W3C home > Mailing lists > Public > public-tracking@w3.org > January 2013

Re: Concerns regarding "store"-style DNT exceptions Re: Batch closing of issues ISSUE-144

From: Walter van Holst <walter.van.holst@xs4all.nl>
Date: Thu, 31 Jan 2013 16:40:05 +0100
Message-ID: <510A9055.2060107@xs4all.nl>
To: public-tracking@w3.org
On 1/31/13 4:30 PM, Shane Wiley wrote:
> Thank you for the thoughtful exploration of incentives for allowing
> exception setting from Servers.  I thought we as a working group had
> originally agreed that if a Site has collected out-of-band (OOB)
> consent from a user, that they could proactively store this in the UA
> for appropriate relay on subsequent interactions.  Weren't you
> supportive of that position?  If so, I'm curious how this process
> changes that? 
> There is little incentive for Sites to adopt DNT if direct consent
> mechanisms are second questioned by the UA as they will not be able to
> relay the context and value exchange messaging in which the consent
> was originally captured (basically, a Site would be opening up its
> direct consent with users to a UA confirmation).  As each exception
> transaction is recorded, it is readily available for advocates and
> regulators to interrogate for appropriate processing and informed
> consent.  This continues to be an exercise in burdening the rest of
> the ecosystem to attempt to weed out bad actors that will likely not
> implement DNT in the first place.  The edge cases you've explored are
> just that -- edge cases -- and we should avoid developing remedies to
> those situations at the cost of the entire standard.
> There is a chain of dependencies within the Site, UA, and User
> ecosystem to develop trust in DNT.  The first step is that each party
> desire implementing the standard in the first place.  If very few
> Sites implement DNT in the first place, then User trust will not
> develop.  I believe we'll see self-regulation step up globally to wipe
> out the edge-cases you've outlined.
> I would ask the working group to continue to avoid overburdening and
> disintermediating Sites from their Users in this standard.  The
> current proposal for allowing Sites to register user granted
> exceptions in the UA is the right course, is supported by many/most in
> the working group, and will drive higher adoption of the DNT standard
> -- the first step needed to drive User trust in the utility and
> confidence in DNT.

Let's agree that user trust is paramount. Users will not trust DNT if a
site can claim OOB consent without the browser at least indicating such
claim. I am not asking for additonal dialogs, merely that the UA
indicates the level of trust granted to the various parties.

And yes, I am aware that DNT is based on trust on the good faith of
servers. I do not think that trust is nurtured by a standard that
requires no indication to users of discrepancies between their browser
settings and actual behaviour, even in good faith, of a server, where it
can be reasonably detected by the UA. I concur with Nick that this would
cast doubt on the meaning of the signal.


Received on Thursday, 31 January 2013 15:40:40 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:39:18 UTC