Re: ISSUE-138, ACTION-319, exceptions without javascript

Hi David,

On Nov 5, 2012, at 9:47 AM, David Wainberg <david@networkadvertising.org> wrote:

> On 11/5/12 8:56 AM, Matthias Schunter (Intel Corporation) wrote:
>> ISSUE-138: Web-Wide Exception Well Known URI 
>> http://www.w3.org/2011/tracking-protection/track/issues/138 
>> 
>> Question was how a site without HTML can trigger exceptions (e.g. a tracking pixel). 
>> 
>> Nick has written non-normative text 
>>  https://www.w3.org/2011/tracking-protection/track/actions/319 
>> 
>> Please drop me a line if you do not agree with Nicks text.
> 
> I'm not clear on what this is describing:
> 
> * A third-party could provide transparency about their own data practices in order to persuade users to pre-emptively provide user-granted exceptions. A third-party tracker might use a machine-readable policy (for example, P3P) or some indication of compliance with a self-regulatory program or auditing practice . Users that care to might configure their user agents to grant exceptions (and thus send DNT:0 signals) to trackers with such practices.
> 
> Is this a suggested implementation for UA's to grant exceptions based on p3p or on participation in self-reg programs?

I was trying to get at the more general point that a user might configure their browser to send DNT:0 to a set of domains or resources based on some other signal besides a JavaScript-initiated exception request. This text isn't meant to recommend any particular UA implementation (this is non-normative text), but to note the possibility of UAs that granted exceptions based on the presence of a particular P3P policy, an indication of participation in an industry self-regulatory program, or some other insight into the relevant data handling practices.

Happy to accept a suggestion of clearer text on this point, or to explain further.
Thanks,
Nick

Received on Wednesday, 7 November 2012 06:48:37 UTC