- From: Brad Kulick <kulick@yahoo-inc.com>
- Date: Wed, 4 Dec 2013 15:09:07 +0000
- To: "Matthias Schunter (Intel Corporation)" <mts-std@schunter.org>
- CC: "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
- Message-ID: <78638279-D2C6-4EFD-91D2-8BFA69310B99@yahoo-inc.com>
Matthias, The main concern is about creating a system that provides “certainty” to the ad ecosystem to develop trust in DNT. To provide the best possible chance for DNT to survive and thrive as a broadly implemented standard, we should start small and in well understood and expected areas – in this case that means with Web Browsers in isolation. I acknowledge that this removes some “interesting use cases” but that is understood and purposeful to reduce the number of variables and entry points into the system. Thanks, Brad On Dec 3, 2013, at 2:16 AM, Matthias Schunter (Intel Corporation) wrote: Hi Brad, thanks a lot for this input. I will keep ISSUE-153 open for now and we can discuss it tomorrow. My reading of your proposed change is that you want to ensure that only user agents themselves can transmit preferences. It would disallow anyone else to send DNT headers _even if this entity follows our requirements_. IMHO this would exclude some interesting scenarios: - A plugin synchronising preferences of a user between devices / browsers. - A intermediary service where I can manage my privacy preferences (e.g., a control panel in the OS) - A trust management plugin for browsers where DNT;1 is only sent to selected blacklisted sites (or any other policy that is more advanced than the default policies of user agents). ... For me, the requirement that all requirements must be met in order to gain permission to modify DNT headers is indeed important. This is clearly not the case for some of the tools today. Could you elaborate your concerns, i.e., why you want to exclude other entities from managing preferences - even if they adhere to our requirements? Regards, matthias Am 21.11.2013 22:04, schrieb Brad Kulick: Matthias, I respectfully request we keep Issue-153 open. We’re fine with closing the rest of the issues you’ve recommended. To Issue-153, we believe intermediaries should *not* be allowed to alter the tracking preference in version 1.0 and to reserve this interaction between the user and web browser for now. We believe this will result in a simpler implementation path through well-known interfaces and gives everyone time to gain real-world experience to consider how best to incorporate intermediaries altering signals in transit. In Section 3 of the TPE, we should change the following text: “Likewise, a user agent extension or add-on MUST NOT alter the tracking preference unless the act of installing and enabling that extension or add-on is an explicit choice by the user for that tracking preference.” -to- “Likewise, a user agent extension or add-on MUST NOT alter the tracking preference.” Thanks, Brad On Nov 14, 2013, at 1:10 AM, Matthias Schunter (Intel Corporation) wrote: Hi Folks, while we are working on the new issues, I suggest we close the set of TPE-related issues that have been PENDING REVIEW for many months. These document the outcome of our former discussions on TPE where we reached a conclusion that resulted in text. For each of those issues, the text resolving the issue is already included into the TPE spec (and has been there for a long time). Please: Validate that you can live with the resolution of the enclosed issues (Deadline: December 03). In case you want to object to closing an issue, please provide the required documentation (see "the plan"), i.e., roughly you should say why the issue cannot be closed, what concern you have that is not addressed, and what alternative text you proposed to mitigate your concern. Thanks a lot! matthias --------------8<------------------ http://www.w3.org/2011/tracking-protection/track/issues/137 ISSUE-137: Does hybrid tracking status need to distinguish between first party (1) and outsourcing service provider acting as a first party (s) http://www.w3.org/2011/tracking-protection/track/issues/153 ISSUE-153: What are the implications on software that changes requests but does not necessarily initiate them? http://www.w3.org/2011/tracking-protection/track/issues/161 ISSUE-161: Do we need a tracking status value for partial compliance? http://www.w3.org/2011/tracking-protection/track/issues/164 ISSUE-164: To what extent should the "same-party" attribute of tracking status resource be required http://www.w3.org/2011/tracking-protection/track/issues/168 ISSUE-168: What is the correct way for sub-services to signal that they are taking advantage of a transferred exception? http://www.w3.org/2011/tracking-protection/track/issues/195 ISSUE-195: Flows and signals for handling "potential" out of band consent http://www.w3.org/2011/tracking-protection/track/issues/197 ISSUE-197: How do we notify the user why a Disregard signal is received?
Received on Wednesday, 4 December 2013 15:10:29 UTC