W3C home > Mailing lists > Public > public-tracking@w3.org > June 2012

Re: Evolving Online Privacy - Advancing User Choice

From: Peter Cranstone <peter.cranstone@gmail.com>
Date: Wed, 20 Jun 2012 11:33:57 -0600
To: Justin Brookman <justin@cdt.org>, <public-tracking@w3.org>
Message-ID: <CC07640D.3D88%peter.cranstone@gmail.com>
>> "A third party must obtain explicit, informed consent to obtain a
user-granted exception to track despite the DNT:1 header"?

How does the 3rd party know whether or not the UA was invalid?

Which sets up the loopŠ
* Client sends DNT:1
* Server decides that DNT:1 is invalid
* Server MAY respond
> * Which now hoses the 3rd party
Because you will now need to add:
* Server decides DNT is invalid
* Server MUST send a message to the 3rd party saying "Track away"
User sees his privacy is being abused and sues the content provider. He says
he sent a DNT flag ­ server guy says "I saw it but I ignored it". Client
says ­ WTH, why didn't you give me a Choice on what do next. Sever responds
­ because I was not required to.

Client says ­ bye.


Peter
___________________________________
Peter J. Cranstone
720.663.1752


From:  Justin Brookman <justin@cdt.org>
Date:  Wednesday, June 20, 2012 11:23 AM
To:  W3 Tracking <public-tracking@w3.org>
Subject:  Re: Evolving Online Privacy - Advancing User Choice
Resent-From:  W3 Tracking <public-tracking@w3.org>
Resent-Date:  Wed, 20 Jun 2012 17:24:18 +0000

>     
>  Thank you for this helpful clarification.
>  
>  The requirements for consent to turn DNT on is: "  A User Agent must obtain
> explicit, informed consent to turn on the DNT header       " Can I assume that
> your proposal would require the same formulation for the granting of a
> user-granted exception: "A third party must obtain explicit, informed consent
> to obtain a user-granted exception to track despite the DNT:1 header"?
>  
> Justin Brookman
> Director, Consumer Privacy
> Center for Democracy & Technology
> 1634 I Street NW, Suite 1100
> Washington, DC 20006
> tel 202.407.8812
> fax 202.637.0969
> justin@cdt.orghttp://www.cdt.org
> @CenDemTech
> @JustinBrookman
>  
>  On 6/20/2012 12:57 PM, Shane Wiley wrote:
>>     
>>  
>> 
>> One editorial mistake discovered (there will probably be others).  In the
>> ³Explicit and Separate User Choice² section, 4c should read:
>>  
>>  
>>  
>> ³Servers that respond to all DNT requests as non-compliant regardless of User
>> Agent details ARE NOT compliant with this recommendation.²
>>  
>>  
>>  
>> - Shane
>>  
>>  
>>  
>>  
>>  
>> 
>> From: Shane Wiley
>>  Sent: Wednesday, June 20, 2012 12:03 AM
>>  To: public-tracking@w3.org
>>  Subject: Evolving Online Privacy - Advancing User Choice
>>  
>>  
>>  
>>  
>>  
>> TPWG,
>>  
>>  
>>  
>> Please find attached the detailed proposal text we¹ll be reviewing tomorrow
>> afternoon (built upon the proposal outline I provided last week).
>>  
>>  
>>  
>> The following individuals, companies, and trade associations contributed to
>> this proposal:  
>>  
>>  
>>  
>> Marc Groman & David Wainberg ­ NAI
>>  
>> Alan Chapell ­ Chapell & Associates
>>  
>> Heather West, Sean Harvey, & Ian Fette ­ Google
>>  
>> Shane Wiley ­ Yahoo!
>>  
>>  
>>  
>> There is considerable detail covering numerous topics in this proposal and
>> therefore it should not be consider an endorsement by all contributors to all
>> parts of this proposal.  That said, all contributors generally agree with the
>> direction and approach of this document.
>>  
>>  
>>  
>> We look forward to further discussion and fielding questions tomorrow
>> afternoon.
>>  
>> 
>>  Thank you,
>>  Shane
>>  
>>  
>  
Received on Wednesday, 20 June 2012 17:34:38 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:31 UTC