- From: Tamir Israel <tisrael@cippic.ca>
- Date: Mon, 04 Jun 2012 15:29:51 -0400
- To: "Dobbs, Brooks" <brooks.dobbs@kbmg.com>
- CC: Rigo Wenning <rigo@w3.org>, public-tracking@w3.org, Justin Brookman <justin@cdt.org>, Shane Wiley <wileys@yahoo-inc.com>
On 6/4/2012 11:52 AM, Dobbs, Brooks wrote: > I see where there is a requirement that the intermediaries don't inject > headers, but equally I see a big red capital MUST describing that the > expression reflect the user's preference. Both injecting/modifying the > header or instantiating it (one way or the other) absent a reflection of the > user's preference seem equally non-compliant. > > IMHO it sets a very dangerous precedent (no matter where you side on the > desirability of high adoption of DNT: 1) to say 1) the specification is > founded in reflecting preference and, simultaneously, 2) default settings > can reflect this preference. Isn't this argued very differently with > respect to default browser settings implying consent for cookies in the EU? Dangerous precedent it is indeed, but some jurisdictions (Canada being one) are stuck with it for the long haul. The Canadian landscape straddles EU and US approaches by a.) requiring consent and b.) accepting implicit/opt-out consent. Particularly, in the context of DNT, our privacy commissioner has affirmed that implied opt-out consent will be the guiding principle. Where I envision potential problems under Canadian laws (and I imagine this might be an issue in comparable non-EU jursdictions as well), is if a server is required to ignore a 'DNT-1' designation because it is premised on a default user-agent selection and, hence, does not reflect a user preference. In this context, it is very difficult to pretend there is any form of implied consent to track. I say this without reflection on the underlying policy choices here (I do personally prefer broad DNT-1 adoption, but I understand there has been consensus against mandating any default positions), but rather out of a genuine interest in how this standard might operate (or not) in Canada. Best, Tamir
Received on Monday, 4 June 2012 19:30:55 UTC