W3C home > Mailing lists > Public > public-tracking@w3.org > September 2012

Re: tracking-ISSUE-167 (mikeo): Multiple site exceptions [Tracking Preference Expression (DNT)]

From: Rigo Wenning <rigo@w3.org>
Date: Wed, 26 Sep 2012 11:53:41 +0200
To: public-tracking@w3.org
Cc: Mike O'Neill <michael.oneill@baycloud.com>, 'Nicholas Doty' <npdoty@w3.org>
Message-ID: <15868811.d5boTtCoKs@hegel.sophia.w3.org>

I see what you want to accomplish. But can't you do that by normally 
requesting an exception for one entity and declaring all the others 
in "same-party". Can you verify whether the wording in the TPE-
specification would fit your use case? In this case, the first site 
the user hits would ask for an exception and all the others are in 
the "same-party" field anyway. So if the browser hits bar.org it 
gets an exception. If the browser now hits foo.org it reads "same-
party" in the WKL and finds that foo.org and bar.org are the same-
party, thus the exception applies. I recognize that there are 
security issues here as someone can just claim to be the same-party 
as a well known site. 

Nick, I think Mike is trying to accomplish a cookie-consent for one 
entity over many sites. And in the EU context, the first party - 
third party distinction doesn't really play that same role. So the 
goal here is to disturb the user only once for a large array of 
sites belonging to the same legal entity, regardless of whether 
those are first or third parties. But I may be wrong. 


On Tuesday 25 September 2012 15:00:23 Mike O'Neill wrote:
> For instance if I go to multi-brand.yummycatford.co.uk I could see
> their tracking policy is from Multibrand Inc. I agree to their
> cookies using a UI meeting the EU PECR requirement and
> simultaneously agree to an exception for a set of embedded 3rd
> party content on that site. Multibrand Inc. record my agreement
> to their cookies (I have also agreed to their cookies/storage so
> that’s fine) and also a record of the domain-origin
> (multi-brand.yummycatford.co.uk) together with  the
> trackingExceptionID returned with the exception grant callback.
Received on Wednesday, 26 September 2012 09:52:02 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:39:00 UTC