RE: [ISSUE-81, ACTION-13] Response Header Format from Shane Wiley on 2011-10-18 (public-tracking@w3.org from October 2011)

From: Shane Wiley <wileys@yahoo-inc.com>
Date: Tue, 18 Oct 2011 15:26:06 -0700
To: David Singer <singer@apple.com>, "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <63294A1959410048A33AEE161379C8023D02102C2D@SP2-EX07VS02.ds.corp.yahoo.com>

My concern with deep response layers is that explaining this to the average consumer becomes problematic and undermines to a degree the goal of consumers understanding what DNT means and how it impacts their online experiences.

- Shane

From: public-tracking-request@w3.org [mailto:public-tracking-request@w3.org] On Behalf Of David Singer
Sent: Tuesday, October 18, 2011 3:23 PM
To: public-tracking@w3.org
Subject: Re: [ISSUE-81, ACTION-13] Response Header Format

I think the idea of a 'nuanced' answer is good.  I fear the number of times that a 'simple' answer unambiguously applies might be quite small.

The responses in the 100-range below are the 'exception' ones ("I am tracking you"), and I'd suggest that 100-series is probably more logically the 'success' (your request not to be tracked is being more-or-less honored).  I like the idea that the existence of these responses allows web sites to say what they are doing even without a request, that's cool.

100 = I see your DNT and respect it completely (same as currently suggested 1)
101 = You have an opt-out cookie, and I am therefore not tracking you
102 = I never track anyone anyway

200 = You asked for DNT but I will not respect it (same as currently suggested 0) [[ should this be a 400-series?? ]]
201 = Will not respect because I am a 1st party
202 = Will not respect because you have explicitly opted in to my tracking
203 = I claim I am Allowed to track because it's for research (possibly)
205 - I am tracking you to the extent required by law
206 - I am still tracking you for some other/unspecified reason for which there is no distinct response code

300 = I don't know (could be the default, and probably means the same thing as no response)

4xx - error situations? (like?)

From: JC Cannon [mailto:jccannon@microsoft.com]
Sent: Saturday, October 15, 2011 2:01 PM
To: Kevin Smith; public-tracking@w3.org<mailto:public-tracking@w3.org>
Subject: RE: [ISSUE-81, ACTION-13] Response Header Format

First parties should not have to return a response.

I think it's really helpful, especially if the user and the site disagree about what a first party is. It provides excellent feedback.

David Singer
Multimedia and Software Standards, Apple Inc.

Received on Tuesday, 18 October 2011 22:28:23 UTC