TPE: Input for our discussions in DC from Matthias Schunter on 2012-04-04 (public-tracking@w3.org from April 2012)

From: Matthias Schunter <mts-std@schunter.org>
Date: Wed, 04 Apr 2012 12:17:21 +0200
To: "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <4F7C1FB1.8010804@schunter.org>

Hi Team,


in DC, we currently have the resolution of  ISSUE-111, ISSUE-124, and
ISSUE-130 on our radar.
Please drop me a line if there are other complex ISSUES that we should
tackle.

Below, I summarised what I believed to be the latest input for these
discussions as a means to facilitate preparation for DC.

The latest TPE can be found here:
 http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html

Feel free to comment/add if I accidentially misstated or overlooked some
information.


Regards,
matthias

---8<------ ISSUE-130: Header or well-known URI or both? -----

Goal:
- A site wants to inform a user agent about its DNT practices. This
includes (but is not limited to) information on
   - Whether the site is intended for 1st or 3rd party use
   - Whether it claims to follow DNT compliance
   - Whether it believes that it has received an exception for a given
user agent

Status:
- The current draft contains a well-known URI proposal (Section 5.1) and
a header proposal (Section 5.2) that
  are positioned as alternatives
- Tom Lowenthal is working on a hybrid that will combine both [Gentle
reminder to tom ;-)]
- This hybrid is expected to be the basis for our discussion.

Questions:
- What is the best approach to satisfy the criteria put forward in this
wiki?
   http://www.w3.org/wiki/DntResponseHeaderOrURI
 

---8<------ ISSUE-124 and ISSUE-112, ISSUE-113: Site-specific Exceptions
-----

Goal:
- If a user has a preference not to be tracked (DNT;1) and visits a
site, this site
  shall be enabled to ask for an exemption from the need to comply with
our compliance spec

Status:
- The current draft (Section 6) provides a Javascript API that allows to
grant exceptions to
   a) A list of specified third parties on the given site
   b) A blanked exception to any "*" third party for this given site
- The current draft does not allow web-wide exceptions (ISSUE-113) that
would be needed
   to make some widgets work globally on all sites
- While there was concern that lists of pairs {(thirdparty, site), ...}
may be hard to handle,
  I did not see strong objections to having them.

Questions:
- Are there strong objections to the current draft (ideally with text)?
- Should we add web-wide exceptions (thirdparty, *) that allows a third
party element to work on all sites?
- How are sub-domains handled?

---8<------ ISSUE-111: Request header revisited -----
Goal:
- Inform a site about the current DNT choices stored by a user agent

Status:
- Current draft (Section 4.1) specifies DNT;0 permitting a site to track
and DNT;1 expressing
  a preference not to be tracked
- Potential additional values were suggested to express, e.g.,:
  - There is a global exception ("*") for your site
  - There are no exceptions for your site
  - There is an exception for you and some third parties

Questions:
- What information on tracking status and exception does a site need?
- How to encode this information.

Received on Wednesday, 4 April 2012 10:17:52 UTC