W3C home > Mailing lists > Public > public-tracking@w3.org > June 2012

Re: Examples of successful opt-in implementations

From: Rob van Eijk <rob@blaeu.com>
Date: Thu, 14 Jun 2012 18:49:35 +0200
Message-ID: <4FDA161F.5080208@blaeu.com>
To: public-tracking@w3.org
I would like to share a thought with you. I am expressing my personal 
views here. It is a thought that I had on my way back from the OBA 
roundtable today in Brussels. DNT has the potential to solve many 
uncertainties, but only if all parties involved are demonstrating the 
willingness to think out of the box.

Let me explain why. DNT offers essential technical building blocks that 
may very well deal with e-priv directive and directive 94/95/EC 
compliance. That is in my view the added value of DNT in comparison to 
the current opt-out cookie system (eg. YourOnlineChoices). There is a 
small window of opportunity in recital 66 of directive 2009/136/EC. The 
essential building blocks are the response header and the exception 
mechanism. Rigo has been repeating this over and over. I am not arguing 
that DNT should include EU compliance in the compliance document. I am 
also not arguing that first parties must be subject to DNT. I am just 
showing the added value of DNT, that could save us from a 'world of 
pain', as Aleecia would call it.

A user preference expression and acknowledgement from the server go hand 
in hand. In order to have a granular dialog with the user under the hood 
of the browser, exceptions play a vital role. DNT to me is about 
engaging the dialog between users and parties.

Mind-model: if a first party want to use non-functional cookies, or if 
he want to use functional cookies beyond their normal purpose, then the 
1st party is still free to use the DNT exception mechanism or the 
well-known URL. Inform the user about the purpose of what you are saving 
and/or reading from the device and ask for an exception. If the answer 
is no, then think again about the value proposition you had in mind.

Somehow the industry in the EU does, in my humble opinion, not see this 
opportunity of creating useful technical building blocks. We have an 
important task at hand, which is not just about the continues 
improvement of the transparency/control of the opt-out system. Therefor 
I call upon this group to think about making the technical building 
blocks as useful as possible, not just for 3rd parties operating in a 
1st party context.

mvg::Rob

On 14-6-2012 1:21, Rigo Wenning wrote:
> On Wednesday 13 June 2012 14:30:36 Jonathan Mayer wrote:
>> At any rate, I'm unsure where this line of inquiry is
>> going.  We've already agreed that Do Not Track is directed
>> towards third parties, not first parties.
> For consent purposes, first parties are not obliged by DNT, but can
> benefit from DNT. So this is not at all a futile exercise
>
> Rigo
>
>
Received on Thursday, 14 June 2012 16:50:13 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:30 UTC