RE: TPE Document, S2.3 P1

I agree with Jules and believe the draft already covers all HTTP communications which would include 3rd party ad serving in the mobile browser and/or App environment.

- Shane

-----Original Message-----
From: Jules Polonetsky [mailto:julespol@futureofprivacy.org] 
Sent: Monday, October 31, 2011 9:56 AM
To: 'Tom Lowenthal'; public-tracking@w3.org
Cc: public-tracking@w3.org; 'Roy T. Fielding'
Subject: RE: TPE Document, S2.3 P1

Why can't apps be included as a target for this standard? Users increasingly
will click on an icon on their phone, unaware of whether it is an app or
html 5 or even a bookmark.  Already today, when I want to opt-out of ad
targeting on a mobile site and ad target in an app, I need to opt-out of the
same ad network in 2 different ways (one a click to get an opt-out cookie,
one I need to provide my device ID to the ad network to keep it on an
opt-out list...if the ad network provides such a choice). With the advent of
device fingerprinting, targeting by mac address and other new identifiers
used for app targeting, DNT for apps should be a priority.

-----Original Message-----
From: Tom Lowenthal [mailto:tom@mozilla.com] 
Sent: Monday, October 31, 2011 12:43 PM
To: public-tracking@w3.org
Cc: public-tracking@w3.org; Roy T. Fielding
Subject: TPE Document, S2.3 P1

Pursuant to my F2F comment. The current first paragraph of section 2.3
reads:

> HTTP [HTTP11] uses the term user agent to refer to any of the various 
> client programs capable of initiating HTTP requests, including 
> browsers, spiders (web-based robots), command-line tools, native 
> applications, and mobile apps. Although the protocol defined by this 
> specification is applicable to all forms of user agent, the compliance 
> requirements are specifically concerned with the privacy expectations 
> of a human user and the tracking of their browsing history over time. 
> Hence, user agents that do not have some form of "browsing" nature or 
> do not communicate with more than one site are not expected to comply 
> with this protocol.

This leaves the status of mobile apps somewhat unclear. I propose the
following text instead:


> HTTP [HTTP11] uses the term user agent to refer to any of the various 
> client programs capable of initiating HTTP requests, including 
> browsers, spiders (web-based robots), command-line tools, native 
> applications, and mobile apps. Although the protocol defined by this 
> specification is potentially applicable to all forms of user agent, 
> the compliance requirements are specifically concerned with the 
> privacy expectations of a human user and the tracking of their 
> browsing history over time.
>
> There exist user agents which do not have a "browsing" nature, such as 
> mobile apps which communicate with one service exclusively. These 
> non-browsing user-agents are not the target for this standard, though 
> there is no reason why they could not implement it.

Received on Monday, 31 October 2011 17:07:19 UTC