W3C home > Mailing lists > Public > public-tracking@w3.org > January 2014

Re: Issue 153 - Approaching CfO

From: Brad Kulick <kulick@yahoo-inc.com>
Date: Wed, 15 Jan 2014 16:21:59 +0000
To: David Singer <singer@apple.com>, Ninja Marnau <ninja@w3.org>, "Justin Brookman" <jbrookman@cdt.org>
CC: Tracking Protection Working Group <public-tracking@w3.org>, "SULLIVAN, BRYAN L" <bs3131@att.com>
Message-ID: <944D38AB-56C9-4805-80BA-18976ADF35A6@yahoo-inc.com>
Justin, David, Ninja,

I am okay with the combination of our proposals in the CFO [1] to use David's language with one minor change -- replacing "that the rules are followed" with "compliance", making the final proposal:

"A user-agent that permits an extension or plug-in to configure or inject a DNT header is jointly responsible, with the plug-in or extension, for ensuring compliance."

Thanks,

Brad

ref:
[1] http://www.w3.org/wiki/Privacy/TPWG/Proposals_on_limitations_for_add-ons

On Jan 8, 2014, at 5:29 PM, David Singer wrote:

Note that there is the text I exchanged today that is pending feedback from Brad, as well.


On Jan 8, 2014, at 7:27 , Ninja Marnau <ninja@w3.org<mailto:ninja@w3.org>> wrote:

Thank you all for the participation in this discussion on add-ons. Please be aware that the co-chairs would like to start a Call for Objections on the text proposals soon after the WG call today. Please take a look at the wiki page http://www.w3.org/wiki/Privacy/TPWG/Proposals_on_limitations_for_add-ons to see whether your proposed text is listed there (or maybe suggest a last minute merging of text).

Bryan, I updated the wiki with your two proposals from December 18 http://www.w3.org/wiki/Privacy/TPWG/Proposals_on_limitations_for_add-ons
Would you please take a look to see whether I successfully captured them?

Ninja

Am 18.12.13 01:34, schrieb Nicholas Doty:
Hi Brad,

Thanks for this update. I think the clarity is useful, as this brings the proposal more in line with the scope of this issue (which is noted as being explicitly not about plug-ins or parts of the user agent, but about other software).

I've updated the wiki with the full two paragraphs in the existing text and your change proposal.
  http://www.w3.org/wiki/Privacy/TPWG/Proposals_on_limitations_for_add-ons

You're right that there's an interaction between the last sentence of the default tracking preference paragraph (currently, "Likewise, a user agent extension or add-on MUST NOT ... unless the act of installing ....") and the following paragraph (currently, "A user agent extension or add-on MUST NOT alter the user's tracking preference setting unless it complies..."). I think perhaps these are actually currently redundant, and just an artifact of adding the issue-153 text to already agreed upon text regarding extensions.

Alan Chapell wrote that second paragraph in June, integrated into the editors' draft by David Singer: https://www.w3.org/2011/tracking-protection/track/actions/423.

I hope that background helps. That gives me a few questions:

1) If we delete the "Likewise" sentence and leave the following paragraph, does that work for everyone? (I think that would be a mostly editorial change, and an improvement for the most part.)

2) Brad, if your concern is about software outside the user agent (the second paragraph, which I believe is the intended scope of issue-153), could we modify your proposal to just change the last sentence of the second paragraph ("Software outside of the user agent that causes a DNT header to be sent...")?

3) Brad, could we modify your proposal to rely on functional requirements (the current text relies on meeting the consent requirements, but maybe you had something else in mind) rather than prohibiting certain classes of software from sending/modifying a signal?

For the reasons I've expressed before, I don't think forbidding modifying/sending a DNT header for certain types of software will help any of our use cases, but expressing functional requirements will be more productive for our group.

Thanks,
Nick

On December 12, 2013, at 4:18 AM, Brad Kulick <kulick@yahoo-inc.com<mailto:kulick@yahoo-inc.com>> wrote:

Nick,

To make this proposal more clear, I have updated it. Along with clarifying the what to remove/alter I have added some non-normative text might be helpful per yesterday's discussion.

Thanks,

Brad

Existing text
----------------------------------------------------------------------------------------
A user agent must have a default tracking preference of unset (not enabled) unless a specific tracking preference is implied by the decision to use that agent. For example, use of a general-purpose browser would not imply a tracking preference when invoked normally as "SuperFred", but might imply a preference if invoked as "SuperDoNotTrack" or "UltraPrivacyFred". A user agent extension or add-on must not alter the tracking preference unless the act of installing and enabling that extension or add-on is an explicit choice by the user for that tracking preference.

A user agent extension or add-on must not alter the user's tracking preference setting unless it complies with the requirements in this document, including but not limited to this section (Determining a User Preference). Software outside of the user agent that causes a DNT header to be sent (or causes existing headers to be modified) must not do so without ensuring that the requirements of this section are met; such software also must ensure the transmitted preference reflects the individual user's preference.
----------------------------------------------------------------------------------------


New text
----------------------------------------------------------------------------------------
A user agent must have a default tracking preference of unset (not enabled) unless a specific tracking preference is implied by the decision to use that agent. For example, use of a general-purpose browser would not imply a tracking preference when invoked normally as "SuperFred", but might imply a preference if invoked as "SuperDoNotTrack" or "UltraPrivacyFred".

A user agent extension, add-on, or software outside of the user agent must not alter the tracking preference.

Non-normative:
User agent plug-ins and add-ons as well as software outside of a user agent are under continued review for future addition, whereby recognized limitations affecting a balanced implementation can be addressed.
----------------------------------------------------------------------------------------



On Dec 11, 2013, at 6:51 AM, "Brad Kulick" <kulick@yahoo-inc.com<mailto:kulick@yahoo-inc.com>> wrote:

Nick,

You are correct. Removing "Likewise" would be suffice. But Given the paragraph that following we would want to add intermediaries as well. Therefore, it would be:

"A user agent extension, add-on, or software outside of the user agent must not alter the tracking preference."

Also, the paragraph following it would need to be altered to remove or sync with the above.

Thanks,

Brad


On Dec 8, 2013, at 11:43 PM, Nicholas Doty wrote:

I've set up a wiki with what I believe are the two proposals (the existing text which was the basis for sometime and for the batch closing period; and Brad's alternative to remove the "unless" clause).

http://www.w3.org/wiki/Privacy/TPWG/Proposals_on_limitations_for_add-ons

Brad, we might want to clarify the wording of your suggestion: the sentence begins with "Likewise", but I believe you're proposing a different result (prohibition, rather than explicit choice) for user agent extensions / add-ons.

Thanks,
Nick

On December 4, 2013, at 12:48 PM, Brad Kulick <kulick@yahoo-inc.com<mailto:kulick@yahoo-inc.com>> wrote:

Matthias,

Respectfully, I would like to maintain my objection for closing Issue-153 and allow it to proceed to CFO. Given the lower than normal participation for today's call, I would appreciate allowing for process to complete to ensure any other similar viewpoints are represented.

Thanks,

Brad


David Singer
Multimedia and Software Standards, Apple Inc.
Received on Wednesday, 15 January 2014 16:23:47 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:45:21 UTC