W3C home > Mailing lists > Public > public-tracking-comments@w3.org > June 2014

Last Call comment: require public-facing statement of server response policy

From: Lee Tien <tien@eff.org>
Date: Tue, 17 Jun 2014 15:46:24 -0700
To: public-tracking-comments@w3.org
Message-Id: <2A7DAB10-9937-4B8E-B10F-455B8A4467C6@eff.org>
To the extent that one objective of the TPE standard is to ensure that a serverís communication of its tracking status value is enforceable under Section 5 of the FTC Act or another similar regulatory regime, the TPE specification should require the server to describe within its privacy policy or other public-facing documents the meaning of its TSV and how the server responds to usersí tracking preferences.

The Last Call Document already requires an analogous explanation in a similar context.

"6.2.8 Disregarding (D)

A tracking status value of D means that the origin server is unable or unwilling to respect a tracking preference received from the requesting user agent. An origin server that sends the D tracking status value must detail within the server's corresponding privacy policy the conditions under which a tracking preference might be disregarded.

For example, an origin server might disregard the DNT field received from specific user agents (or via specific network intermediaries) that are deemed to be non-conforming, might be collecting additional data from specific source network locations due to prior security incidents, or might be compelled to disregard certain DNT requests to comply with a local law, regulation, or order."

It therefore appears reasonable and within scope of the TPE specification to require the same level of public, human-readable disclosure as to a server's response policy when it respects a tracking preference.  

Obviously, servers may respond in different ways depending on the nature of the incoming request; the major variations would, in our view, be sufficient.  The point is that there must at least be a public representation of the response policy.

Lee Tien
Senior Staff Attorney
Electronic Frontier Foundation
815 Eddy Street
San Francisco, CA 94109
(415) 436-9333 x 102 (tel)
(415) 436-9993 (fax)
Received on Tuesday, 17 June 2014 22:57:32 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:40:47 UTC