Re: action-231, issue-153 requirements on other software that sets DNT headers

I can't be on the next 2 weeks of the call, since the Commerce Dept in the US has scheduled conflicting times for key privacy discussions.  But look forward to continued discussion, inc, Amsterdam.



On Aug 21, 2012, at 7:59 PM, Shane Wiley wrote:

> Jeff,
>  
> I disagree both on your philosophical position (compliant Servers must honor non-compliant UAs) but more importantly as part of the working group process.  Hopefully we can review this (again) at the next TPE weekly meeting.
>  
> - Shane
>  
> From: Jeffrey Chester [mailto:jeff@democraticmedia.org] 
> Sent: Tuesday, August 21, 2012 4:56 PM
> To: Shane Wiley
> Cc: John Simpson; Tamir Israel; Dobbs, Brooks; David Singer; David Wainberg; public-tracking@w3.org (public-tracking@w3.org); Nicholas Doty
> Subject: Re: action-231, issue-153 requirements on other software that sets DNT headers
>  
> Shane:  I don't believe we have said such flags are "invalid."  I agree with John, DNT:1 must be honored. We should not penalize privacy by design, a policy most stakeholders support.  
> Regards,
>  
> Jeff
>  
>  
>  
> On Aug 21, 2012, at 7:49 PM, Shane Wiley wrote:
> 
> 
> John,
> 
> I thought we already agreed in the working group to remain silent on this situation and allow implementers to defend their actions with respect to sending invalid flags.  Correct?  I understand your personal views here but I wanted to reconfirm the working group end-point on this issue.
>  
> Thank you,
> Shane
>  
> From: John Simpson [mailto:john@consumerwatchdog.org] 
> Sent: Tuesday, August 21, 2012 4:46 PM
> To: Tamir Israel
> Cc: Dobbs, Brooks; David Singer; David Wainberg; public-tracking@w3.org (public-tracking@w3.org); Nicholas Doty; Shane Wiley
> Subject: Re: action-231, issue-153 requirements on other software that sets DNT headers
>  
> For what it's worth I do not see how you can "blacklist" a UA that is supposedly noncompliant if it sends a valid DNT:1 You can write a letter to the vendor, you can call them out for being noncompliant, you can protest to regulatory authorities if they claim to be complaint when they are not.
>  
> However, if you get a DNT:1 signal, it needs to be honored.  
>  
> On Aug 21, 2012, at 2:58 PM, Tamir Israel wrote:
> 
> 
> 
> OK -- I am not advocating two headers! Although one for each personality would probably lead to more accurate profiling ; P
> 
> I suppose my concern was a combination of a.) how far will a UA's obligation to check that alterations to its DNT are 'reflective of user input' be stretched and b.) whether this opens up the door to more UA blacklisting potential.
> 
> Best,
> Tamir
> 
> On 8/21/2012 5:13 PM, Dobbs, Brooks wrote:
> 
> 
> Tamir,
>  
> You are making this too complicated.  UAs shouldn't be required to audit
> applications, plugins, etc - they should, per the spec, only ever send a
> signal which is consistent with a user preference.  If they don't feel
> confident that what they are sending meets that requirement they shouldn't
> send anything.  Anything else completely undermines the spec.  If you send
> two DNT headers, you are by definition, non-compliant (schizophrenic users
> not withstanding).
>  
> -Brooks
>  
>  
>  
> ----------
> John M. Simpson
> Consumer Advocate
> Consumer Watchdog
> 1750 Ocean Park Blvd. ,Suite 200
> Santa Monica, CA,90405
> Tel: 310-392-7041
> Cell: 310-292-1902
> www.ConsumerWatchdog.org
> john@consumerwatchdog.org
>  
>  
> Jeffrey Chester
> Center for Digital Democracy
> 1621 Connecticut Ave, NW, Suite 550
> Washington, DC 20009
> www.democraticmedia.org
> www.digitalads.org
> 202-986-2220
>  

Jeffrey Chester
Center for Digital Democracy
1621 Connecticut Ave, NW, Suite 550
Washington, DC 20009
www.democraticmedia.org
www.digitalads.org
202-986-2220

Received on Wednesday, 22 August 2012 00:59:22 UTC