Hi David, On 6/19/2012 7:46 PM, David Singer wrote: > Indeed, we had a compromise here: > > * there may be some User Agents that are specifically made and > marketed as being privacy-enhancing, and they could indeed have a > default (and maybe they use Tor, reduce fingerprinting, and so on) > * there may be some Sites that are specifically for the purpose of > tracking ('TrackMyReading.com') where signing up for the site implies > out-of-band permission to track. > > General-purpose UAs cannot claim to be the first; and general-purpose > sites cannot claim to be the second. They both need to take extra > steps (to allow the user to turn on DNT, or to ask the user for an > exception). > > This is a balance, and a compromise; if we discard one, we should > discard the other. The text currently in the TPE I believe respects > both. We should probably critique what is actually written... What restrictions does the current spec place on out of band consent? I thought it was largely left to server discretion, so the server might accept notice buried in its linked TOU coupled with minimal interaction as out-of-band permission regardless of whether 'site.com' is self-evidently a tracking site or not. I personally do not have a problem with implying consent in cases where tracking is self-evident from the nature of the service. Best regards, TamirReceived on Thursday, 21 June 2012 03:34:40 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 21 June 2012 03:34:47 GMT