- From: David Singer <singer@apple.com>
- Date: Wed, 31 Oct 2012 11:16:40 +0100
- To: public-tracking@w3.org
- Cc: Joanne Furtsch <jfurtsch@truste.com>
there is an outstanding action item I have (https://www.w3.org/2011/tracking-protection/track/actions/320) to draft text on out-of-band consent, with Joanne. * * * * The exceptions APIs provide a way to manage consent to being tracked "in-band" – that is, the exception is recorded using an API defined in this specification, and the consent is indicated in-band in the protocol header with a specific value of the DNT header. There are circumstances, however, where the user's consent may have been sought, abtained, and recorded through other means. In terms of this specification, such consent is therefore "out of band". Consider a service TrackMyReading.com. When you sign up, it advises you that, when you are logged in, their 'Like' buttons on sites will track what you visit, and if you click on the 'Like' button, will add that information to the tracking. If you are not logged in to the service, nothing happens. In this case, the act of logging-in effectively is the grant of an out-of-band exception, and logging out revokes the grant. It maybe more convenient for this service to operate thus, out of band, than to call the APIs on every login and logout, particularly if the service considers you logged out (without a visit to the site) after a time-out. There may be examples with other usage models. Note that the specification for the tracking status resource recommends that the 'control' member be available when out-of-band consent methods are used, as this provides the user-agent and user a way to explore their consent and its consequences, and confirm or withdraw it. * * * * I suspect that the best way to handle this is to title section 6 of the TPE "User-granted in-band exceptions" and add this new text as a section 7 "Out of band exceptions". Alternatively, supply this new text as a new sub-section of section 6, and explain that the rest of the section deals with in-band. David Singer Multimedia and Software Standards, Apple Inc.
Received on Wednesday, 31 October 2012 10:17:17 UTC