RE: Sitecom adds Do Not Track to its routers

Apologies if this is implicitly/explicitly out of scope of the compliance context, but just confirming: you are talking about a router installed in a public network context, right? In an enterprise or home (private network) context, the configuration of this function via a router would be a decision of the administrator of that private network. That may involve any manner of explicit or implicit notice to users (or none at all…) that this is the policy in that context, which is within the right of the network owner.

Thanks,
Bryan Sullivan

From: Shane Wiley [mailto:wileys@yahoo-inc.com]
Sent: Friday, November 30, 2012 3:06 PM
To: Craig Spiezle; Brendan Riordan-Butterworth
Cc: JC Cannon; W3C DNT Working Group Mailing List
Subject: RE: Sitecom adds Do Not Track to its routers

Craig,

This is one systems administrator activating DNT for all users who receive traffic through that router – which could be a considerable number of individual, independent users who are not making this choice for themselves.  As such, this would be a violation of the draft standard as currently worded.

- Shane

From: Craig Spiezle [mailto:craigs@otalliance.org]
Sent: Friday, November 30, 2012 3:57 PM
To: Brendan Riordan-Butterworth
Cc: JC Cannon; W3C DNT Working Group Mailing List
Subject: Re: Sitecom adds Do Not Track to its routers

As JC and i also confirmed this is an opt in device are you suggesting it would be non-compliant?

As more sw and hw solutions come to market specially designed to block ads, enhance privacy or third party calls I believe the intent of the user will be met through the user's purchase. That said I would hope there is a user string detectable so the site can detect such usage and determine what content / services are made available


Sent from my phone

On Nov 30, 2012, at 5:13 PM, Brendan Riordan-Butterworth <Brendan@iab.net<mailto:Brendan@iab.net>> wrote:
http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#dnt-header-field


“An HTTP intermediary must not add, delete, or modify the DNT header field in requests forwarded through that intermediary unless that intermediary has been specifically installed or configured to do so by the user making the requests. For example, an Internet Service Provider must not inject DNT: 1 on behalf of all of their users who have not expressed a preference.”

If the router has a single point to configure the DNT header field for all outbound traffic, and the LAN it is in front of has more than one user making HTTP requests, then the Sitecom functionality is not compliant with the requirements on intermediaries as defined in section 4.2 of the TPE document.

/brendan.

From: JC Cannon [mailto:jccannon@microsoft.com]
Sent: Thursday, November 29, 2012 1:14 PM
To: W3C DNT Working Group Mailing List
Subject: Sitecom adds Do Not Track to its routers

“The Do Not Track functionality is disabled by default, and requires the user to visit the router's configuration page to enable it. Sitecom has confirmed that, in addition to launching the software on third-generation X-Series routers, it will bring the Do Not Track option to existing devices with Sitecom Cloud Security through a free firmware update.”

http://www.bit-tech.net/news/hardware/2012/11/29/sitecom-do-not-track/1


JC

Received on Saturday, 1 December 2012 01:32:00 UTC