- From: Nicholas Doty <npdoty@w3.org>
- Date: Wed, 1 Feb 2012 07:02:00 -0800
- To: Shane Wiley <wileys@yahoo-inc.com>
- Cc: Tracking Protection Working Group WG <public-tracking@w3.org>
On Feb 1, 2012, at 6:48 AM, Shane Wiley wrote: > The publisher may request an exception proactively if they see that DNT is available to the user agent but not yet activated (may be required in some legal jurisdictions). This would be good to discuss further. In JavaScript it would be particularly easy to check for the capability to request site-specific exceptions (a method which would just be null if the user agent doesn't support it). What's the relevant legal requirement? Do we expect that there are some jurisdictions that would require use of an exception mechanism if one existed even if the user weren't using Do Not Track? > Why would a user NOT wish for their user agent to broadcast its ability to support DNT? User agents don't typically broadcast every extension or capability they have on every outgoing HTTP request. It increases fingerprintability. A user might not want to unintentionally send a signal that they specifically hadn't enabled a privacy setting. For those concerned about bandwidth, sending the header on every browser that supports DNT, even if the vast majority of those users don't have it enabled, would generate a relatively large cost with possibly no advantage for the user. Thanks, Nick
Received on Wednesday, 1 February 2012 15:02:05 UTC