- From: David Wainberg <david@networkadvertising.org>
- Date: Mon, 29 Oct 2012 15:13:00 -0400
- To: Lauren Gelman <gelman@blurryedge.com>
- CC: Shane Wiley <wileys@yahoo-inc.com>, John Simpson <john@consumerwatchdog.org>, "public-tracking@w3.org" <public-tracking@w3.org>
- Message-ID: <508ED53C.5070105@networkadvertising.org>
Lauren, that is a possible token. As explained in the top post on this thread (http://lists.w3.org/Archives/Public/public-tracking/2012Oct/0154.html) this will, in a fully transparent way, accommodate the variation we will necessarily see in the way companies are able to honor DNT. On 10/29/12 2:55 PM, Lauren Gelman wrote: > > Does that mean a US/DAA "token" is permitted under the language? > > Lauren Gelman > BlurryEdge Strategies > 415-627-8512 > > On Oct 29, 2012, at 11:46 AM, David Wainberg wrote: > >> Hi Lauren, >> >> I think in general I think it will be hard for companies to speculate >> whether or how they'll honor DNT before the specs are done. Once >> there are defined standards, then companies will be able to determine >> what is applicable for their business. >> >> -David >> >> On 10/29/12 2:30 PM, Lauren Gelman wrote: >>> Shane. Does this permit a US/DAA "token" and would Yahoo use that >>> one or the W3C one this group is developing? >>> >>> Lauren Gelman >>> BlurryEdge Strategies >>> 415-627-8512 >>> >>> On Oct 29, 2012, at 11:13 AM, Shane Wiley wrote: >>> >>>> John, >>>> This is still a single specification but provides for regional >>>> variance in communicating the user which policy their DNT will be >>>> honored under. W3C is still a valid response but this would allow >>>> E/DAA to be a valid response as well. >>>> - Shane >>>> From: John Simpson [mailto:john@consumerwatchdog.org] >>>> Sent: Monday, October 29, 2012 2:05 PM >>>> To: David Wainberg >>>> Cc: public-tracking@w3.org <mailto:public-tracking@w3.org> >>>> Subject: Re: ISSUE-45 ACTION-246 Clarified proposal on compliance >>>> statements >>>> David, >>>> I'm puzzled here. I don't think the WG is anywhere near consensus >>>> on the concept that the spec should provide servers with an >>>> opportunity to select what DNT regime they are following. My >>>> impression is that we are working to develop a single >>>> specification. This suggestion seems to undercut that concept. >>>> Best regards, >>>> John >>>> ---------- >>>> John M. Simpson >>>> Consumer Advocate >>>> Consumer Watchdog >>>> 2701 Ocean Park Blvd., Suite 112 >>>> Santa Monica, CA,90405 >>>> Tel: 310-392-7041 >>>> Cell: 310-292-1902 >>>> www.ConsumerWatchdog.org <http://www.ConsumerWatchdog.org> >>>> john@consumerwatchdog.org <mailto:john@consumerwatchdog.org> >>>> On Oct 29, 2012, at 9:57 AM, David Wainberg wrote: >>>> >>>> >>>> Editors -- can we please add these options to the two docs? >>>> >>>> TPE: Add a required "compliance" field to the tracking status >>>> resource in the TPE, where the value indicates the compliance >>>> regime under which the server is honoring the DNT signal. In 5.5.3 >>>> of the TPE: >>>> >>>> A status-object MUST have a member named compliance that >>>> contains a single compliance mode token. >>>> >>>> >>>> TCS: >>>> >>>> Compliance mode tokens must be associated with a legislative or >>>> regulatory regime in a relevant jurisdiction, or with a relevant >>>> and established self-regulatory regime. >>>> >>>> >>>> On 10/9/12 9:22 AM, David Wainberg wrote: >>>> ACTION-246 >>>> (http://www.w3.org/2011/tracking-protection/track/actions/246), >>>> which relates to ISSUE-45 >>>> (http://www.w3.org/2011/tracking-protection/track/issues/45). >>>> >>>> Hello all, >>>> >>>> This is a clarification of my previous proposal >>>> (http://lists.w3.org/Archives/Public/public-tracking/2012Sep/0012.html). >>>> I'm launching it on a fresh thread, because the previous one got a >>>> bit wild and off-topic. >>>> >>>> Recall that this arose out of the problem of how or where parties >>>> may or must make statements regarding their DNT compliance. One >>>> proposal, which many of us strongly objected to, was to make >>>> provision of the tracking status resource in and of itself an >>>> assertion of compliance with the DNT spec. That proposal was a >>>> replacement for an initial proposal to require a public statement >>>> of compliance, but without specifying where or how that statement >>>> must be made. >>>> >>>> The problems with these proposals are that the one is overly >>>> strict, does not provide any flexibility, and sets up a legal >>>> landmine that companies will avoid by not providing the WKL, and >>>> the other is too loose; it allows for potentially unlimited >>>> variation in how companies honor DNT and where and how they make >>>> their commitments to do so. >>>> >>>> This proposal solves these problems by requiring a statement in the >>>> status resource regarding compliance with one of a limited set of >>>> DNT variations. Although I understand the desire for and >>>> attractiveness of a single universal specification for DNT >>>> compliance, the reality is that we will have to accommodate some >>>> variation based on, e.g., business model, geography, etc. Examples >>>> of this problem arose during the Amsterdam meeting. If we want to >>>> ensure wide adoption and enforceability of DNT, this is the way to >>>> do it. >>>> >>>> The proposal is the following: >>>> >>>> Add a required "compliance" field to the tracking status resource >>>> in the TPE, where the value indicates the compliance regime under >>>> which the server is honoring the DNT signal. In 5.5.3 of the TPE: >>>> >>>> A status-object MUST have a member named compliance that >>>> contains a single compliance mode token. >>>> >>>> From here, I look to the group for discussion regarding how and >>>> where to define compliance mode tokens. My initial version of this >>>> proposal suggested looking to IANA to manage a limited set of >>>> tokens to prevent collisions. I think there was some >>>> misunderstanding and concern about how this would work. No -- >>>> companies should not just create their own arbitrary values. My >>>> view is that each token must have a well-defined and >>>> widely-accepted meaning. How's this: >>>> >>>> Compliance mode tokens must be associated with a legislative or >>>> regulatory regime in a relevant jurisdiction, or with a relevant >>>> and established self-regulatory regime. >>>> >>>> I'm open to other ideas for this. >>>> >>>> Cheers, >>>> >>>> David >>>> >>>> >> >> >
Received on Monday, 29 October 2012 19:13:30 UTC