- From: Matthias Schunter (Intel Corporation) <mts-std@schunter.org>
- Date: Thu, 13 Jun 2013 17:49:24 +0200
- To: public-tracking@w3.org
- Message-ID: <51B9EA04.7040000@schunter.org>
Hi! my 2cents: - From a user expectation point of view, I would expect that whatever is turned on by private browsing (e.g., turning on DNT;1) is then undone when I exit this mode (i.e., returning DNT to the prior state). - The original intent (AFAIR) of the language I cited was to allow installation of privacy tools (such as the anonymous browsing tool "Tor") and - since this is a very strong expression of a desire for privacy - these tools may send DNT;1 by default. Naturally, these tools MUST still need to implement the exception API and provide a feature to return from DNT;1 to unset or DNT;0. Matthias On 13/06/2013 16:27, Alan Chapell wrote: > Thanks Craig - > > I probably wasn't being clear enough in my question. As I understand > it, Safari turns on DNT automatically during a Private Browsing > session. I'm asking if DNT remains on, or is turned off when the > Private Browsing session ends. > > > From: Craig Spiezle <craigs@otalliance.org <mailto:craigs@otalliance.org>> > Date: Thursday, June 13, 2013 10:18 AM > To: Alan Chapell <achapell@chapellassociates.com > <mailto:achapell@chapellassociates.com>>, 'Justin Brookman' > <jbrookman@cdt.org <mailto:jbrookman@cdt.org>>, 'David Singer' > <singer@apple.com <mailto:singer@apple.com>> > Cc: 'Shane Wiley' <wileys@yahoo-inc.com > <mailto:wileys@yahoo-inc.com>>, 'Peter Swire' <peter@peterswire.net > <mailto:peter@peterswire.net>>, <public-tracking@w3.org > <mailto:public-tracking@w3.org>> > Subject: RE: June Draft of the DNT compliance spec > Resent-From: <public-tracking@w3.org <mailto:public-tracking@w3.org>> > Resent-Date: Thu, 13 Jun 2013 14:19:33 +0000 > > This is really determined by the browser vendor and or user > setting if "private browsing" (InPrivate, Incognito...) is a > session based or persistent setting. > > *From:*Alan Chapell [mailto:achapell@chapellassociates.com] > *Sent:* Thursday, June 13, 2013 7:07 AM > *To:* Justin Brookman; Craig Spiezle; David Singer > *Cc:* 'Shane Wiley'; 'Peter Swire'; public-tracking@w3.org > <mailto:public-tracking@w3.org> > *Subject:* Re: June Draft of the DNT compliance spec > > Thanks Justin. I was unaware of the Private Browsing feature. > > David, does Private Browsing turn on DNT automatically during a > private browsing session, and then turn it off automatically once > the private browsing session is over? > > *From: *Justin Brookman <jbrookman@cdt.org <mailto:jbrookman@cdt.org>> > *Date: *Monday, June 10, 2013 12:37 PM > *To: *Craig Spiezle <craigs@otalliance.org > <mailto:craigs@otalliance.org>> > *Cc: *'Shane Wiley' <wileys@yahoo-inc.com > <mailto:wileys@yahoo-inc.com>>, Alan Chapell > <achapell@chapellassociates.com > <mailto:achapell@chapellassociates.com>>, 'Peter Swire' > <peter@peterswire.net <mailto:peter@peterswire.net>>, > <public-tracking@w3.org <mailto:public-tracking@w3.org>> > *Subject: *Re: June Draft of the DNT compliance spec > > Previously, I thought we had agreement that selection of a > special privacy-protective product or setting could imply > consent to send DNT:1 This agreement is currently reflected > in the TPE in Section 3: > http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#determining. > For example, I believe that Safari turns on DNT:1 whenever > someone engages "Private Browsing" mode, despite no specific > language about Do Not Track: > http://www.apple.com/safari/features.html > > However, that language/agreement may have been subsumed by > more recent discussions. > > On Jun 10, 2013, at 11:15 AM, "Craig Spiezle" > <craigs@otalliance.org <mailto:craigs@otalliance.org>> wrote: > > > > I apologize for possibly bringing up a closed issue, but do > you see a distinction between a browser or a privacy / > security enhancing product? I agree with what is proposed by a > browser, but see there might be other scenarios where the > consumer is making an implied decision when acquiring a third > party security / privacy add-on?. > > Conceptually let's call the product Privacy and Data Protector > which by default out of the box offers "maximized protection > of your data collection and privacy". Could one argue that > one who purchases such a product in effect is making an > implied decision to use such functionality. Better yet > Ad-Block Plus? > > *From:*Shane Wiley [mailto:wileys@yahoo-inc.com > <http://yahoo-inc.com>] > *Sent:*Monday, June 10, 2013 7:17 AM > *To:*Alan Chapell; Peter Swire;public-tracking@w3.org > <mailto:public-tracking@w3.org> > *Subject:*RE: June Draft of the DNT compliance spec > > Friendly amendment suggestion: > > "...unless they have otherwise obtained consent from the user > to do so." > > - Shane > > *From:*Alan Chapell [mailto:achapell@chapellassociates.com] > *Sent:*Monday, June 10, 2013 6:31 AM > *To:*Peter Swire;public-tracking@w3.org > <mailto:public-tracking@w3.org> > *Subject:*Re: June Draft of the DNT compliance spec > > Thanks Peter. I'm still generally uncomfortable that DNT > doesn't place requirements on First Parties. > > One item of particular concern that seems to have fallen off > the radar is the scenario where a party collects data in a > first party context and attempts to use it in a third party > context when DNT is enabled. I thought there was agreement on > this issue. However, I keep raising it, and it doesn't seem to > make it into the drafts. Perhaps its implied in the language > "... customize the content, services, and advertising in the > context of the first party experience." However, it is not > clear enough, IMHO. > > To address, I offer the following language to Section 4 (First > Party Compliance). The new language is below. > > First Parties /must not/ use data collected while a First > Party when acting as a Third-Party when DNT = 1. > > Nick -- if I need to open up another issue on this, please let > me know. Thanks! > > Alan > > *From:*Peter Swire <peter@peterswire.net > <mailto:peter@peterswire.net>> > *Date:*Monday, June 10, 2013 7:47 AM > *To:*"public-tracking@w3.org <mailto:public-tracking@w3.org>" > <public-tracking@w3.org <mailto:public-tracking@w3.org>> > *Subject:*June Draft of the DNT compliance spec > *Resent-From:*<public-tracking@w3.org > <mailto:public-tracking@w3.org>> > *Resent-Date:*Mon, 10 Jun 2013 11:47:58 +0000 > > To the Working Group: > > Attached please find a June Draft of the > compliance spec. The spec is also available at: > > http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance-june.html > > This draft builds directly on the Consensus Action Summary > from the Sunnyvale F2F. Working closely with W3C staff, > and based on numerous discussions with members of the WG, > this June Draft is my best current estimate of a document > that can be the basis for a consensus document in time for > Last Call. > > The June Draft includes a number of_grammatical > and stylistic edits_to various provisions of the previous > working drafts. These sorts of edits were done in hopes > of adding clarity and good writing to the provisions. In > the spirit of humility, W3C staff and I recognize that > members of the WG may spot substantive objections to these > stylistic edits -- let us work within a constructive > spirit of the working group process to examine and, where > appropriate, make changes to these edits. > > The Draft also addresses the_four task > areas_included in the Consensus Action Summary. In > proposing language in the June Draft, my intent and belief > was to make good substantive judgments about an_overall > package_that may achieve consensus, as well as > item-by-item judgments about what is substantively most > defensible within the context of the WG. Clearly, the > group will need to work through each piece of the text, > members can suggest alternatives, and we will need to > determine where and whether consensus exists. > > The June Draft contains_normative text but not > non-normative text_. In part, this reflects my view that > we have the best chance to work constructively on a > relatively short amount of normative text. Proposed > non-normative text can be proposed for provisions in time > for Last Call. As a potentially useful alternative, W3C > has various mechanisms for publishing notes or other > documents that illuminate a standard. The best time for > detailed discussion of most non-normative text quite > possibly will be after Last Call. > > The June Draft discusses_only items that the W3C > WG can address_. Clearly, the actions of others on these > issues may be relevant to the overall outcome. For > instance, the DAA has discussed changes to its code, > including on its market research and product development > exceptions. There has been discussion of a potentially > useful limit on any blocking of 3d party cookies for sites > that comply withDNT. There may also be new and useful > technical measures that would be important to the future > of advertising in a privacy-protective manner. The text > here, as indicated, addresses what would be within the > compliance spec itself. > > W3C staff and I are working on further explanatory > materials that will seek to clarify the changes here, and > link the June Draft to the issues on the WG site. > > The regular call this Wednesday will be an > opportunity for the Group to have an initialdiscussion of > the June Draft. To give everyone a chance to review this > material, we will not be seeking to close compliance > issues during this Wednesday's calls. > > Thank you, > > Peter > > Prof. Peter P. Swire > > C. William O'Neill Professor of Law > > Ohio State University > > 240.994.4142 > > www.peterswire.net <http://www.peterswire.net> > > Beginning August 2013: > > Nancy J. and Lawrence P. Huang Professor > > Law and Ethics Program > > Scheller College of Business > > Georgia Institute of Technology >
Received on Thursday, 13 June 2013 15:49:53 UTC