- From: Roy T. Fielding <fielding@gbiv.com>
- Date: Fri, 2 Nov 2012 02:29:21 -0700
- To: John Simpson <john@consumerwatchdog.org>
- Cc: "public-tracking@w3.org Group WG" <public-tracking@w3.org>
On Nov 1, 2012, at 4:10 PM, John Simpson wrote: > On Nov 1, 2012, at 3:32 PM, Roy T. Fielding wrote: >> If automated transparency is desired, then the solution is to provide >> a means for the server to say that it won't comply with an invalid signal. >> In order for that to be required, it must be a mechanism usable >> by servers that have no direct access to the GUI, including redirect >> handlers and beacons, which means it must be in the tracking status >> value. > Is there a problem with it being in the tracking status value? I am not aware of any problem -- I was just trying to describe all options. >> If no protocol mechanism is provided, then it is likely that users >> will be notified via the privacy policy, assuming that the server >> adheres to any DNT signals. > > A privacy policy that is rarely read by anyone doesn't seem to be an adequate means of notification. Yes, it would not be my first choice. A third party that is supplying page content could notify the user directly. ....Roy
Received on Friday, 2 November 2012 09:29:48 UTC