- From: Dobbs, Brooks <brooks.dobbs@kbmg.com>
- Date: Fri, 01 Jun 2012 17:56:21 -0500
- To: Justin Brookman <justin@cdt.org>, "public-tracking@w3.org" <public-tracking@w3.org>, Shane Wiley <wileys@yahoo-inc.com>
- Message-ID: <CBEEB2C5.158C%brooks.dobbs@kbmg.com>
New voice here... I might as well jump right into the controversy. I am not sure there is full consistency here. I read the spec as saying łKey to that notion of expression is that it must reflect the user's preference˛. This seems pretty foundational to me. Where there is a significant likelihood for the origin server to believe that the expression is not a reflection of the userąs preference (either as a 1 or a 0), wouldnąt such server be in error to process it accordingly? Conversely to the IE/AVG cases, if hypothetically an ISP were to inject an extension into every DNT header which in the future allowed for an exception, wouldnąt the server be in error for always making room for this exception where they know it to be coming from that ISP? -Brooks -- Brooks Dobbs, CIPP | Chief Privacy Officer | KBM Group | Part of the Wunderman Network (Tel) 678 580 2683 | (Mob) 678 492 1662 | kbmg.com brooks.dobbs@kbmg.com This email including attachments may contain confidential information. If you are not the intended recipient, do not copy, distribute or act on it. Instead, notify the sender immediately and delete the message. On 6/1/12 4:36 PM, "Justin Brookman" <justin@cdt.org> wrote: > Agree with David --- we don't even know what MSFT's eventual implementation > is going to be, and I can't say I know what AVG's is today. Is there a screen > that's pre-checked? Is there some sort of ephemeral notice saying "by the > way, DNT is on." Will those UIs change over time? Who is going to monitor > the UIs and make the decision: "No, this isn't user choicey enough!" How will > you know what the UI was when the user installed the user agent? Even if the > default is on and there's no notice at all, how will the party know that the > user didn't turn it off at some point, see a retargeted ad for a Vegas casino, > and then turn in back on again? > > I can't see how a standard answers those questions. > > Justin Brookman > Director, Consumer Privacy > Center for Democracy & Technology > 1634 I Street NW, Suite 1100 > Washington, DC 20006 > tel 202.407.8812 > fax 202.637.0969 > justin@cdt.org > http://www.cdt.org > @CenDemTech > @JustinBrookman > > On 6/1/2012 5:28 PM, David Singer wrote: >> >> >> >> On Jun 1, 2012, at 14:22 , Shane Wiley wrote: >> >> >>> >>> >>> >>> David, >>> >>> >>> >>> I disagree. If you know that an UA is non-compliant, it should be fair to >>> NOT honor the DNT signal from that non-compliant UA and message this back to >>> the user in the well-known URI or Response Header. Further, we can provide >>> information for the user to use a UA that is DNT compliant if they wish for >>> their preference to be honored in that regard. >>> >>> >>> >>> >>> >> >> >> >> OK, I think we will have to agree to disagree. I can't think of any other >> spec., off hand, that allows one end to 'misbehave' if they believe the other >> end is misbehaving. There *are* specs that deal with what you do if you see >> actual invalid values, incorrect responses, etc., but none that I know of >> that allow you to conclude 'you didn't really mean that' and do something >> other than what was signalled. >> >> >> >> >> I still don't know how you tell the difference between a user who agree with, >> and wanted, the choice, and a user who wasn't aware of it. >> >> >> >> >> >> >> >> >> >> >> >> >> David Singer >> >> Multimedia and Software Standards, Apple Inc. >> >> >> >> >> >> >
Attachments
- image/png attachment: image.png
Received on Saturday, 2 June 2012 20:52:22 UTC