- From: Rigo Wenning <rigo@w3.org>
- Date: Tue, 05 Jun 2012 18:29:29 +0200
- To: public-tracking@w3.org
- Cc: Justin Brookman <justin@cdt.org>
Justin, I have concerns that some of the assumptions underlying certain argumentations will not hold in front of central principles of law. Unless there is buy-in. Sending a DNT;1 header is an expression of a preference. But this expression can not force the service to do anything without violating the freedom of contract. And W3C is no legislator. If a law said, on reception of DNT;1 you have to do what is written down in the W3C compliance specification, that would be different. But this would only count for the jurisdiction the law was made for. So a service can _always_ ignore a DNT signal. Now I hear the saying: "They claimed compliance". But compliance to what? That their entire site is honoring DNT? What about if I'm logged in to W3C services? They must track me because of the ACL. Consequence: I get an NACK. And rightly so. But if the service issues an NACK, it does not make a misleading statement anymore. Because the service does not claim to honor DNT;1 and doesn't. And if we accept the user sending DNT;1 as an expression, we also have to accept NACK as an expression. Whether from a pure wording we then tell that after sending NACK a service is not "dnt-compliant" anymore is a matter of terminology, branding, campaigning etc. But the NACK would have to be defined in the Specification. And if a service is acting according to that Specification, I wonder how we could still say it is "not compliant". So I say, with defaults or without, you can't force a service to honor DNT;1 until they've sent you an ACK! If we violate this basic principle, I will start to send contracts to all those in favor of the violation of that principle and request that they do what I have written down in the contract. Is getting a NACK on a DNT;1 the end of the world? No! The browser knows now that the service is not willing to apply DNT;1 rules and can react accordingly. I can show you in Seattle what that potentially can mean. I would e.g. hope that the browser-bundle would start TOR on demand for that situation. I maintain, nearly every server, except perhaps dedicated tracking servers, has areas where user tracking is part of the necessity to provide the service. We need an NACK for that anyway. Rigo On Tuesday 05 June 2012 11:54:28 Justin Brookman wrote: > The > ad net would send back a NACK signal . . . and then what? There > would be no way to reset the DNT mechanism to say "yes, I really > mean this" on a persistent basis. Effectively, any "compliant" > third party will have the ability to refuse to ever acknowledge > any DNT:1 signal coming from a UA that it unilaterally deems out > of compliance. They may be some transparency around that > refusal, but no ability for the user to redeem the faults of the > UI. And then what would the UA do in this conundrum? Block > communications to servers that report back that they're ignoring > its DNT signal? I do not think this is an optimal result.
Received on Tuesday, 5 June 2012 16:30:02 UTC