- From: Jules Polonetsky <julespol@futureofprivacy.org>
- Date: Mon, 31 Oct 2011 12:56:23 -0400
- To: "'Tom Lowenthal'" <tom@mozilla.com>, <public-tracking@w3.org>
- Cc: <public-tracking@w3.org>, "'Roy T. Fielding'" <fielding@gbiv.com>
Why can't apps be included as a target for this standard? Users increasingly will click on an icon on their phone, unaware of whether it is an app or html 5 or even a bookmark. Already today, when I want to opt-out of ad targeting on a mobile site and ad target in an app, I need to opt-out of the same ad network in 2 different ways (one a click to get an opt-out cookie, one I need to provide my device ID to the ad network to keep it on an opt-out list...if the ad network provides such a choice). With the advent of device fingerprinting, targeting by mac address and other new identifiers used for app targeting, DNT for apps should be a priority. -----Original Message----- From: Tom Lowenthal [mailto:tom@mozilla.com] Sent: Monday, October 31, 2011 12:43 PM To: public-tracking@w3.org Cc: public-tracking@w3.org; Roy T. Fielding Subject: TPE Document, S2.3 P1 Pursuant to my F2F comment. The current first paragraph of section 2.3 reads: > HTTP [HTTP11] uses the term user agent to refer to any of the various > client programs capable of initiating HTTP requests, including > browsers, spiders (web-based robots), command-line tools, native > applications, and mobile apps. Although the protocol defined by this > specification is applicable to all forms of user agent, the compliance > requirements are specifically concerned with the privacy expectations > of a human user and the tracking of their browsing history over time. > Hence, user agents that do not have some form of "browsing" nature or > do not communicate with more than one site are not expected to comply > with this protocol. This leaves the status of mobile apps somewhat unclear. I propose the following text instead: > HTTP [HTTP11] uses the term user agent to refer to any of the various > client programs capable of initiating HTTP requests, including > browsers, spiders (web-based robots), command-line tools, native > applications, and mobile apps. Although the protocol defined by this > specification is potentially applicable to all forms of user agent, > the compliance requirements are specifically concerned with the > privacy expectations of a human user and the tracking of their > browsing history over time. > > There exist user agents which do not have a "browsing" nature, such as > mobile apps which communicate with one service exclusively. These > non-browsing user-agents are not the target for this standard, though > there is no reason why they could not implement it.
Received on Monday, 31 October 2011 16:57:07 UTC