Re: ACTION-212: Draft text on how user agents must obtain consent to turn on a DNT signal

On 11/13/12 7:35 PM, David Wainberg wrote:
> Hi Jeff,
> I don't follow your statement that this would rob users of effective
> privacy tools. It merely ensures that DNT signals reflect users'
> deliberate choices, and that users are provided information about the
> effects of their choices. I don't see why that should be controversial.

Dear David,

One doesn't have to look too far ahead to see practical problems with
such an approach.

For example, Yoyodyne Corporation a fictitious UA developer adapts
Firefox and calls it Stalkerfree Browser, with all sorts of privacy
settings on maximum, and advertises it as such. A user that chooses that
UA does not have to be bothered with a pop-up explaining what he or she
is about to do. For a browser like that DNT:1 is an expectation of the
user already.

Less fictitious, all the major UAs nowadays have a "privacy" or
"incognito" mode. Again, it will be a user expectation that DNT:1 will
be set, even when the normal setting is DNT:0. By invoking the privacy
mode, the user expresses its intention to have DNT:1 set.

In either case it is counterproductive to nag the user with questions
and texts such as proposed.

The furthest I am willing to go is that UAs should take reasonable steps
to ensure that either DNT setting (1 or 0) are expressions of informed
(non-)consent. Having non-normative texts in addition that explains that
the best practice in this regard would be to have DNT:unset as a default
while having user interact through dialog windows that explain that
alleviated privacy settings may affect the browsing experience when
changing this setting.



Received on Tuesday, 13 November 2012 19:40:08 UTC