- From: イアンフェッティ <ifette@google.com>
- Date: Wed, 13 Jun 2012 14:47:36 -0700
- To: Jonathan Mayer <jmayer@stanford.edu>
- Cc: "Dobbs, Brooks" <brooks.dobbs@kbmg.com>, "public-tracking@w3.org Group WG" <public-tracking@w3.org>
- Message-ID: <CAF4kx8fz5dgS5GhBQjxrmJrmiK6F51p9BOf_p6z4EfmNziLvrA@mail.gmail.com>
We agreed it was directed at third parties, however it seems some people (as we heard on the call today) are trying to turn DNT into something to solve opt-in problems, presumably for first parties as well. I'm trying to figure out how much of hole we're getting dug into :) "No one has managed to figure this out in a deployable manner. Please give us a solution by 1 January 2013" is a bit of a frightening thought :) -Ian On Wed, Jun 13, 2012 at 2:30 PM, Jonathan Mayer <jmayer@stanford.edu> wrote: > The cookie manager widget at http://www.bt.com/ seems passable. > > At any rate, I'm unsure where this line of inquiry is going. We've > already agreed that Do Not Track is directed towards third parties, not > first parties. > > Jonathan > > On Wednesday, June 13, 2012 at 3:18 PM, Dobbs, Brooks wrote: > > Ian, > > I would say that I have seen some sites that are arguably one step closer, > though not truly opt-in. > > If you look at http://www.nectar.com/ you’ll see a similar disclosure to > that on the FT, but with a Cookie Consent link that takes you to a cookie > inventory with a place for the status of each cookie and the purpose of > each cookie. Now while they get points for making a greater effort, I > would say that the final result seems fairly problematic as: 1) though the > site lists 52 cookie issuers, my personal packet sniff showed both that > they included cookies that I didn’t come across (no problem - I didn’t > actually read every page) AND missed cookies that I did come across > (problem) and 2) a number of the 52 cookies issuers where listed as having > “undisclosed” purposes with a specific inability to offer choice. > > So even if they took the particularly consumer annoying step of making the > user go through 52 pop-up, opt-in screens, they still would not be opt-in > compliant. > > Not trying to pick on them, just pointing out that, as you seem to > suggest, we aren’t seeing a lot of (any?) real opt-in compliant websites in > the wild, and that the closer they get, the more troubles they seem to make > for themselves. > > -Brooks > > > On 6/13/12 3:26 PM, "Ian Fette (イアンフェッティ)" <ifette@google.com> wrote: > > Out of curiosity, on today's call two examples of "successful" opt-in > implementations were given. > > 1. was the financial times - http://www.ft.com/home/us. This shows a > popup saying the following: "FT Cookie Policy > We have published a new cookie policy. It explains what cookies are and > how we use them on our site. To learn more about cookies and their > benefits, please view our cookie policy. > > If you'd like to disable cookies on this device, please view our > information pages on 'How to manage cookies'. Please be aware that parts of > the site will not function correctly if you disable cookies. > > By closing this message, you consent to our use of cookies on this device > in accordance with our cookie policy unless you have disabled them." > > Before you even accept anything, I counted 40 cookies being set, including > 18 from Financial Times. FT itself used HTML5 local storage in addition to > the 18 cookies. > > 2. The other was the UK CIO's site -- this seems to be down at the moment. > www.cio.gov.uk <http://www.cio.gov.uk> redirects to some archive page. > Taking another government site as an example, I see 7 cookies including > GUIDs from http://www.cabinetoffice.gov.uk/content/privacy-policy > > So, I'd like to re-raise my question of whether anyone has actually > successfully managed to deploy an opt-in compliant website in the wild... > > -Ian > > > -- > > *Brooks Dobbs, CIPP *| Chief Privacy Officer | *KBM Group* | Part of the > Wunderman Network > (Tel) 678 580 2683 | (Mob) 678 492 1662 | *kbmg.com* > *brooks.dobbs@kbmg.com > > > * > This email – including attachments – may contain confidential information. > If you are not the intended recipient, > do not copy, distribute or act on it. Instead, notify the sender > immediately and delete the message. > > >
Attachments
- image/PNG attachment: image.png
Received on Wednesday, 13 June 2012 21:48:08 UTC