Re: ISSUE-4 and clarity regarding browser defaults

Hi David,

On 6/19/2012 7:46 PM, David Singer wrote:
> Indeed, we had a compromise here:
>
> * there may be some User Agents that are specifically made and 
> marketed as being privacy-enhancing, and they could indeed have a 
> default (and maybe they use Tor, reduce fingerprinting, and so on)
> * there may be some Sites that are specifically for the purpose of 
> tracking ('TrackMyReading.com') where signing up for the site implies 
> out-of-band permission to track.
>
> General-purpose UAs cannot claim to be the first; and general-purpose 
> sites cannot claim to be the second.  They both need to take extra 
> steps (to allow the user to turn on DNT, or to ask the user for an 
> exception).
>
> This is a balance, and a compromise; if we discard one, we should 
> discard the other.  The text currently in the TPE I believe respects 
> both.  We should probably critique what is actually written...

What restrictions does the current spec place on out of band consent? I 
thought it was largely left to server discretion, so the server might 
accept notice buried in its linked TOU coupled with minimal interaction 
as out-of-band permission regardless of whether 'site.com' is 
self-evidently a tracking site or not.

I personally do not have a problem with implying consent in cases where 
tracking is self-evident from the nature of the service.


Best regards,
Tamir

Received on Thursday, 21 June 2012 03:34:40 UTC