Re: ISSUE-161: Discussion of semantics and alternatives to "!" from Rob van Eijk on 2013-04-21 (public-tracking@w3.org from April 2013)

From: Rob van Eijk <rob@blaeu.com>
Date: Sun, 21 Apr 2013 18:15:00 +0200
To: David Singer <singer@apple.com>
Cc: Jonathan Mayer <jmayer@stanford.edu>, "Matthias Schunter (Intel Corporation)" <mts-std@schunter.org>, <public-tracking@w3.org>
Message-ID: <4aea77e5203af16d9368fd5866e42cdc@xs4all.nl>

David wrote:
> I think we have heard from very few people here.

The discussion about a tracking status value of ! is useful in the 
sense that it allows to rethink if the granular dialogue that has been 
crafted is fit for purpose. In my opinion it is not. It makes no sense 
to me that a company can make representations to honor DNT in e.g. it's 
DNT statement on the website and then ignore DNT by responding with !. 
It contradicts with transparency.

If a party representations is such that is honors DNT, the best way 
IMHO to signal testing or debugging is not in the tracking status value, 
but in the qualifier (TPE section 5.4.3).

So I suggest to remove "!" in TPE section 5.2.1 and adjust the table in 
TPE section 5.4.2 such that it links to the permitted use for debugging 
(TCS section 6.2.2.7).

Rob


David Singer schreef op 2013-04-21 03:56:
> On Apr 21, 2013, at 2:42 , Jonathan Mayer <jmayer@stanford.edu> wrote:
> 
>> On Saturday, April 20, 2013 at 1:43 AM, David Singer wrote:
>> 
>>> On Apr 19, 2013, at 13:02 , Jonathan Mayer <jmayer@stanford.edu> 
>>> wrote:
>>> 
>>>> David,
>>>> 
>>>> I disfavor having any selective noncompliance flag. I'm open to the 
>>>> idea of a debugging/testing/phasing-in flag, but it would have to be 
>>>> narrowly scoped (e.g. specific uses and limited duration) and 
>>>> explicitly disallowed as a basis for claiming Do Not Track protocol 
>>>> or policy compliance.
>>> 
>>> well, the specific use is for when a site is not yet ready to claim 
>>> compliance; why would the duration need a formal limit?
>> 
>> A website might repurpose an indefinite debugging/testing/phasing-in 
>> flag as a de facto selective non-compliance flag. I'd like to mitigate 
>> that possibility.
> 
> I don't understand the "selective" in your sentence.
> 
>>> yes, agreed, the documentation needs to state that the use of this 
>>> flag is a declaration that compliance is not claimed.
>>> 
>>> * * * *
>>> 
>>> On 'I am Disregarding you', I am trying to work out your alternative 
>>> in my mind. It seems that if there are going to be sites that will 
>>> ignore DNT signals, you would prefer a state in which they could say 
>>> nothing, and signal nothing, unless someone finds out (and how would 
>>> they)? The site could, if challenged, say "we decided to ignore 
>>> signals we deemed non-compliant". The user, unable to see that their 
>>> data is being added to a database, is none the wiser, the privacy 
>>> researcher is unaware, and so on. Is this really better?
>> 
>> If a website claimed to support Do Not Track but surreptitiously 
>> ignored certain DNT: 1 signals, it could face grave legal, business, 
>> and media consequences.
> 
> "…if it is found out, and they don't successfully argue that they can
> be non-compliant in response to what they believe are non-compliant
> signals"
> 
> As for detection, there are a number of technical options that I'd be
> glad to discuss.
> 
> For what it's worth, note the lineup of stakeholders on this issue:
> it's not the advocates, regulators, and researchers clamoring for a
> selective noncompliance signal. It's the websites that want to
> practice selective noncompliance.
> 
> I think we have heard from very few people here. I suggested it,
> since I like transparency. Shane accepted it, and almost no-one else
> has said
> 
>>> 
>> For what it's worth, I don't think it's OK to practice selective 
>> non-compliance, unless forced. But I do support transparency. Yes, 
>> they may be trying to 'soften the blow' by not being accused of lying 
>> to users as well as not always complying. "Yes, it's true we don't 
>> always observe DNT signals, but we're up front about it".
> 0, 0, 0); font-family: Helvetica; font-size: medium; font-style:
> normal; font-variant: normal; font-weight: normal; letter-spacing:
> normal; line-height: normal; orphans: 2; text-align: auto;
> text-indent: 0px; text-transform: none; white-space: normal; widows:
> 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px;
> -webkit-border-vertical-spacing: 0px;
> -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust:
> auto; -webkit-text-stroke-width: 0px; ">
> 
> David Singer
> Multimedia and Software Standards, Apple Inc.

Received on Sunday, 21 April 2013 16:15:37 UTC