browser sniffing, user's rights, web commerce, ACSS reference

In the context of "browser sniffing" I mentioned my "User's Bill
of Rights" discussion prepared as part of my personal
contributions to the WAI-WG review of ACSS.  This is not a
consensus result of any WAI group.  It is just the best writeup
of the concept that I can find quickly.  As regards browser
sniffing, what it says is:

  Non-discrimination in HTTP service

   HTTP servers shall not decline to serve a document to a client because
   of the display and control capabilities of the client. HTTP servers
   shall not make decisions how to deliver service based on client type
   other than standard display and control capabilities explicitly
   communicated from the client.

The full note can be found at:

 Status of ACSS action item on 02 July 1997

 http://www.access.digex.net/%7Easgilman/web-access/ACSS/status1.html

This is an area where there is friction between two good things.
One is creative innovation in the art of the business deal and
the other is the function of W3C formats and protocols to
preserve the openness of the Web environment.

Keying off the User-Agent header in HTTP, what I am calling
"browser sniffing" is common.  It is quick and convenient.  
It short-circuits user steering of their browse
process.  This can either be a convenience, if it is done
well, or an orientation and navigation disaster, if the access
mode of the user falls outside the horizon of what the site
builder thought about.  [Same old story.]

For Web commerce, one important factor is that it is totally
insecure.  Even if it were legally established in lawsuits that
using "Mozilla" in your User-agent string was subject to business
licensing from Netscape, the fact that Netscape could sue you is
not sufficient security policy to protect your link to a Bank.
If they really care about the security of the Web discourse that
accesses their accounts, they need a more trustworthy test of the
dialog than simple browser sniffing.

This affects accessibility by the disabled when we bring it down
to the specific case of access to Web banking using Lynx.  If
banks require some short list of browsers that does not include
Lynx, then the set of people they are shutting out contains a
markedly higher proportion of blind individuals than the people
that they are not shutting out.  This has in some parallel
situations in the past been sufficient evidence to rule the
practice illegally discriminatory.  But in the Law, a precendent
is in the eye of the case builder.  It is just a theory you can
claim and try to defend before a jury.  It's not a matter of
deductive theorem proving.  I am not trying to build a jury-proof
case here; just establish a reasonable doubt that reading the
User-Agent header is the most WAI-friendly way to confirm that
you have some privacy for the business dialog that you want to
conduct.

I would like the WAI-UA group to consider formulating a User's
Bill of Rights for the Web.  In the spirit of Universal Design,
it may only be the disabled who care enough to invent this, but
it will be to the advantage of all: users and site maintainers
and vendors alike.

I believe that on looking at what the user's rights should be,
that browser sniffing will be, if not deprecated, subjected to
guidelines that ensure that the user can disable or in other ways
override it.  And that bonafide requirements such as auditing the
privacy of business conversations will be implemented by bonafide
audit methods accessible by all, not by business alliances.

Al Gilman

Received on Tuesday, 24 March 1998 12:38:27 UTC