RE: tracking-ISSUE-239: Should tracking status representation include an array of links for claiming compliance by reference? [Tracking Preference Expression (DNT)] from Mike O'Neill on 2013-12-08 (public-tracking@w3.org from December 2013)

From: Mike O'Neill <michael.oneill@baycloud.com>
Date: Sun, 8 Dec 2013 12:47:40 -0000
To: "'Tracking Protection Working Group'" <public-tracking@w3.org>
Cc: "'Roy T. Fielding'" <fielding@gbiv.com>
Message-ID: <0cac01cef413$aee21090$0ca631b0$@baycloud.com>

Roy,

There should be a way for UAs or audit scanners to automatically recognise compliance statements other than by constraining servers to  unique Uris or trying to parse an un-standardised document. Compliance should be indicated by a code followed by an optional Uri addressing a human-readable resource. The compliance reference codes should be in a maintained registry, maybe administered by IANA. For example DAA, NAI, EU, COPPA etc.

A server could comply with multiple ones i.e. EU and NAI, so the new TR member should be a multiple value list.

i.e. in JSON:

var trf=
{
 "compliance": [
   {
        "code": "EU",
                                    "description": "https://xxx.eu/DNTcompliance"
   },
   {
        "code": "NAI",
                                    " description ": "https://www.networkadvertising.org/DNTcompliance"
   }
              ]
}



Mike


> -----Original Message-----
> From: Tracking Protection Working Group Issue Tracker
> [mailto:sysbot+tracker@w3.org]
> Sent: 08 December 2013 05:12
> To: public-tracking@w3.org
> Subject: tracking-ISSUE-239: Should tracking status representation include an
> array of links for claiming compliance by reference? [Tracking Preference
> Expression (DNT)]
> 
> tracking-ISSUE-239: Should tracking status representation include an array of
> links for claiming compliance by reference? [Tracking Preference Expression
> (DNT)]
> 
> http://www.w3.org/2011/tracking-protection/track/issues/239
> 
> Raised by: Roy Fielding
> On product: Tracking Preference Expression (DNT)
> 
> I propose an optional member of the tracking status object that will allow the
> origin server to communicate what (if any) claims it wishes to make regarding
> compliance to certain behaviors, as defined by reference to other standard
> resources:
> 
>   An origin server MAY send a member named compliance with an array value
> containing a list of URI references that identify specific regimes to which the
> origin server claims to comply for the designated resource. Communicating such
> a claim of compliance is presumed to improve transparency, which might
> influence a user's decisions or configurations regarding allowed tracking, but
> does not have any direct impact on this protocol.
> 
>     compliance    = %x22 "compliance" %x22
>     compliance-v  = array-of-refs
> 
> Related to ISSUE-136
> 
>

Received on Sunday, 8 December 2013 12:48:21 UTC