tracking-ISSUE-109: siteSpecificTrackingExceptions property has fingerprinting risks: is it necessary? [Tracking Preference Expression (DNT)]

tracking-ISSUE-109: siteSpecificTrackingExceptions property has fingerprinting risks: is it necessary? [Tracking Preference Expression (DNT)]

http://www.w3.org/2011/tracking-protection/track/issues/109

Raised by: Nick Doty
On product: Tracking Preference Expression (DNT)

The siteSpecificTrackingExceptions list property (for JavaScript querying of existing site-specific exceptions) enables even easier fingerprinting by any first or third party JavaScript. Could first parties instead rely on calling requestSiteSpecificTrackingException and receiving a true response if exceptions have already been granted?

Received on Friday, 6 January 2012 02:55:17 UTC