W3C home > Mailing lists > Public > public-tracking@w3.org > July 2013

Re: Confused by DAA's messages. Please explain

From: Peter Cranstone <peter.cranstone@3pmobile.com>
Date: Wed, 10 Jul 2013 15:04:45 +0000
To: Shane Wiley <wileys@yahoo-inc.com>, John Simpson <john@consumerwatchdog.org>, Mike Zaneis <mike@iab.net>, Marc Groman <mgroman@networkadvertising.org>, Jack Hobaugh <jack@networkadvertising.org>
CC: "public-tracking@w3.org List" <public-tracking@w3.org>
Message-ID: <CE02D1D1.17D0%peter.cranstone@3pmobile.com>

Thanks for the thoughtful response. I'm trying to think of the corner case that generates this 'exception'. The current spec says that there are two settings for DNT… 1 and unset. If I send 'unset' (it's a value) then the server just goes about business as normal. In the second case I can only send a 1. The server now has two options – accept the signal OR send a UGE request. The server has to send something to the user otherwise the user has no idea what just happened to trigger the condition which is causing the signal to be disregarded. So IMO the burden is always on the server to notify the user.


From: Shane Wiley <wileys@yahoo-inc.com<mailto:wileys@yahoo-inc.com>>
Date: Wednesday, July 10, 2013 8:51 AM
To: "Peter J. Cranstone" <peter.cranstone@3pmobile.com<mailto:peter.cranstone@3pmobile.com>>, John Simpson <john@consumerwatchdog.org<mailto:john@consumerwatchdog.org>>, Mike Zaneis <mike@iab.net<mailto:mike@iab.net>>, Marc Groman <mgroman@networkadvertising.org<mailto:mgroman@networkadvertising.org>>, Jack Hobaugh <jack@networkadvertising.org<mailto:jack@networkadvertising.org>>
Cc: "public-tracking@w3.org<mailto:public-tracking@w3.org> List" <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Subject: RE: Confused by DAA's messages. Please explain


I agree with you that since so many different parties can activate DNT:1 in the page request header, it would be difficult to disambiguate which one inappropriately added the signal outside of compliance (as you point out, a user may have actually turned on DNT in IE10 – how do you tell that outcome from a user that simply allowed the default to flow through as is).  I can only think of corner cases which would drive this outcome but the point is that the user should know that something about their setup is causing a non-compliant signal to be received (I’m assuming the details would be provided for the user if they’re interested).  Rather than the burden being on the server to confirm with the user, this provides a mechanism for the burden to be placed on the user to decide if they wish to continue to use this site and alter the setting that is causing the disregard signal being sent.

- Shane

From: Peter Cranstone [mailto:peter.cranstone@3pmobile.com]
Sent: Wednesday, July 10, 2013 3:40 PM
To: Shane Wiley; John Simpson; Mike Zaneis; Marc Groman; Jack Hobaugh
Cc: public-tracking@w3.org<mailto:public-tracking@w3.org> List
Subject: Re: Confused by DAA's messages. Please explain


Can you please give a clear and unambiguous example of what constitutes a 'non-compliant' signal.

I have asserted since the beginning that because the W3C chose to make the signal values binary, there is NO way to distinguish WHO set the signal without asking for a UGE or confirmation. IMO there is NO such thing as a non-compliant signal. It simply doesn't exist in the spec.

If you think it does then please show case the example of how you know that the signal is invalid.


From: Shane Wiley <wileys@yahoo-inc.com<mailto:wileys@yahoo-inc.com>>
Date: Wednesday, July 10, 2013 7:41 AM
To: John Simpson <john@consumerwatchdog.org<mailto:john@consumerwatchdog.org>>, Mike Zaneis <mike@iab.net<mailto:mike@iab.net>>, Marc Groman <mgroman@networkadvertising.org<mailto:mgroman@networkadvertising.org>>, Jack Hobaugh <jack@networkadvertising.org<mailto:jack@networkadvertising.org>>
Cc: "public-tracking@w3.org<mailto:public-tracking@w3.org> List" <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Subject: RE: Confused by DAA's messages. Please explain
Resent-From: <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Resent-Date: Wednesday, July 10, 2013 7:43 AM


I tried to answer this several weeks ago.  While its believe most, perhaps all, DNT:1 signals will be honored we should still hold out the option to disregard an obviously non-compliant signal.  This will provide balance within the eco-system that all parties activating DNT:1 should do this in compliance with the W3C DNT standard as there is a threat their signal will be disregarded if they do not.  As I stated previously, it’s often difficult to disambiguate between “good” and “bad” DNT:1 signals, so the industry proposal is a path forward where we bias towards accepting most DNT:1 signals but still hold the threat of being able to disregard truly non-compliant and observable situations to keep everyone honest.

- Shane

From: John Simpson [mailto:john@consumerwatchdog.org]
Sent: Friday, July 05, 2013 5:47 PM
To: Mike Zaneis; Marc Groman; Jack Hobaugh; Shane Wiley
Cc: public-tracking@w3.org<mailto:public-tracking@w3.org> List
Subject: Confused by DAA's messages. Please explain


I am trying to reconcile Mike Zaneis' description of the new industry position during Wednesday's call with what is actually written in the DAA proposal document.

Here is Mike's characterization as recorded in the minutes:

"zaneis: My members seeing 20-25% of user base sending flag. Early on, our position had been: perhaps the W3C could standardize the DNT signal, and we would treat that as an industry opt-out.
... That is no longer tenable.
... We expect DNT:1 signals to approach 50% in short-term.

<johnsimpson> you have 25 percent DNT flags because people do not want to be tracked.

zaneis: No longer want to try to distinguish between what DNT:1 signals are legitimate and which are not.

<jmayer> I also agree with David. We worked *very* hard to quickly compile issue-by-issue proposals and rationales, as the chairs requested. The stakeholders who declined to follow that constructive and substantive process are being rewarded with extra time and focus.

zaneis: Now, within industry, we've decided to take a different approach, and focus on deidentification. Hope that could be a way to make consensus.
... Yes, we had fought tooth and nail on the default and UI issue, and we're now willing to take those off the table in the name of progress. Now the question is what level of deidentification is appropriate and implementable. We want to have that discussion."

Yet in Section 4 -- First Party Compliance,  the authors of the "DAA" text (whoever they are) have inserted "Parties that disregard a DNT signal MUST respond to the user agent, using the response mechanism defined in the [TRACKING -DNT] specification."

This seems to flatly contradict what Mike said is the industry's new position.  If you don't distinguish between DNT:1 signals why would you disregard one and send a message that you are doing so?

Can someone please explain this discrepancy?

Received on Wednesday, 10 July 2013 15:05:18 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:39:52 UTC