- From: Alan Chapell <achapell@chapellassociates.com>
- Date: Mon, 18 Jun 2012 12:17:05 -0400
- To: Jonathan Mayer <jmayer@stanford.edu>, Jeffrey Chester <jeff@democraticmedia.org>
- CC: Mike Zaneis <mike@iab.net>, Shane Wiley <wileys@yahoo-inc.com>, Tamir Israel <tisrael@cippic.ca>, Rigo Wenning <rigo@w3.org>, "public-tracking@w3.org" <public-tracking@w3.org>, "rob@blaeu.com" <rob@blaeu.com>, Kimon Zorbas <vp@iabeurope.eu>, "ifette@google.com" <ifette@google.com>, "JC Cannon (Microsoft)" <jccannon@microsoft.com>
- Message-ID: <CC04CBFF.1C756%achapell@chapellassociates.com>
I have no issue with your personality. My issue is with your tactics. Assuming you can cease utilizing tactics that seem unproductive at best, then I think you will see fewer emails directed at you; criticizing those tactics. This will be my last note on this matter I'm hopeful and optimistic that we can move forward productively from hereŠ. Alan From: Jonathan Mayer <jmayer@stanford.edu> Date: Monday, June 18, 2012 12:08 PM To: Jeffrey Chester <jeff@democraticmedia.org> Cc: Alan Chapell <achapell@chapellassociates.com>, Mike Zaneis <mike@iab.net>, Shane Wiley <wileys@yahoo-inc.com>, Tamir Israel <tisrael@cippic.ca>, Rigo Wenning <rigo@w3.org>, "public-tracking@w3.org" <public-tracking@w3.org>, "rob@blaeu.com" <rob@blaeu.com>, Kimon Zorbas <vp@iabeurope.eu>, "ifette@google.com" <ifette@google.com>, "JC Cannon (Microsoft)" <jccannon@microsoft.com> Subject: Re: Identity providers as first parties This thread has devolved into a Fox News-esque referendum on my personality. It's both a distraction and ineffectual‹those who have collaborated with me over the past year know I'm a tireless, tough-but-fair negotiator. Enough. Back to substance. Jonathan On Monday, June 18, 2012 at 5:33 AM, Jeffrey Chester wrote: > > Jonathan has played an extraordinary productive role, with insights, urging > compromise (when people like me looked with dismay about the lack of progress > in achieving real privacy safeguards so far), and leadership. As I have > explained to officials, we have not yet seen serious compromise from industry > to ensure DNT is a spec that protects privacy. Jonathan wants us to all do > better, as do I. We all know--or should--that what we are doing is being > closely watched on both sides of the Atlantic by the press and policymakers. > It would be a serious loss if we don't make progress in Seattle. > > Jeff Chester > Center for Digital Democracy > Washington DC > www.democraticmedia.org <http://www.democraticmedia.org> > Jeff@democraticmedia.org > > On Jun 18, 2012, at 5:19 AM, Alan Chapell <achapell@chapellassociates.com> > wrote: > >> Jonathan, >> >> Taking you at your word that your goal is to attain consensus, I would humbly >> suggest that the tactics you are using particularly over the past several >> weeks seem at odds with that goal. I'm hopeful that your latest email is an >> indication that we'll see more compromise and fewer juvenile barbs when we >> arrive in Bellevue. >> >> And for the record, as someone from industry I strongly favor the proposal >> proffered by Shane et al. >> >> Cheers, >> >> Alan Chapell >> Chapell & Associates >> 917 318 8440 >> >> >> From: Jonathan Mayer <jmayer@stanford.edu> >> Date: Monday, June 18, 2012 2:06 AM >> To: Mike Zaneis <mike@iab.net> >> Cc: Shane Wiley <wileys@yahoo-inc.com>, Tamir Israel <tisrael@cippic.ca>, >> Rigo Wenning <rigo@w3.org>, "public-tracking@w3.org" >> <public-tracking@w3.org>, "rob@blaeu.com" <rob@blaeu.com>, Kimon Zorbas >> <vp@iabeurope.eu>, "ifette@google.com" <ifette@google.com>, "JC Cannon >> (Microsoft)" <jccannon@microsoft.com> >> Subject: Re: Identity providers as first parties >> Resent-From: <public-tracking@w3.org> >> Resent-Date: Mon, 18 Jun 2012 06:07:15 +0000 >> >> >> Shane and Mike, >> >> As the Bellevue meeting approaches, this group's sole focus must be attaining >> consensus on a moderate compromise. I'm doing everything I can to facilitate >> that goal. I have neither the time nor patience to swap puerile barbs for >> cheap political points. There's far too much at stake. >> >> Jonathan >> >> >> On Sunday, June 17, 2012 at 6:58 PM, Mike Zaneis wrote: >>> >>> >>> Jonathan, >>> >>> Can you please elaborate on these very serious claims you have made in back >>> to back posts? First, you attack two of the most engaged, productive >>> members of the working group (Shane and Roy who are both editors) and claim >>> they do not speak for the online advertising industry, yet you did not point >>> to any companies or public statements of support for your position. As >>> someone who DOES speak for the industry, I know that Shane and Roy raise >>> issues that THE industry shares. Please provide substantiation for your >>> claims. >>> >>> As for the unfair competition claims, that is laughable. The only legal >>> claim we should be discussing is one of liable for such ridiculous >>> statements. >>> >>> Mike Zaneis >>> SVP & General Counsel, IAB >>> (202) 253-1466 >>> >>> On Jun 17, 2012, at 5:52 PM, "Jonathan Mayer" <jmayer@stanford.edu> wrote: >>> >>>> Shane, >>>> >>>> As I explained in my initial note: >>>>> We have received valuable feedback from a number of participant >>>>> viewpoints, including browser vendors, advertising companies, analytics >>>>> services, social networks, policymakers, consumer groups, and researchers. >>>>> Out of respect for the candid nature of those ongoing conversations, we >>>>> leave it to stakeholders to volunteer their contributions to and views on >>>>> this proposal. >>>> I would add that more than one advertising company expressed concern about >>>> possible retaliation if they broke away from the industry trade groups. >>>> I'll leave it to regulators to decide if the industry's practices >>>> constitute unfair competition. >>>> >>>> Jonathan >>>> >>>> >>>> On Sunday, June 17, 2012 at 1:51 PM, Shane Wiley wrote: >>>>> >>>>> Jonathan, >>>>> >>>>> >>>>> >>>>> Continue to disagree (on many levels). Could you please name those in the >>>>> online advertising industry that are supportive of the proposal you shared >>>>> with the WG? >>>>> >>>>> >>>>> >>>>> Thank you, >>>>> >>>>> - Shane >>>>> >>>>> >>>>> >>>>> From: Jonathan Mayer [ <mailto:jmayer@stanford.edu> >>>>> mailto:jmayer@stanford.edu] >>>>> Sent: Sunday, June 17, 2012 1:42 PM >>>>> To: Shane Wiley >>>>> Cc: Tamir Israel; Rigo Wenning; <mailto:public-tracking@w3.org> >>>>> public-tracking@w3.org; <mailto:rob@blaeu.com> rob@blaeu.com; Kimon >>>>> Zorbas; <mailto:ifette@google.com> ifette@google.com; JC Cannon >>>>> (Microsoft) >>>>> Subject: Re: Identity providers as first parties >>>>> >>>>> >>>>> >>>>> Shane, >>>>> >>>>> >>>>> >>>>> You and Roy have been vocal in your objections to the EFF/Mozilla/Stanford >>>>> compromise proposal. I'm disappointed, though given your inflexibility >>>>> throughout this process, entirely unsurprised. >>>>> >>>>> >>>>> >>>>> That said, you do not speak for the online advertising industry. Many >>>>> companies have been more willing to countenance constructive compromise. >>>>> Your conclusion that advertising industry participants have "mostly >>>>> rejected" the proposal is inaccurate. >>>>> >>>>> >>>>> >>>>> Jonathan >>>>> >>>>> On Sunday, June 17, 2012 at 12:26 PM, Shane Wiley wrote: >>>>>> >>>>>> Tamir, >>>>>> >>>>>> >>>>>> >>>>>> Jonathan's proposal does attempt to address this point but many in the >>>>>> room feel this should be left to local law. Justin Brookman and I took a >>>>>> pass at this language but it shifted to becoming overly prescriptive >>>>>> (legislating via tech standard) so many in the WG asked for local law to >>>>>> determine. >>>>>> >>>>>> >>>>>> >>>>>> I would suggest this conversation be extracted from Jonathan's proposal >>>>>> to be handled separately as the rest of proposal has been mostly rejected >>>>>> by those in the WG that are intended to implement DNT in the real-world >>>>>> (on the 1st party/3rd party side). >>>>>> >>>>>> >>>>>> >>>>>> More to come in Seattle... >>>>>> >>>>>> >>>>>> >>>>>> - Shane >>>>>> >>>>>> >>>>>> >>>>>> -----Original Message----- >>>>>> >>>>>> From: Tamir Israel [ <mailto:tisrael@cippic.ca> mailto:tisrael@cippic.ca] >>>>>> >>>>>> Sent: Sunday, June 17, 2012 12:19 PM >>>>>> >>>>>> To: Shane Wiley >>>>>> >>>>>> Cc: Rigo Wenning; <mailto:public-tracking@w3.org> >>>>>> public-tracking@w3.org; <mailto:rob@blaeu.com> rob@blaeu.com; Kimon >>>>>> Zorbas; <mailto:ifette@google.com> ifette@google.com; JC Cannon >>>>>> (Microsoft) >>>>>> >>>>>> Subject: Re: Identity providers as first parties >>>>>> >>>>>> >>>>>> >>>>>> Shane -- I am not remotely attempting doing so. >>>>>> >>>>>> >>>>>> >>>>>> As far back as I can see, the spec was going to put conditions on the >>>>>> >>>>>> means by which out of band consent can be sought. >>>>>> >>>>>> >>>>>> >>>>>> Jonathan et al's proposal is: >>>>>> >>>>>> >>>>>> >>>>>> 1. Actual presentation: The choice mechanism MUST be actually presented >>>>>> >>>>>> to the user. It MUST NOT be on a linked page, such as a terms of service >>>>>> >>>>>> or privacy policy. >>>>>> >>>>>> 2. Clear terms: The choice mechanism MUST use clear, non-confusing >>>>>> >>>>>> terminology. >>>>>> >>>>>> 3. Independent choice: The choice mechanism MUST be presented >>>>>> >>>>>> independent of other choices. It MUST NOT be bundled with other user >>>>>> >>>>>> preferences. >>>>>> >>>>>> 4. No default permission: The choice mechanism MUST NOT have the user >>>>>> >>>>>> permission preference selected by default. >>>>>> >>>>>> >>>>>> >>>>>> On 6/17/2012 3:16 PM, Shane Wiley wrote: >>>>>>> >>>>>>> Tamir, >>>>>>> >>>>>>> >>>>>>> >>>>>>> That's up to local laws to determine. Please do not attempt to legislate >>>>>>> via W3C tech standard. >>>>>>> >>>>>>> >>>>>>> >>>>>>> - Shane >>>>>>> >>>>>>> >>>>>>> >>>>>>> -----Original Message----- >>>>>>> >>>>>>> From: Tamir Israel [ <mailto:tisrael@cippic.ca> >>>>>>> mailto:tisrael@cippic.ca] >>>>>>> >>>>>>> Sent: Sunday, June 17, 2012 12:14 PM >>>>>>> >>>>>>> To: Shane Wiley >>>>>>> >>>>>>> Cc: Rigo Wenning; <mailto:public-tracking@w3.org> >>>>>>> public-tracking@w3.org; <mailto:rob@blaeu.com> rob@blaeu.com; Kimon >>>>>>> Zorbas; <mailto:ifette@google.com> ifette@google.com; JC Cannon >>>>>>> (Microsoft) >>>>>>> >>>>>>> Subject: Re: Identity providers as first parties >>>>>>> >>>>>>> >>>>>>> >>>>>>> Shane -- Out of band consent *does* trump DNT-1. We are now trying to >>>>>>> >>>>>>> define the parameters by which out of band consent can be sought. >>>>>>> >>>>>>> >>>>>>> >>>>>>> Best, >>>>>>> >>>>>>> Tamir >>>>>>> >>>>>>> >>>>>>> >>>>>>> On 6/17/2012 3:11 PM, Shane Wiley wrote: >>>>>>> >>>>>>> Tamir, >>>>>>> >>>>>>> >>>>>>> >>>>>>> Out-of-band consent trumps DNT. We've been repeating this mantra for >>>>>>> over a year now - becoming repetitive. >>>>>>> >>>>>>> >>>>>>> >>>>>>> - Shane >>>>>>> >>>>>>> >>>>>>> >>>>>>> -----Original Message----- >>>>>>> >>>>>>> From: Tamir Israel [ <mailto:tisrael@cippic.ca> >>>>>>> mailto:tisrael@cippic.ca] >>>>>>> >>>>>>> Sent: Saturday, June 16, 2012 5:23 PM >>>>>>> >>>>>>> To: Shane Wiley >>>>>>> >>>>>>> Cc: Rigo Wenning; <mailto:public-tracking@w3.org> >>>>>>> public-tracking@w3.org; <mailto:rob@blaeu.com> rob@blaeu.com; Kimon >>>>>>> Zorbas; <mailto:ifette@google.com> ifette@google.com; JC Cannon >>>>>>> (Microsoft) >>>>>>> >>>>>>> Subject: Re: Identity providers as first parties >>>>>>> >>>>>>> >>>>>>> >>>>>>> Shane -- >>>>>>> >>>>>>> >>>>>>> >>>>>>> Just so we're really clear: if a user authenticates with Yahoo! on site >>>>>>> >>>>>>> A and controls preferences on that site, does the out of band consent >>>>>>> >>>>>>> dialogue Jonathan showed invalidate DNT-1: on site A? in general? >>>>>>> >>>>>>> >>>>>>> >>>>>>> Best, >>>>>>> >>>>>>> Tamir >>>>>>> >>>>>>> >>>>>>> >>>>>>> On 6/15/2012 11:29 PM, Tamir Israel wrote: >>>>>>> >>>>>>> Ok. >>>>>>> >>>>>>> >>>>>>> >>>>>>> On 6/15/2012 2:07 PM, Shane Wiley wrote: >>>>>>> >>>>>>> DAA Opt-out and single-sign on are not related. There are some >>>>>>> >>>>>>> implementations where the ID is needed beyond the authentication >>>>>>> >>>>>>> event and therefore data collection occurs outside of the initial >>>>>>> >>>>>>> authentication event. Users do NOT need to choose Yahoo! as their ID >>>>>>> >>>>>>> provider if they feel uncomfortable with that outcome. >>>>>>> >>>>>>> >>>>>>> >>>>>>> - Shane >>>>>>> >>>>>>> >>>>>>> >>>>>>> -----Original Message----- >>>>>>> >>>>>>> From: Tamir Israel [ <mailto:tisrael@cippic.ca> >>>>>>> mailto:tisrael@cippic.ca] >>>>>>> >>>>>>> Sent: Friday, June 15, 2012 10:56 AM >>>>>>> >>>>>>> To: Shane Wiley >>>>>>> >>>>>>> Cc: Rigo Wenning; <mailto:public-tracking@w3.org> >>>>>>> public-tracking@w3.org; <mailto:rob@blaeu.com> rob@blaeu.com; Kimon >>>>>>> >>>>>>> Zorbas; <mailto:ifette@google.com> ifette@google.com; JC Cannon >>>>>>> (Microsoft) >>>>>>> >>>>>>> Subject: Re: Identity providers as first parties >>>>>>> >>>>>>> >>>>>>> >>>>>>> Shane, >>>>>>> >>>>>>> >>>>>>> >>>>>>> Maybe we are getting sidetracked. >>>>>>> >>>>>>> >>>>>>> >>>>>>> Can you please explain the scope of tracking that results from using >>>>>>> >>>>>>> Yahoo!'s IdM mechanism? Does it mean you can track all my activities on >>>>>>> >>>>>>> the specific authenticated site? If so does this carry across multiple >>>>>>> >>>>>>> explicitly authenticated sites? Does it operate in a manner analogous to >>>>>>> >>>>>>> single sign-on? How does it interact with the existing DAA opt-out? >>>>>>> >>>>>>> >>>>>>> >>>>>>> Thanks and best regards, >>>>>>> >>>>>>> Tamir >>>>>>> >>>>>>> >>>>>>> >>>>>>> On 6/15/2012 11:28 AM, Shane Wiley wrote: >>>>>>> >>>>>>> Tamir, >>>>>>> >>>>>>> >>>>>>> >>>>>>> Any service gets to determine its own primary purpose - so if OBA is >>>>>>> >>>>>>> the payment for the service and this is disclosed as a primary >>>>>>> >>>>>>> purpose, then that's the bargain the users can choose to consent to >>>>>>> >>>>>>> or not. >>>>>>> >>>>>>> >>>>>>> >>>>>>> - Shane >>>>>>> >>>>>>> >>>>>>> >>>>>>> -----Original Message----- >>>>>>> >>>>>>> From: Tamir Israel [ <mailto:tisrael@cippic.ca> >>>>>>> mailto:tisrael@cippic.ca] >>>>>>> >>>>>>> Sent: Friday, June 15, 2012 8:21 AM >>>>>>> >>>>>>> To: Shane Wiley >>>>>>> >>>>>>> Cc: Rigo Wenning; <mailto:public-tracking@w3.org> >>>>>>> public-tracking@w3.org; <mailto:rob@blaeu.com> rob@blaeu.com; Kimon >>>>>>> >>>>>>> Zorbas; <mailto:ifette@google.com> ifette@google.com; JC Cannon >>>>>>> (Microsoft) >>>>>>> >>>>>>> Subject: Re: Identity providers as first parties >>>>>>> >>>>>>> >>>>>>> >>>>>>> Shane -- >>>>>>> >>>>>>> >>>>>>> >>>>>>> There are 2 questions here. One is whether you can bundle in the >>>>>>> >>>>>>> obligation to consent to secondary purposes as a condition of >>>>>>> >>>>>>> authentication in an IdM context. The primary service in an IdM context >>>>>>> >>>>>>> is authentication, not OBA. >>>>>>> >>>>>>> >>>>>>> >>>>>>> The second is to what extent the DNT spec should address this. I took >>>>>>> >>>>>>> the 'independent choice' out of band consent criteria as an attempt to >>>>>>> >>>>>>> prevent bundling of choices. >>>>>>> >>>>>>> >>>>>>> >>>>>>> Best, >>>>>>> >>>>>>> Tamir >>>>>>> >>>>>>> >>>>>>> >>>>>>> On 6/15/2012 11:06 AM, Shane Wiley wrote: >>>>>>> >>>>>>> Tamir, >>>>>>> >>>>>>> >>>>>>> >>>>>>> But in the use case we're discussing the service being provided is >>>>>>> >>>>>>> the primary purpose - a user's online identity. A service >>>>>>> >>>>>>> determines its primary purpose, discloses this to the user, user >>>>>>> >>>>>>> consents. Case closed. >>>>>>> >>>>>>> >>>>>>> >>>>>>> - Shane >>>>>>> >>>>>>> >>>>>>> >>>>>>> -----Original Message----- >>>>>>> >>>>>>> From: Tamir Israel [ <mailto:tisrael@cippic.ca> >>>>>>> mailto:tisrael@cippic.ca] >>>>>>> >>>>>>> Sent: Friday, June 15, 2012 8:02 AM >>>>>>> >>>>>>> To: Shane Wiley >>>>>>> >>>>>>> Cc: Rigo Wenning; <mailto:public-tracking@w3.org> >>>>>>> public-tracking@w3.org; <mailto:rob@blaeu.com> rob@blaeu.com; Kimon >>>>>>> >>>>>>> Zorbas; <mailto:ifette@google.com> ifette@google.com; JC Cannon >>>>>>> (Microsoft) >>>>>>> >>>>>>> Subject: Re: Identity providers as first parties >>>>>>> >>>>>>> >>>>>>> >>>>>>> Shane, I disagree. Under PIPEDA you should offer users the possibility >>>>>>> >>>>>>> of opting out of collection, use or disclosure for purposes >>>>>>> >>>>>>> secondary to >>>>>>> >>>>>>> the primary service being offered. >>>>>>> >>>>>>> >>>>>>> >>>>>>> This is the basis of the opt-out consent scheme being applied to >>>>>>> >>>>>>> online >>>>>>> >>>>>>> tracking. >>>>>>> >>>>>>> >>>>>>> >>>>>>> Best, >>>>>>> >>>>>>> Tamir >>>>>>> >>>>>>> >>>>>>> >>>>>>> On 6/15/2012 10:58 AM, Shane Wiley wrote: >>>>>>> >>>>>>> Tamir, >>>>>>> >>>>>>> >>>>>>> >>>>>>> I disagree and PIPEDA does as well. As long as you're clear to a >>>>>>> >>>>>>> user what a service provides and a user expressly consents to >>>>>>> >>>>>>> those practices, the discussion is over. >>>>>>> >>>>>>> >>>>>>> >>>>>>> Please don't try to raise CA regulatory schemes into conversations >>>>>>> >>>>>>> on one hand then completely reverse your stance at whim - this >>>>>>> >>>>>>> seriously undermines your credibility. >>>>>>> >>>>>>> >>>>>>> >>>>>>> - Shane >>>>>>> >>>>>>> >>>>>>> >>>>>>> -----Original Message----- >>>>>>> >>>>>>> From: Tamir Israel [ <mailto:tisrael@cippic.ca> >>>>>>> mailto:tisrael@cippic.ca] >>>>>>> >>>>>>> Sent: Friday, June 15, 2012 7:54 AM >>>>>>> >>>>>>> To: Shane Wiley >>>>>>> >>>>>>> Cc: Rigo Wenning; <mailto:public-tracking@w3.org> >>>>>>> public-tracking@w3.org; <mailto:rob@blaeu.com> rob@blaeu.com; Kimon >>>>>>> >>>>>>> Zorbas; <mailto:ifette@google.com> ifette@google.com; JC Cannon >>>>>>> (Microsoft) >>>>>>> >>>>>>> Subject: Re: Identity providers as first parties >>>>>>> >>>>>>> >>>>>>> >>>>>>> Shane -- >>>>>>> >>>>>>> >>>>>>> >>>>>>> The need for independent choice is critical, I think, to the out >>>>>>> >>>>>>> of band >>>>>>> >>>>>>> consent scheme. You shouldn't be able to force users out of their DNT >>>>>>> >>>>>>> choices as a condition of authentication. >>>>>>> >>>>>>> >>>>>>> >>>>>>> Best, >>>>>>> >>>>>>> Tamir >>>>>>> >>>>>>> >>>>>>> >>>>>>> On 6/15/2012 10:48 AM, Shane Wiley wrote: >>>>>>> >>>>>>> Rigo, >>>>>>> >>>>>>> >>>>>>> >>>>>>> DNT will NEVER trump an out-of-band consent. The user would >>>>>>> >>>>>>> simply withdraw from using the service they had provided prior >>>>>>> >>>>>>> consent to. If the product would like to offer two levels of >>>>>>> >>>>>>> service, it can of course do that, but that would be completely >>>>>>> >>>>>>> outside the scope of DNT. >>>>>>> >>>>>>> >>>>>>> >>>>>>> DNT is not the privacy silver bullet and answer to all privacy >>>>>>> >>>>>>> issues on the Internet - let's stop trying to push it in that >>>>>>> >>>>>>> direction. >>>>>>> >>>>>>> >>>>>>> >>>>>>> Thank you, >>>>>>> >>>>>>> - Shane >>>>>>> >>>>>>> >>>>>>> >>>>>>> -----Original Message----- >>>>>>> >>>>>>> From: Rigo Wenning [ <mailto:rigo@w3.org> mailto:rigo@w3.org] >>>>>>> >>>>>>> Sent: Friday, June 15, 2012 1:28 AM >>>>>>> >>>>>>> To: <mailto:public-tracking@w3.org> public-tracking@w3.org >>>>>>> >>>>>>> Cc: Shane Wiley; <mailto:rob@blaeu.com> rob@blaeu.com; Kimon Zorbas; >>>>>>> <mailto:ifette@google.com> ifette@google.com; >>>>>>> >>>>>>> Tamir Israel; JC Cannon (Microsoft) >>>>>>> >>>>>>> Subject: Re: Identity providers as first parties >>>>>>> >>>>>>> >>>>>>> >>>>>>> Shane, Kimon, >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Thursday 14 June 2012 16:47:03 Shane Wiley wrote: >>>>>>> >>>>>>> Iıve used a few others and they appears to do the same so Iım >>>>>>> >>>>>>> confused as to what real-world identity provider scenario someone >>>>>>> >>>>>>> is considering where consent wasnıt already obtained? >>>>>>> >>>>>>> I confirm that we agreed that the out-of-band agreement will trump >>>>>>> >>>>>>> the DNT:1 signal. We also agreed that the service has to signal this >>>>>>> >>>>>>> to the client. >>>>>>> >>>>>>> >>>>>>> >>>>>>> I guess, what Rob is trying to achieve is to say, even in this >>>>>>> >>>>>>> context, a service could offer the choice of stopping to track and >>>>>>> >>>>>>> only use information for the login/authentication purpose. This >>>>>>> >>>>>>> could be the meaning of DNT:1 if the Service sends ACK in a >>>>>>> >>>>>>> login/authentication context. If you're looking for medical >>>>>>> >>>>>>> information in a login context, you don't want your login provider >>>>>>> >>>>>>> to spawn that to your insurance. I think this is a very legitimate >>>>>>> >>>>>>> use case. The service could say: "yes, I see your point" and send >>>>>>> >>>>>>> ACK instead of "out-of-band". >>>>>>> >>>>>>> >>>>>>> >>>>>>> We are just defining switches. People will decide whether they >>>>>>> >>>>>>> switch stuff on or off or provide a switch at all. >>>>>>> >>>>>>> >>>>>>> >>>>>>> Rigo >>>>> >>>>> >>>> >>>> >>> >> >> >
Received on Monday, 18 June 2012 16:17:59 UTC