Re: ACTION-212: Draft text on how user agents must obtain consent to turn on a DNT signal

On Oct 31, 2012, at 2:32 PM, John Simpson wrote:

> Not to imply that I agree that a server can ignore a facially valid DNT message, however the WG comes on this, I'd say if server plans to disregard DNT it MUST notify the UA.

Please understand that it is necessary, for the survival of the Web,
that a server have the ability to disregard protocol elements that do not
adhere to their assigned semantics.  It is one of the very few aspects
of the Web that allow it to survive the tragedy of the commons.
I cannot emphasize enough that this principle is far more important
than anything the W3C has worked on, including DNT.

If automated transparency is desired, then the solution is to provide
a means for the server to say that it won't comply with an invalid signal.
In order for that to be required, it must be a mechanism usable
by servers that have no direct access to the GUI, including redirect
handlers and beacons, which means it must be in the tracking status
value.

If no protocol mechanism is provided, then it is likely that users
will be notified via the privacy policy, assuming that the server
adheres to any DNT signals.

....Roy

Received on Thursday, 1 November 2012 22:32:56 UTC