Re: ISSUE-184

On May 22, 2013, at 11:08 AM, Walter van Holst wrote:

> On 225//13 8:04 PM, Roy T. Fielding wrote:
>> I object to that.  Whether they are third parties or not is a
>> function of the website.  There is nothing in our standard that
>> requires a website to be functional in the face of DNT:1, nor
>> will there ever be -- some sites have required user auth already.
> Dear Roy,
> A site that claims to respect DNT:1 while at the same time requiring a
> user to be tracked by so-called third-parties is in my book not meeting
> the overarching goal of this standard: allowing users to meaningfully
> express their preferences regarding being tracked across different contexts.

A site is not requiring anything -- the DNT:1 signal is still being
passed to those third parties, by the user agent, and the third party
is responsible for their own actions (or lack thereof).  The only
commitment being made by the first party is for data that they
control or share, and I honestly don't understand why you think
anything more needs to be said.

With regard to "requiring a user to be tracked", there is nothing
in the DNT standard that requires servers to provide equal service
to freeloaders.  There is nothing that prevents DNT from being
applicable to first party sites that have user authentication
requirements.  There is no obligation on companies to adhere to DNT,
regardless, other than the obligations they place on themselves.

Of course, there are obligations on data controllers in the EU
that apply regardless of DNT.

So, there is nothing to reconcile -- what you are proposing has
nothing to do with DNT, but rather how sites choose to be
constructed of many parts, which is far outside the scope of this
working group.  Turning off tracking is orthogonal to how content
gets delivered to the user agent.


Received on Wednesday, 22 May 2013 20:38:04 UTC