On CommentURSs ....

On Tue, 25 Mar 1997, Koen Holtman wrote:

> The same goes for the CommentURL proposal that had been floating around in
> another thread.  I don't think servers need hard-to-implement protocol
> extensions if they want to tell their users about their privacy policy.  Why
> not just put a link to your privacy policy on your company home page?

Because there is no obvious way for a user to obtain the information when
they are facing a prompt which asks if they want to accept a cookie.
The additional problem is that you force users to figure out what the
company home page is associated with a cookie and then to hunt around thru
the company pages to the cookie policy page. I don't see this as placing
any burden on servers.

It does place a burden on the UA but it also provides the UA with a crisp
clean way to provide the user with documentation on the purpose of a
particular cookie.

If we feel that privacy is important enough vis a vis cookies to impose 
restrictions on cookie sharing, then we need to include a clean mechanism
by which the user can make an informed decision.

Dave Morris

Received on Tuesday, 25 March 1997 14:03:00 UTC