RE: issue-170 from Mike O'Neill on 2014-06-06 (public-tracking@w3.org from June 2014)

From: Mike O'Neill <michael.oneill@baycloud.com>
Date: Fri, 6 Jun 2014 23:47:45 +0100
To: "'Chris Mejia'" <elementslifestylegroup@hotmail.com>, "'Roy T. Fielding'" <fielding@gbiv.com>
Cc: "'W3C DNT Working Group Mailing List'" <public-tracking@w3.org>
Message-ID: <0e8601cf81d9$55952dc0$00bf8940$@baycloud.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Chris,

What is not implementable at scale & in real-time, the UGE? I can assure you it can and in fact already has.

Mike


> -----Original Message-----
> From: Chris Mejia [mailto:elementslifestylegroup@hotmail.com]
> Sent: 06 June 2014 19:50
> To: Roy T. Fielding; Mike O'Neill
> Cc: W3C DNT Working Group Mailing List
> Subject: Re: issue-170
> 
> Agree with Roy on this. Logistically/technically speaking, the proposal is
> not implementable at scale, in real-time.
> 
> --
> Chris Mejia
> 
> 
> 
> 
> 
> 
> On 6/6/14, 10:56 AM, "Roy T. Fielding" <fielding@gbiv.com> wrote:
> 
> >On Jun 4, 2014, at 5:38 AM, Mike O'Neill wrote:
> >> If a 1st Party receives a request with DNT:0 set then data regarding
> >>the user MAY be used or shared but, if the header signal resulted from
> >>an explicitly-granted exception, only for the purposes that were clearly
> >>and comprehensively explained when the exception was granted.
> >
> >There is no need for this text.  If a server receives DNT:0,
> >it will behave according to its own set of practices for DNT:0.
> >It is not going to change its practices on a per-user basis.
> >
> >If those practices exceed whatever the server might have stated in some
> >request for a UGE, the server owner is inviting regulatory action or
> >lawsuits.  We do not need to say anything about servers that mislead.
> >
> >If the server does not request UGEs (and thus only receives DNT:0 when
> >set web-wide), then it has no control over what was explained to the user
> >and is instead relying on the browser configuration.  What the browser
> >configuration means is largely outside the scope of compliance, though
> >we all hope that they will eventually become consistent.
> >
> >....Roy

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (MingW32)
Comment: Using gpg4o v3.3.26.5094 - http://www.gpg4o.com/
Charset: utf-8

iQEcBAEBAgAGBQJTkkUQAAoJEHMxUy4uXm2J4M4H/1ERdk61XdWOyBj9Z53CHckx
6vNiU1hgnGzI3cpBeOdSgcaPfwS6IMRfpe+LNQKvuXZHlfEKsnUYpgtqiqkSdQZV
ej35JIN8pSPCxAp7MXoQxQ0uihh/oNMF/nM8fJdb4mAPDyt/yiJ3QcVO/p7mimP2
EYaQVtSQDqL75wCyeQcBXVSL10FhuVkvqW22DFp95fb+5P1XvG5jnux1GJvjQfB4
ZIArJ8/y5rNtURwvoBZc0mS/sc4iPYK0d77qlzLp/zHVCO7JsWdd/syuQ806M0CR
E3nArZqmrx8EQIzPq47Q7ssA9/7qRyCk7hFqHYADMN3qqBnVeDvJojVD4Ix/irU=
=g/oK
-----END PGP SIGNATURE-----

Received on Friday, 6 June 2014 22:48:24 UTC