RE: JS Exception API

I certainly do not argue against the value of this information.  I simply think the cost to acquire this information will far outweigh the benefit.

-----Original Message-----
From: TOUBIANA, VINCENT (VINCENT) [mailto:Vincent.Toubiana@alcatel-lucent.com] 
Sent: Wednesday, March 07, 2012 3:47 AM
To: Kevin Smith; Nicholas Doty; Andy Zeigler
Cc: Tom Lowenthal; public-tracking@w3.org
Subject: RE: JS Exception API

I believe a fine grained mechanism could also help 1st parties to know which 3rd parties are not trusted by users. If a single 3rd party is "blacklisted" by many users (I assume the 1st party would be notified by the callback) that would raise a red flag and the 1st party may then investigate why this 3rd party is not trusted.

Vincent 

-----Message d'origine-----
De : Kevin Smith [mailto:kevsmith@adobe.com] Envoyé : mercredi 7 mars 2012 01:55 À : Nicholas Doty; Andy Zeigler Cc : Tom Lowenthal; public-tracking@w3.org Objet : RE: JS Exception API

A 1st party often may not even know the 3rd parties needed to monetize a specific page due to things such as 3rd party chains and tag managers.  They may know what 3rd parties they use across the entire 1st party, but not necessarily for a single page or section of their site.  So the list could be total site wide exceptions rather than just for that page (this would also reduce the # of requests to the user), but tag managers would have to be able to edit that list of 3rd parties if they were to continue to provide much value.

Nick, I would be very interested to know if the publishers that are interested in per 3rd party exceptions have thought through the custom implementations they would have to do.  From a pure business case it makes sense.  It's not until you do a cost/benefit analysis that it starts breaking down.

-----Original Message-----
From: Nicholas Doty [mailto:npdoty@w3.org]
Sent: Tuesday, March 06, 2012 5:22 PM
To: Andy Zeigler
Cc: Kevin Smith; Tom Lowenthal; public-tracking@w3.org
Subject: Re: JS Exception API

On Mar 6, 2012, at 3:32 PM, Andy Zeigler wrote:

> If it isn't feasible for 1st-parties to know which 3rd-parties will render on their site, then websites will just use "*". 

A 1st-party may not know which 3rd-parties will render on their site but still know which 3rd-parties on its site it needs a tracking exception for in order to make a monetization decision. For example, a lot of sites install social widgets and (I expect) don't require that those social widgets track the user in order to monetize their content. They could request a list of their analytics and advertising trackers they need for monetization purposes and a user could continue sending DNT:1 to the social networking widgets on the page.

> If sites only use "*", then I agree with you that it makes sense to scrap the per-3rd-party affordance altogether, as it has the side effect of massively simplifying implementations, *and* it solves the "DNT value accessibility from Javascript" issue. In other words, there would only be one possible DNT value per DOM, which means that any 3rd-party script will get the correct value. 

I agree that we can use implementation experience to help guide us here. If no site ever uses anything but "*", then there would evidently be no use for that parameter. I'm not sure that's the case given what we've heard from publishers, but I'm very interested to hear more input there.

Thanks,
Nick

Received on Thursday, 8 March 2012 18:26:04 UTC