tracking-ISSUE-129: Site-specific Exceptions a) Blanket Exceptions (mysite, any-third party) [refining ISSUE-111] [Tracking Preference Expression (DNT)] from Tracking Protection Working Group Issue Tracker on 2012-03-26 (public-tracking@w3.org from March 2012)

From: Tracking Protection Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Mon, 26 Mar 2012 15:58:03 +0000
To: public-tracking@w3.org
Message-Id: <E1SCCJ1-0000X8-JM@tibor.w3.org>

tracking-ISSUE-129: Site-specific Exceptions a) Blanket Exceptions (mysite, any-third party) [refining ISSUE-111] [Tracking Preference Expression (DNT)]

http://www.w3.org/2011/tracking-protection/track/issues/129

Raised by: Matthias Schunter
On product: Tracking Preference Expression (DNT)

This issue focuses the discussion whether a blanket exception of the type ("*" at "firstparty") should be possible.

SCENARIO/use case:
- User visits a site with DNT;1; by default, third parties fall under the 
    constraints for third parties 
- Site needs certain (maybe unknown) list of its third parties to function properly
- Site asks user to provide a site-specific exception to allow all (aka "*") used third parties to be exempted from the constraints for third parties

QUESTIONS:
a) Should this functione exist in the Javascript API / Should this be possible?
b) How can individuals find out what third parties are actual in use on a site
   after OK-ing the "*"
c) Is this permissible under EU law?


ARGUMENTATION
Pro:
- Many sites do not know their third parties
- Easier for individuals / better usability
- Lower cost to implement for sites (in particular
   if they do not know all third parties)

Contra:
- Privacy concern: Users loose control
- Privacy concern: After saying yes to "*", users may unable to find out 
   actual sites
- Privacy concern: No incentive to minimize the number of third parties

ALTERNATIVE WAYS
- Are there different alternatives?

Received on Monday, 26 March 2012 15:58:08 UTC