- From: Kevin Smith <kevsmith@adobe.com>
- Date: Wed, 1 Feb 2012 11:00:26 -0800
- To: Nicholas Doty <npdoty@w3.org>, Shane Wiley <wileys@yahoo-inc.com>
- CC: Tracking Protection Working Group WG <public-tracking@w3.org>
Sorry - did not see this part of the thread. Nick already asked my question. And I agree with Nick. Seems unnecessarily complex now, and easy to extend later if we want it. -----Original Message----- From: Nicholas Doty [mailto:npdoty@w3.org] Sent: Wednesday, February 01, 2012 8:02 AM To: Shane Wiley Cc: Tracking Protection Working Group WG Subject: Re: tracking-ISSUE-121: Should a user agent advertise its DNT ability by, e.g., sending DNT;NULL [Tracking Preference Expression (DNT)] On Feb 1, 2012, at 6:48 AM, Shane Wiley wrote: > The publisher may request an exception proactively if they see that DNT is available to the user agent but not yet activated (may be required in some legal jurisdictions). This would be good to discuss further. In JavaScript it would be particularly easy to check for the capability to request site-specific exceptions (a method which would just be null if the user agent doesn't support it). What's the relevant legal requirement? Do we expect that there are some jurisdictions that would require use of an exception mechanism if one existed even if the user weren't using Do Not Track? > Why would a user NOT wish for their user agent to broadcast its ability to support DNT? User agents don't typically broadcast every extension or capability they have on every outgoing HTTP request. It increases fingerprintability. A user might not want to unintentionally send a signal that they specifically hadn't enabled a privacy setting. For those concerned about bandwidth, sending the header on every browser that supports DNT, even if the vast majority of those users don't have it enabled, would generate a relatively large cost with possibly no advantage for the user. Thanks, Nick
Received on Wednesday, 1 February 2012 19:05:12 UTC