- From: Shane Wiley <wileys@yahoo-inc.com>
- Date: Wed, 8 Feb 2012 09:42:56 -0800
- To: Rigo Wenning <rigo@w3.org>, "public-tracking@w3.org" <public-tracking@w3.org>
- CC: "Roy T. Fielding" <fielding@gbiv.com>, Lauren Gelman <gelman@blurryedge.com>
Rigo, Do you have an example in the real-world where a medical or insurance website has tracked referrer headers to ask their clientele specific questions to affect their coverage? This appears to be far beyond the realm of real-world practices. NOT a real threat - so therefore NOT real boundaries. - Shane -----Original Message----- From: Rigo Wenning [mailto:rigo@w3.org] Sent: Wednesday, February 08, 2012 9:31 AM To: public-tracking@w3.org Cc: Roy T. Fielding; Lauren Gelman Subject: Re: [Issue-5] [Action-77] Defining Tunnel-Vision 'Do Not (Cross-Site) Track' Can we draw some collection limitation from that? If I send a request to example.com, example.com knows that I'm interacting with them. But if I have looked at some medical site and now (by inadvertence) surf to my insurance website, they could detect that I looked at alzheimer information and will ask me about it next time. So we seem to have identified a clear threat with clear boundaries. If we agree, we would have to add some text. Collecting referrer from within a certain boundary would work. This is at least a very good first step that we can note down IMHO Rigo On Tuesday 07 February 2012 15:22:26 Roy T. Fielding wrote: > > What is the use case where I'm a third party and I need to know where a > > user is coming from. If I'm a Macys ad just sitting on NYT, and a > > DNT:1 user visits the site, why would referrer info [where the person > > was prior to arriving at NYT] be passed to me? > Sorry, that's me being unclear. The referral data in the ad's case is > Macy's website, not where the user came from before Macy's. It is > important to know that this ad was seen on Macy's site.
Received on Wednesday, 8 February 2012 17:48:51 UTC