Re: Tracking Preference Expression Spec Suggestion from Matthias Schunter on 2012-05-14 (public-tracking@w3.org from May 2012)

From: Matthias Schunter <mts-std@schunter.org>
Date: Mon, 14 May 2012 14:34:33 +0200
To: David Singer <singer@apple.com>
CC: Andy K <akahl@evidon.com>, Nicholas Doty <npdoty@w3.org>, public-tracking@w3.org, Colin O'Malley <colin@evidon.com>
Message-ID: <4FB0FBD9.4020107@schunter.org>
Hi!

I read Andy's mails as asking to allow per-site decisions instead of
global on/off preferences.

I believe that this is a good idea and I suggest to change the
non-normative language in Section 3 by adding:
 "Note that the scoping of preferences is left to the user agents. A
user agent may choose when and how to collect preference.
  E.g., one user agent may ask for a global preference at install-time
while another may ask for individual sites."

Andy: Would this satisfy your input?


Regards,
matthias


On 17/04/2012 02:12, David Singer wrote:
> Andy
>
> do you have specific suggested edits, or suggested edits in specific
> places, that you think would help clarify this?
>
> On Apr 16, 2012, at 21:40 , Andy K wrote:
>
>> The latter, and if it's in there, I missed it... so I'd argue it
>> isn't anywhere nearly as precisely expressed as the former case,
>> which is discussed at length.
>>
>> The concern is that the spec as written has focuses directly on the
>> inital act of a user's browser-wide, every-call decision. This is
>> less likely (in my estimation) to be enacted by a user than a 
>> opt-out choice delivered at the time of transaction. At the very
>> least, the latter should be considered as potentially beneficial, and
>> I'd like to see the spec reflect directly that in addition to DNT:1
>> excepted to DNT:0 in some cases, it is advisable to build a mechanism
>> for DNT:no prefrence excepted to DNT:1.
>>
>> /ak
>>
>> *Andy Kahl*
>> Senior Product Manager
>> <image002.png>
>> c. 408.931.0573
>> andy@evidon.com <mailto:andy@evidon.com>
>> http://www.evidon.com <http://www.evidon.com/>
>> twitter: @evidon 
>> facebook/EvidonInc
>>
>>
>>
>> On Mon, Apr 16, 2012 at 12:06 AM, Nicholas Doty <npdoty@w3.org
>> <mailto:npdoty@w3.org>> wrote:
>>
>>     Hi Andy,
>>
>>     Thanks for the note. I'm not entirely sure I understand the
>>     suggestion: is the idea that the header mechanism could be used
>>     to send DNT:0 to certain sites (even when Do Not Track was not
>>     broadly enabled) to indicate consent for tracking? I believe that
>>     possibility is covered in part by "6.6 Exceptions without a DNT
>>     header" http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#exceptions-when-not-enabled
>>
>>     Or are you thinking of the opposite situation: that a user might
>>     not have expressed a general Do Not Track preference for all
>>     their web browsing, but still want to send DNT:1 in some
>>     situations? I believe that's also compatible with the current
>>     text of the specification, but maybe that isn't clear to readers
>>     (or perhaps others in the Working Group even disagree).
>>
>>     Thanks,
>>     Nick
>>
>>     On Apr 12, 2012, at 12:46 PM, Andy K wrote:
>>
>>>     Hello all - Andy Kahl, product manager with Evidon here. I've
>>>     been following the progress of the Tracking Protection
>>>     Expression specification closely, and let me thank the group
>>>     from the start for the quality work you've done.
>>>
>>>     I have a suggestion that relates to section 6 (working from the
>>>     2012-03-13 working draft), titled Site-specific Exceptions. This
>>>     section generally deals with the notion that the DNT preference
>>>     has been enabled in a browser and an exception should be made -
>>>     that is - DNT is set to 1 by policy but should be set to 0 in a
>>>     specific case.
>>>
>>>     However, there is no opposite exception discussed - that is - if
>>>     no previous DNT preference has been expressed, but a user would
>>>     like to send a DNT expression to a specific site/domain. I
>>>     propose that this notion of DNT inclusion (rather than
>>>     exception), available whether or not they've made prior
>>>     user-agent policy decisions,  be captured in the document. This
>>>     woud enable (and encourage) context-based solutions like the
>>>     platform Evidon provides to adopt the DNT header along with
>>>     current cookie-based opt-outs, without relying on the user to
>>>     make a top-level browser configuration decision about DNT.
>>>
>>>     It appears that many of the lower-level implementation questions
>>>     around a concept like this are left to those who would execute
>>>     (that is, the browser manufacturers), so I'll refrain from
>>>     making those kinds of suggestions here. Please let me know if
>>>     more detail along those lines is appropriate.
>>>
>>>     Thanks again for your hard work, and in advance for your
>>>     consideration.
>>>
>>>     /ak
>>>
>>>     *Andy Kahl*
>>>     Senior Product Manager
>>>     <image002.png>
>>>     c. 408.931.0573
>>>     andy@evidon.com <mailto:andy@evidon.com>
>>>     http://www.evidon.com <http://www.evidon.com/>
>>>     twitter: @evidon 
>>>     facebook/EvidonInc
>>>
>>
>>
>
> David Singer
> Multimedia and Software Standards, Apple Inc.
>
Received on Monday, 14 May 2012 12:35:02 UTC