Re: Modifying a DNT Header (ISSUE-153, ACTION-285)

Walter,

Yes, I like this direction. It captures what I was trying to address. 
Thanks.

-David

On 10/31/12 10:08 AM, Walter van Holst wrote:
> On 2012-10-31 15:45, David Wainberg wrote:
>> Hi Jonathan,
>>
>>  This does not do enough to ensure that a DNT signal reflects a users
>> deliberate and informed choice. First, it should be a MUST. Second, it
>> should apply to any software responsible for modifying or including
>> the DNT header. Back in August I proposed the following:
>>
>> "A UA that allows or enables other software to alter the DNT setting
>> MUST ensure that such alteration reflects the user's intent."
>>
>>  That accomplishes what we want, doesn't it?
>
> The consequence would be that all current extension mechanisms of 
> popular UAs such as Firefox, Chrome and IE would fail to meet this 
> criterium. The ultimate consequence would be a DRM-like measures plus 
> a an audit that goes further than for examle iTunes App Store does to 
> ensure this 'MUST' and even then this cannot be guaranteed. It is a 
> burden UA producers cannot bear. It also goes far beyond what is a 
> normal industry practice in similar situations, such as click-through 
> license agreements. These are often bypassed in deployment mechanisms 
> perused in corporate environments for the simple reason that the 
> end-users consent in that context is superfluous given corporate policy.
>
> If it is at all possible to prescribe UA behaviour this much I can 
> imagine that Jonathan's text be altered into:
>
> A UA MUST incorporate detection mechanisms for alteration of 
> DNT-preferences by third-party software (including third-party 
> UA-extensions and plugins) and MUST upon detection of such changes 
> verify with the user that they reflect the user's intentions. The UA 
> MAY provide the user with the option to ignore future changes in the 
> DNT-preferences or to automatically change them back to a user-set 
> preference.
>
> This would be a bit like the common practice for browser vendors to 
> detect whether their browser is the user's default browser and 
> requesting user input on that subject. I think the above captures both 
> you and Jonathan's concern.
>
> Regards,
>
>  Walter
>

Received on Wednesday, 31 October 2012 14:19:56 UTC