Re: tracking-ISSUE-147: Transporting Consent via the Exception / DNT mechanisms [Global Considerations]

On May 21, 2012, at 16:17 , Rigo Wenning wrote:

> David, 
> 
> Roy is right in saying that we currently do not define what DNT;0 means. 
> From a US perspective, falling back to the legal default means everything is 
> permitted. Falling back in the EU would probably be as restrictive as DNT;1 
> or even more so. 
> 
> Consequently I think we should add a section to describe things that _at 
> least_ allowed if DNT;0 is sent. This way we do not have to define tracking 
> entirely, but we state that we expect _at least_ that certain things must be 
> permitted and are expected to occur. 
> 
> This would also somewhat resolve the "informed consent" issue Roy was 
> raising. 
> 
> Rigo

OK, got it.

There is still a formal difference between "no header sent, our spec. does not apply" and "dnt:0 sent, our spec. defines what that means"; however, it may not be a practical difference

> On Monday 21 May 2012 14:43:29 David Singer wrote:
>> C: I send DNT:0; I am explicitly stating that I grant you an exception and
>> can track me.
>> 
>> At the moment, after an exception grant by the user, we switch from DNT:1
>> to DNT:0, and so I have no way of saying "I ask everyone else not to
>> track me, but I am not asking you anything."  Instead, we say "I am
>> asking you to comply with the behavior defined for DNT:0" (which might
>> well be different from no header).
>> 
>> Whether this matters or not, I don't know, but we are a little confused,
>> in that the converse of DNT:1 is the absence of a header, not DNT:0, in
>> some cases.

David Singer
Multimedia and Software Standards, Apple Inc.

Received on Monday, 21 May 2012 14:20:42 UTC