Re: tracking-ISSUE-150: DNT conflicts from multiple user agents [Tracking Definitions and Compliance]

New voice here...  I might as well jump right into the controversy.

I am not sure there is full consistency here.  I read the spec as saying
łKey to that notion of expression is that it must reflect the user's
preference˛.  This seems pretty foundational to me.  Where there is a
significant likelihood for the origin server to believe that the expression
is not a reflection of the userąs preference (either as a 1 or a 0),
wouldnąt such server  be in error to process it accordingly?  Conversely to
the IE/AVG cases, if hypothetically an ISP were to inject an extension into
every DNT header which in the future allowed for an exception, wouldnąt the
server be in error for always making room for this exception where they know
it to be coming from that ISP?

-Brooks

-- 

Brooks Dobbs, CIPP | Chief Privacy Officer | KBM Group | Part of the
Wunderman Network
(Tel) 678 580 2683 | (Mob) 678 492 1662 | kbmg.com
brooks.dobbs@kbmg.com



This email ­ including attachments ­ may contain confidential information.
If you are not the intended recipient,
 do not copy, distribute or act on it. Instead, notify the sender
immediately and delete the message.


On 6/1/12 4:36 PM, "Justin Brookman" <justin@cdt.org> wrote:

>    Agree with David --- we don't even know what MSFT's eventual implementation
> is going to be, and I can't say I know what AVG's is today.  Is there a screen
> that's pre-checked?  Is there some sort of ephemeral notice saying "by the
> way, DNT is on."  Will those UIs change over time?  Who is going to monitor
> the UIs and make the decision: "No, this isn't user choicey enough!"  How will
> you know what the UI was when the user installed the user agent?  Even if the
> default is on and there's no notice at all, how will the party know that the
> user didn't turn it off at some point, see a retargeted ad for a Vegas casino,
> and then turn in back on again?
>  
>  I can't see how a standard answers those questions.
>  
> Justin Brookman
> Director, Consumer Privacy
> Center for Democracy & Technology
> 1634 I Street NW, Suite 1100
> Washington, DC 20006
> tel 202.407.8812
> fax 202.637.0969
> justin@cdt.org
> http://www.cdt.org
> @CenDemTech
> @JustinBrookman
>  
>  On 6/1/2012 5:28 PM, David Singer wrote:
>> 
>>  
>>  
>> On Jun 1, 2012, at 14:22 , Shane Wiley wrote:
>>  
>>  
>>>  
>>>  
>>>  
>>> David,
>>>  
>>>  
>>>  
>>> I disagree.  If you know that an UA is non-compliant, it should be fair to
>>> NOT honor the DNT signal from that non-compliant UA and message this back to
>>> the user in the well-known URI or Response Header.  Further, we can provide
>>> information for the user to use a UA that is DNT compliant if they wish for
>>> their preference to be honored in that regard.
>>>  
>>>  
>>>  
>>>  
>>>  
>>  
>>  
>>  
>> OK, I think we will have to agree to disagree.  I can't think of any other
>> spec., off hand, that allows one end to 'misbehave' if they believe the other
>> end is misbehaving.  There *are* specs that deal with what you do if you see
>> actual invalid values, incorrect responses, etc., but none that I know of
>> that allow you to conclude 'you didn't really mean that' and do something
>> other than what was signalled.
>>  
>> 
>>  
>>  
>> I still don't know how you tell the difference between a user who agree with,
>> and wanted, the choice, and a user who wasn't aware of it.
>>  
>> 
>>  
>>  
>> 
>>  
>>  
>>  
>>   
>>  
>>  
>>  
>> David Singer
>>  
>> Multimedia and Software Standards, Apple Inc.
>>  
>>  
>>  
>>   
>>  
>>  
>  

Received on Saturday, 2 June 2012 20:52:22 UTC