W3C home > Mailing lists > Public > public-tracking@w3.org > October 2012

Re: Modifying a DNT Header (ISSUE-153, ACTION-285)

From: Walter van Holst <walter.van.holst@xs4all.nl>
Date: Wed, 31 Oct 2012 16:08:37 +0200
To: <public-tracking@w3.org>
Message-ID: <43cb00a44cad35d2c5dcf5659f2f16dd@xs4all.nl>
On 2012-10-31 15:45, David Wainberg wrote:
> Hi Jonathan,
>
>  This does not do enough to ensure that a DNT signal reflects a users
> deliberate and informed choice. First, it should be a MUST. Second, 
> it
> should apply to any software responsible for modifying or including
> the DNT header. Back in August I proposed the following:
>
> "A UA that allows or enables other software to alter the DNT setting
> MUST ensure that such alteration reflects the user's intent."
>
>  That accomplishes what we want, doesn't it?

The consequence would be that all current extension mechanisms of 
popular UAs such as Firefox, Chrome and IE would fail to meet this 
criterium. The ultimate consequence would be a DRM-like measures plus a 
an audit that goes further than for examle iTunes App Store does to 
ensure this 'MUST' and even then this cannot be guaranteed. It is a 
burden UA producers cannot bear. It also goes far beyond what is a 
normal industry practice in similar situations, such as click-through 
license agreements. These are often bypassed in deployment mechanisms 
perused in corporate environments for the simple reason that the 
end-users consent in that context is superfluous given corporate policy.

If it is at all possible to prescribe UA behaviour this much I can 
imagine that Jonathan's text be altered into:

A UA MUST incorporate detection mechanisms for alteration of 
DNT-preferences by third-party software (including third-party 
UA-extensions and plugins) and MUST upon detection of such changes 
verify with the user that they reflect the user's intentions. The UA MAY 
provide the user with the option to ignore future changes in the 
DNT-preferences or to automatically change them back to a user-set 
preference.

This would be a bit like the common practice for browser vendors to 
detect whether their browser is the user's default browser and 
requesting user input on that subject. I think the above captures both 
you and Jonathan's concern.

Regards,

  Walter
Received on Wednesday, 31 October 2012 14:09:09 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:37 UTC