- From: Justin Brookman <justin@cdt.org>
- Date: Wed, 13 Jun 2012 10:50:11 -0400
- To: "public-tracking@w3.org" <public-tracking@w3.org>
- Message-ID: <4FD8A8A3.3000209@cdt.org>
I was torn on whether to use MAY or MUST as well as the third paragraph, so happy to accede to those friendly amendments. Justin Brookman Director, Consumer Privacy Center for Democracy& Technology 1634 I Street NW, Suite 1100 Washington, DC 20006 tel 202.407.8812 fax 202.637.0969 justin@cdt.org http://www.cdt.org @CenDemTech @JustinBrookman On 6/13/2012 10:43 AM, Ian Fette (イアンフェッティ) wrote: > Is there any reason to say a user agent MAY offer a control instead of > "A user agent MUST offer a control?" -- I'd personally prefer MUST, > and can't imagine any reason for saying "MAY". With MAY you can claim > "I never send a DNT signal and I don't offer any controls, therefore I > have implemented DNT." > > Also, the third paragraph seems to apply to intermediaries, not UAs. > > That said, I think this text is necessary but not sufficient, we may > want to say more... i expect we'll get lots of conversation around this :) > > On Wed, Jun 13, 2012 at 7:26 AM, Justin Brookman <justin@cdt.org > <mailto:justin@cdt.org>> wrote: > > Hello, here is draft language for the compliance document on user > agent requirements. The first paragraph is new, the second two > are copied-and-pasted from Section 3 of the current TPE spec. > > Replace 4.2 Intermediary Compliance (empty) with this new section: > > 4.2 User Agent Compliance > > A user agent MAY offer a control to express a tracking preference > to third parties. The control MUST communicate the user's > preference in accordance with the [[Tracking Preference Expression > (DNT)]] recommendation and otherwise comply with that > recommendation. A user agent MUST NOT express a tracking > preference for a user unless the user has interacted with the user > agent in such a way as to indicate a tracking preference. > > We do not specify how tracking preference choices are offered to > the user or how the preference is enabled: each implementation is > responsible for determining the user experience by which a > tracking preference is enabled. For example, a user might select a > check-box in their user agent's configuration, install an > extension or add-on that is specifically designed to add a > tracking preference expression, or make a choice for privacy that > then implicitly includes a tracking preference (e.g., "Privacy > settings: high"). Likewise, a user might install or configure a > proxy to add the expression to their own outgoing requests. > > Although some controlled network environments, such as public > access terminals or managed corporate intranets, might impose > restrictions on the use or configuration of installed user agents, > such that a user might only have access to user agents with a > predetermined preference enabled, the user is at least able to > choose whether to make use of those user agents. In contrast, if a > user brings their own Web-enabled device to a library or cafe with > wireless Internet access, the expectation will be that their > chosen user agent and personal preferences regarding Web site > behavior will not be altered by the network environment, aside > from blanket limitations on what resources can or cannot be > accessed through that network. Implementations of HTTP that are > not under control of the user /must not/ express a tracking > preference on their behalf. > > -- > Justin Brookman > Director, Consumer Privacy > Center for Democracy& Technology > 1634 I Street NW, Suite 1100 > Washington, DC 20006 > tel202.407.8812 <tel:202.407.8812> > fax202.637.0969 <tel:202.637.0969> > justin@cdt.org <mailto:justin@cdt.org> > http://www.cdt.org > @CenDemTech > @JustinBrookman > >
Received on Wednesday, 13 June 2012 14:50:45 UTC