Re: Modifying a DNT Header (ISSUE-153, ACTION-285)

I am not sure how these are directly related?   The spec calls for signals to be sent only as a result of user choice/consent.  Some implementors may not follow this and, as you list, this may create cascading issues.  I can't see how allowing more signals to be sent without choice helps alleviate this problem.


--

Brooks Dobbs, CIPP | Chief Privacy Officer | KBM Group | Part of the Wunderman Network
(Tel) 678 580 2683 | (Mob) 678 492 1662 | kbmg.com
brooks.dobbs@kbmg.com

[cid:6315A7B1-20F4-41B0-9C37-E91B81B330A6]

This email – including attachments – may contain confidential information. If you are not the intended recipient,
 do not copy, distribute or act on it. Instead, notify the sender immediately and delete the message.

From: Jonathan Mayer <jmayer@stanford.edu<mailto:jmayer@stanford.edu>>
Date: Wednesday, October 31, 2012 12:22 PM
To: Brooks Dobbs <brooks.dobbs@kbmg.com<mailto:brooks.dobbs@kbmg.com>>
Cc: "public-tracking@w3.org<mailto:public-tracking@w3.org>" <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Subject: Re: Modifying a DNT Header (ISSUE-153, ACTION-285)

The group has received new information about its language on browser user interface.  The group consensus had been that a mainstream browser must reflect a user's preference to be compliant.  Many members of the group only agreed so long as a website could not ignore DNT headers from a non-compliant browser.  Recent events include:

  *   a large advertising company announced it would ignore DNT headers from an allegedly (but not actually) non-compliant web browser,
  *   several advertising industry trade groups have endorsed that position, and
  *   a popular open-source web server shipped with a configuration that would ignore DNT headers from that browser.

These episodes undermined a foundational assumption of the group's consensus on browser user interface.  I am uncertain whether that consensus remains intact.

Jonathan


On Wednesday, October 31, 2012 at 8:01 AM, Dobbs, Brooks wrote:

Jonathan,

This seems at odd with the initial consent requirement:

---
Key to that notion of expression is that it must reflect the user's preference, not the choice of some vendor, institution, or network-imposed mechanism outside the user's control. The basic principle is that a tracking preference expression is only transmitted when it reflects a deliberate choice by the user.
---

Consent is a MUST, but under this text choice could be overridden without even specifically violating the spec just because a vendor chose not to follow a best practice?  This doesn't appear very consistent.

-Brooks

--

Brooks Dobbs, CIPP | Chief Privacy Officer |KBM Group | Part of the Wunderman Network
(Tel) 678 580 2683 | (Mob) 678 492 1662 | kbmg.com<http://kbmg.com>
brooks.dobbs@kbmg.com

[cid:FFD5302F-2746-413A-940E-D9F9A20BE525]

This email – including attachments – may contain confidential information. If you are not the intended recipient,
 do not copy, distribute or act on it. Instead, notify the sender immediately and delete the message.

From: Jonathan Mayer <jmayer@stanford.edu<mailto:jmayer@stanford.edu>>
Date: Wednesday, October 31, 2012 1:52 AM
To: "public-tracking@w3.org<mailto:public-tracking@w3.org>" <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Subject: Modifying a DNT Header (ISSUE-153, ACTION-285)
Resent-From: <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Resent-Date: Wednesday, October 31, 2012 1:52 AM

Proposed text:

If user-controlled software modifies a DNT header sent by a user agent, it is a best practice for the software to clearly explain its modifications to the user.