W3C home > Mailing lists > Public > public-tracking@w3.org > May 2012

Re: tracking-ISSUE-147: Transporting Consent via the Exception / DNT mechanisms [Global Considerations]

From: David Singer <singer@apple.com>
Date: Mon, 21 May 2012 14:43:29 +0200
Cc: Rigo Wenning <rigo@w3.org>, "public-tracking@w3.org Group WG" <public-tracking@w3.org>
Message-id: <869564EE-F4A7-4378-8D03-BCF7DAB357C4@apple.com>
To: "Roy T. Fielding" <fielding@gbiv.com>

On May 15, 2012, at 19:58 , Roy T. Fielding wrote:

> On May 15, 2012, at 12:56 AM, Rigo Wenning wrote:
>> This is not true. If the origin server has received a DNT;0 header, we also 
>> assume that the user has given his/her consent to be tracked. This goes way 
>> beyond what would be the situation without header. 
> Consent to be tracked means data about their activity can be
> collected.  That does not say how it can be used.  The EU regulations,
> individual state regulations, and proposed US policies all require
> that the consent be contextual/informed (the user knows why it is
> being requested and how the data will be used) and that any use or
> sharing outside of the established consent/context requires an
> additional consent.

I think I am with Rigo here.  There are three possible states:

A: I send DNT:1; I am explicitly asking not to be tracked;

B: I do not send a DNT header at all; whatever regulations, practices etc. that apply in the absence of DNT, apply here; probably, some tracking can occur;

C: I send DNT:0; I am explicitly stating that I grant you an exception and can track me.

At the moment, after an exception grant by the user, we switch from DNT:1 to DNT:0, and so I have no way of saying "I ask everyone else not to track me, but I am not asking you anything."  Instead, we say "I am asking you to comply with the behavior defined for DNT:0" (which might well be different from no header).

Whether this matters or not, I don't know, but we are a little confused, in that the converse of DNT:1 is the absence of a header, not DNT:0, in some cases.

David Singer
Multimedia and Software Standards, Apple Inc.
Received on Monday, 21 May 2012 12:44:22 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:38:42 UTC