- From: イアンフェッティ <ifette@google.com>
- Date: Wed, 13 Jun 2012 07:43:40 -0700
- To: Justin Brookman <justin@cdt.org>
- Cc: "public-tracking@w3.org" <public-tracking@w3.org>
- Message-ID: <CAF4kx8f1TzjXoRTBFcusGeh0B2S5E6G-T7JWVOeyudDGrxxOnQ@mail.gmail.com>
Is there any reason to say a user agent MAY offer a control instead of "A user agent MUST offer a control?" -- I'd personally prefer MUST, and can't imagine any reason for saying "MAY". With MAY you can claim "I never send a DNT signal and I don't offer any controls, therefore I have implemented DNT." Also, the third paragraph seems to apply to intermediaries, not UAs. That said, I think this text is necessary but not sufficient, we may want to say more... i expect we'll get lots of conversation around this :) On Wed, Jun 13, 2012 at 7:26 AM, Justin Brookman <justin@cdt.org> wrote: > Hello, here is draft language for the compliance document on user agent > requirements. The first paragraph is new, the second two are > copied-and-pasted from Section 3 of the current TPE spec. > > Replace 4.2 Intermediary Compliance (empty) with this new section: > > 4.2 User Agent Compliance > > A user agent MAY offer a control to express a tracking preference to third > parties. The control MUST communicate the user's preference in accordance > with the [[Tracking Preference Expression (DNT)]] recommendation and > otherwise comply with that recommendation. A user agent MUST NOT express a > tracking preference for a user unless the user has interacted with the user > agent in such a way as to indicate a tracking preference. > > We do not specify how tracking preference choices are offered to the user > or how the preference is enabled: each implementation is responsible for > determining the user experience by which a tracking preference is enabled. > For example, a user might select a check-box in their user agent's > configuration, install an extension or add-on that is specifically designed > to add a tracking preference expression, or make a choice for privacy that > then implicitly includes a tracking preference (e.g., Privacy settings: > high). Likewise, a user might install or configure a proxy to add the > expression to their own outgoing requests. > > Although some controlled network environments, such as public access > terminals or managed corporate intranets, might impose restrictions on the > use or configuration of installed user agents, such that a user might only > have access to user agents with a predetermined preference enabled, the > user is at least able to choose whether to make use of those user agents. > In contrast, if a user brings their own Web-enabled device to a library or > cafe with wireless Internet access, the expectation will be that their > chosen user agent and personal preferences regarding Web site behavior will > not be altered by the network environment, aside from blanket limitations > on what resources can or cannot be accessed through that network. > Implementations of HTTP that are not under control of the user *must not*express a tracking preference on their behalf. > > -- > Justin Brookman > Director, Consumer Privacy > Center for Democracy & Technology > 1634 I Street NW, Suite 1100 > Washington, DC 20006 > tel 202.407.8812 > fax 202.637.0969justin@cdt.orghttp://www.cdt.org > @CenDemTech > @JustinBrookman > >
Received on Wednesday, 13 June 2012 14:44:16 UTC