Re: ad-blocker detection scripts from Joseph Lorenzo Hall on 2016-04-29 (public-privacy@w3.org from April to June 2016)

From: Joseph Lorenzo Hall <joe@cdt.org>
Date: Fri, 29 Apr 2016 09:25:34 -0400
To: Christine Runnegar <runnegar@isoc.org>
Cc: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Message-ID: <CABtrr-W1uSna8Qe=eZ=kAkDmC859rk5oLdzvH21g2wLCqWZe+Q@mail.gmail.com>

So, is this essentially arguing that the EU will require affirmative,
opt-in consent for running any dynamic content? That doesn't seem wise.

It strike me that not all ad-blocker detection need to be done via
scripting. E.g., the traditional web-beacon model of crafting the page with
a personalized image URL and detecting if that asset was loaded could be a
method to detect blocking of certain domains without accessing any
persistent state in the UA.

Although maybe I'm misunderstanding this? best, Joe

On Fri, Apr 29, 2016 at 9:08 AM, Christine Runnegar <runnegar@isoc.org>
wrote:

> Hello all.
>
> In the context of our draft Group Note on Fingerprinting Guidance for Web
> Specification Authors [1] and general Web privacy mandate, it might be
> worthwhile to discuss the specific issue of sites running scripts to detect
> the presence of ad-blockers/tracking blockers. This issue was recently
> highlighted in a tweet from Alexander Hanff and picked up by various media
> sources, including this article in the Register:
>
>
> http://www.theregister.co.uk/2016/04/23/anti_ad_blockers_face_legal_challenges/
>
> Christine
>
> [1] https://www.w3.org/TR/fingerprinting-guidance/
>

-- 
Joseph Lorenzo Hall
Chief Technologist, Center for Democracy & Technology [https://www.cdt.org]
1401 K ST NW STE 200, Washington DC 20005-3497
e: joe@cdt.org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key
Fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871

Received on Friday, 29 April 2016 13:26:26 UTC