- From: David Singer <singer@apple.com>
- Date: Mon, 10 Sep 2012 10:00:33 -0700
- To: Nicholas Doty <npdoty@w3.org>
- Cc: "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
On Sep 10, 2012, at 0:30 , Nicholas Doty <npdoty@w3.org> wrote: > I volunteered to take an action to avoid defining "absolutely-not-tracking" (or some similar term, none of which the group has taken to) and instead just rely on permitted uses. The idea is that we don't need any additional level like "anonymous" or "not tracking" (what conditions would such a level have to meet, anyway? would they be a subset of or distinct from our list of permitted uses?); we already have the functionality to say which permitted uses are claimed and can include the ability to claim none. > > The current editor's draft contains a Tracking Status Value (in 5.2) of N: >> None: The designated resource does not perform tracking of any kind, not even for a permitted use, and does not make use of any data collected from tracking. > > And also has optional Tracking Status Qualifier Values for enumerating permitted uses if the server so desires. > > I think there are two plausible options for enabling services to note which permitted uses they take advantage of, or none altogether, without debating "absolutely not tracking", both of which would be optional (and likely infrequently used) and straightforward. > > 1) Change TSV of "N" to signify: >> No Permitted Uses: The designated resource does not perform tracking, even for the defined list of permitted uses. > If the Compliance draft ends up with different terminology, this could be changed slightly to, for example: >> No Permitted Uses: The designated resource does not retain or use data, even for the defined list of permitted uses. I think the absence of qualifiers says this already, doesn't it? > > 2) Add a TSQV of "n" to signify: >> No Permitted Uses: No tracking is performed, including for any of the permitted uses. > And then note that "n" must not be used with any of the other qualifiers. > > In either case, I think we would actually want to add the following requirements (which I believe just clarifies our existing understanding) to the TSQV: >> Servers MAY indicate which permitted uses are being used with the tracking status qualifier member. If no qualifier is present, the server might be tracking for any or all of the permitted uses. I think for some qualifiers it's possible we will require it if the permission is claimed, so I am hesitant to make such blanket statements. We might need to add "for which using the qualifier is not required". > And add a clause to an existing sentence: >> An origin server indicating one or more of those permitted uses also indicates that it conforms to the requirements associated with those permitted uses _and does not perform tracking for any other permitted uses not listed_. I think for a site that doesn't do tracking, we're talking about a choice between TSV = N -- I don't mind being used in either 1st or 3rd party contexts, as I simply don't do tracking or TSV = 1, TSQV = n; I can be used in 1st party contexts (and hence, by implications, 3rd), but I simply don't do tracking The snag with the second is that mostly permissions (indicated by qualifiers) are a warning of a *relaxation* of the rules, whereas in this case it's strengthening, in a sense. I think the first is therefore cleaner -- the TSV of 'N'. David Singer Multimedia and Software Standards, Apple Inc.
Received on Monday, 10 September 2012 17:01:14 UTC