W3C home > Mailing lists > Public > public-tracking@w3.org > August 2012

Re: action-231, issue-153 requirements on other software that sets DNT headers

From: Jeffrey Chester <jeff@democraticmedia.org>
Date: Wed, 22 Aug 2012 17:21:03 -0400
Cc: Tamir Israel <tisrael@cippic.ca>, Alan Chapell <achapell@chapellassociates.com>, "Grimmelmann, James" <James.Grimmelmann@nyls.edu>, "Roy T. Fielding" <fielding@gbiv.com>, "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
Message-Id: <608913B8-2C74-4BAB-92D7-884317971ABB@democraticmedia.org>
To: "Dobbs, Brooks" <Brooks.Dobbs@kbmg.com>
I think we can have privacy, greater user control and monetization.  But many of the business practices have to been made explicit, with opt-in and greater controls and safeguards for data involving categories such as finance, health, ethnicity, youth etc.  There are also certain online marketing practices which require public safeguards, such as RTB.

DNT is part of a process to get the Internet system in balance.   

On Aug 22, 2012, at 4:55 PM, Dobbs, Brooks wrote:

> Tamir,
> 
> "privacy" is less defined than tracking and certainly a far more
> attenuated concept.  The spec does not speak to privacy protections but
> rather to specific requirements for servers when they see a DNT: 1 signal.
> I may grant that this might be characterized as a choice for
> "no-tracking", if we were able to define tracking in a manner that
> encompassed the overloaded meaning it has taken on in the spec (see 3rd
> party data append discussion).  But it is inherently misleading to suggest
> that DNT:1 is a choice for privacy where, as others have already pointed
> out, there is very strong disagreement amongst members that this will be
> the case.  
> 
> Where there should be no disagreement is that a DNT:1 signal based on a
> demonstrated user preference MUST be processed in accordance with the
> compliance spec.  This said, I can be fully compliant, see a DNT:1 and ask
> you for your name, credit card and billing address as a condition to
> seeing content.  Not a great leap forward for privacy IMHO.  We are in
> agreement that funding will continue, so in the end DNT: 1 will be a
> choice about how you want to pay, not if your going to.  I am not hearing
> any discussion about a more privacy friendly form of funding than
> advertising, so it seems a stretch to assume that a new, heretofore
> unknown, way of funding replaces it which is necessarily more privacy
> protective.
> 
> -Brooks
> 
> -- 
> 
> Brooks Dobbs, CIPP | Chief Privacy Officer | KBM Group | Part of the
> Wunderman Network
> (Tel) 678 580 2683 | (Mob) 678 492 1662 | kbmg.com
> brooks.dobbs@kbmg.com
> 
> 
> 
> This email  including attachments  may contain confidential information.
> If you are not the intended recipient,
> do not copy, distribute or act on it. Instead, notify the sender
> immediately and delete the message.
> 
> 
> 
> On 8/22/12 3:54 PM, "Tamir Israel" <tisrael@cippic.ca> wrote:
> 
>> Brooks,
>> 
>> I'm not seeing it. DNT-1 is a preference for privacy. It very directly
>> expresses 'I want you to respect my privacy, please do not track [insert
>> definition] my online browsing'.
>> 
>> If it also means that I will be faced with a second choice -- out of
>> bound consent; request for an exception for a specific service; etc.,
>> which I may say yes or no to on a case by case basis, depending on the
>> particular terms of the OOB, or the service requesting an exception --
>> in no way diminishes the fact that my initial expression 'Do Not Track
>> Me' indicates a preference for privacy with respect to my online browsing.
>> 
>> I agree that sites will need to be funded, one way or another, but this
>> does not change the underlying character of my 'DNT-1' as an expression
>> of a preference for privacy.
>> 
>> Best,
>> Tamir
>> 
>> 
>> On 8/22/2012 2:58 PM, Dobbs, Brooks wrote:
>>> Tamir,
>>> 
>>> I again note that DNT: 1 is NOT a preference FOR privacy.  It is a
>>> preference that a recipient server will process data in accordance with
>>> the compliance spec as required by the signal.  The net impact of the
>>> server's behavior may or may not on the whole be more or less privacy
>>> protective for the individual concerned.  A user may reasonably conclude
>>> that DNT: 0 or unset is likely to have a better net impact on privacy.
>>> Being asked for OOB exception or a micropayment for content may not, in
>>> many reasonable minds, be privacy enhancing.
>>> 
>>> I am not being pedantic here.  We must be conscious that we aren't
>>> discussing IF ad supported websites will continue to be funded but HOW.
>>> If a donut store offers you "free" donuts for giving their advertising
>>> sponsors your IP address and cookie as you wait in line but then is
>>> required by protocol not to collect those things, you may expect the
>>> shop
>>> will ask you for a credit card when you get to the register (or they'll
>>> close).  
>>> 
>>> 
>>> 
>>> -Brooks
>>> 
>>> 
> 
> 
> 

Jeffrey Chester
Center for Digital Democracy
1621 Connecticut Ave, NW, Suite 550
Washington, DC 20009
www.democraticmedia.org
www.digitalads.org
202-986-2220


Received on Wednesday, 22 August 2012 22:14:12 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:38:54 UTC