do not understand how you
>can categorically state this. In the implementation below, MSIE is
>perfectly capable of clearly communicating user expression as defined by
>the spec:
>
>
>MSIE: DNT-1 (set by default)
>Server: Neg ACK (I have taken a look at MSIE's implementation of the
>standard and I do not deem this DNT-1 to be a valid expression of user
>choice).
>MSIE: prompts the user (through an in-browser dashboard it has
>developed): this server has failed to acknowledge your DNT-1. Please
>select one of the following a.) I don't want to be tracked by this
>server; b.) I do want to be tracked by this server; c.) I'm generally ok
>with being tracked, please stop bothering me.
>User: I pick 'a.) I don't want to be tracked by this server'
>MSIE: DNT-1 (again)
>Server: ????
>
>The server is basing its rejection of the first DNT-1 on its own
>research and the assessment that it did not result from 'user choice'. I
>don't think it can do so for the second DNT-1. Indeed, this second DNT-1
>is fully compliant as far as I can tell.
Received on Thursday, 14 June 2012 13:59:23 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:30 UTC