Re: tracking-ISSUE-150: DNT conflicts from multiple user agents [Tracking Definitions and Compliance]

Thanks kindly for this.

On 6/4/2012 4:43 PM, Roy T. Fielding wrote:
> Please understand that a server would not be required to ignore
> an invalid DNT field -- they just have the right to because the
> protocol exchange is invalid.  Furthermore, the result of ignoring
> the invalid field is to fall back to the current state of
> "no preference" being expressed.  Hence, there would be no impact
> on Canadian or EU laws, nor would it change a server's obligation
> to comply with those laws in the absence of DNT.
>
> ....Roy

I really do not wish to interfere with agreements of the working group 
that have already been made, and I appreciate the merits of the 'no 
default under any circumstances' compromise described here.

I'm just trying to understand: A server indicating they respect and have 
enabled the DNT spec (to Canadian or other users) would have the right 
to ignore DNT-1 if deemed to have been set by UA default. I see this 
having different impact between Canada and the EU as 'unset' triggers a 
different response in each. In EU law, it requires a positive election 
prior to tracking by servers. whereas Canadian law does not currently 
appear to require any positive election as a pre-requisite. If this is 
how it is, it seems a recipe for potential confusion, as CDN users 
seeing DNT set to 1 in their browser settings will believe they are are 
DNT-1 enabled though they are not.

(others have raised more general concerns for dealing with 
privacy-friendly UAs, such as: how would a server determine which UA's 
should be specified as 'rogue' due to a DNT-1 default election; how 
would a server distinguish between DNT-1 by UA default & DNT-1 by user 
election on a 'rogue' UA; how will it be explained to users they must to 
disregard the DNT-1 by UA default setting on specific UAs, etc.).

Best regards,
Tamir

Received on Monday, 4 June 2012 22:34:47 UTC