Re: tracking-ISSUE-150: DNT conflicts from multiple user agents [Tracking Definitions and Compliance]

On Jun 4, 2012, at 8:52 , Dobbs, Brooks wrote:

> Rigo,
> 
> Great to be working with you again!  Hope you have been well.
> 
> To your points, I agree, but I am lost on your conclusion.
> 
> I see where there is a requirement that the intermediaries don't inject
> headers, but equally I see a big red capital MUST describing that the
> expression reflect the user's preference.  Both injecting/modifying the
> header or instantiating it (one way or the other) absent a reflection of the
> user's preference seem equally non-compliant.
> 
> IMHO it sets a very dangerous precedent (no matter where you side on the
> desirability of high adoption of DNT: 1) to say 1) the specification is
> founded in reflecting preference and, simultaneously, 2) default settings
> can reflect this preference.  Isn't this argued very differently with
> respect to default browser settings implying consent for cookies in the EU?
> 

I think the only case we have recognized that default settings might reflect a preference is when the user chose a user-agent specifically designed and designated for the purpose of privacy (and this is reflected in Roy's recent text).  This is similar to the case where the only kinds of sites we think should take 'implied consent' bia their privacy policy are sites that are specifically designated for the purpose of tracking.

Hope that helps.

David Singer
Multimedia and Software Standards, Apple Inc.

Received on Monday, 4 June 2012 18:19:18 UTC