- From: David Singer <singer@mac.com>
- Date: Thu, 11 May 2017 15:26:31 -0700
- To: "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
> On May 11, 2017, at 9:39 , Mike O'Neill <michael.oneill@baycloud.com> wrote: > > Matthias, > > The user can already "choose to constrain an exception to a subset of third parties" if the server allows him to. That is what the arrayOfDomainStrings parameter is for. > > At the moment, because the TPE must enforce "one out, all out", the user agent in its own UI can only allow the user to change what has been established during their interaction with the server by revoking all of them at once. It cannot allow the user to selectively change the set of third-parties once they are granted. Agreed. I also think that the likelihood that a UA will want to offer a finer-grained UI is very small. Let’s look at cookies: Firefox allows you to delete individual cookies, but Safari only offers ‘all for a site’ and as far as I can tell, Chrome only offers ‘all cookies and other state from all sites for the past N hours’. I also have trouble imagining how a site would ‘feel’ if it says “look, for you to get free access I need tracking for <these advertisers> and <these audit companies>”, and you say ‘ok’ but then send DNT:0 only to the audit companies. So, I am having a hard time with finer-grained exception handling on both ends — unlikely to be used at the UA, and unlikely to make sense for sites. Why do we keep exploring it? Dave Singer singer@mac.com
Received on Thursday, 11 May 2017 22:27:06 UTC