- From: John Simpson <john@consumerwatchdog.org>
- Date: Thu, 1 Nov 2012 16:10:48 -0700
- To: "Roy T. Fielding" <fielding@gbiv.com>
- Cc: "public-tracking@w3.org Group WG" <public-tracking@w3.org>
- Message-Id: <4B615FCC-A6B3-41DB-886C-3BFE77AE8D2B@consumerwatchdog.org>
Question in text below. ---------- John M. Simpson Consumer Advocate Consumer Watchdog 2701 Ocean Park Blvd., Suite 112 Santa Monica, CA,90405 Tel: 310-392-7041 Cell: 310-292-1902 www.ConsumerWatchdog.org john@consumerwatchdog.org On Nov 1, 2012, at 3:32 PM, Roy T. Fielding wrote: > On Oct 31, 2012, at 2:32 PM, John Simpson wrote: > >> Not to imply that I agree that a server can ignore a facially valid DNT message, however the WG comes on this, I'd say if server plans to disregard DNT it MUST notify the UA. > > Please understand that it is necessary, for the survival of the Web, > that a server have the ability to disregard protocol elements that do not > adhere to their assigned semantics. It is one of the very few aspects > of the Web that allow it to survive the tragedy of the commons. > I cannot emphasize enough that this principle is far more important > than anything the W3C has worked on, including DNT. > > If automated transparency is desired, then the solution is to provide > a means for the server to say that it won't comply with an invalid signal. > In order for that to be required, it must be a mechanism usable > by servers that have no direct access to the GUI, including redirect > handlers and beacons, which means it must be in the tracking status > value. Is there a problem with it being in the tracking status value? > > If no protocol mechanism is provided, then it is likely that users > will be notified via the privacy policy, assuming that the server > adheres to any DNT signals. A privacy policy that is rarely read by anyone doesn't seem to be an adequate means of notification. > > ....Roy >
Received on Thursday, 1 November 2012 23:10:42 UTC