Re: Summary of Discussions on user-granted Exceptions [consensus check on ISSUE-129 and ISSUE-130] from Vinay Goel on 2012-05-14 (public-tracking@w3.org from May 2012)

From: Vinay Goel <vigoel@adobe.com>
Date: Mon, 14 May 2012 08:43:05 -0700
To: Matthias Schunter <mts-std@schunter.org>, "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <CBD6E5E2.92D4%vigoel@adobe.com>

Hi Matthias,

Are there technical reasons why we need to limit on what sites web-wide
and site-wide exceptions can be requested?  If not, as long as the request
for the exception is clear and informs the user on what they are providing
an exception to (ie. meets the requirements the WG agrees to for asking
for an exception), why do we need to limit which site(s) the exceptions
can be made from?

-Vinay
________________________________________
Vinay Goel | Privacy Product Manager | Adobe Systems | Office: 917.934.0867

On 5/14/12 4:04 PM, "Matthias Schunter" <mts-std@schunter.org> wrote:

>Hi Team,
>
>I've reviewed our discussion so far and I would like to double-check
>that the following statements are indeed our current consensus.
>
>Proposed CONSENSUS to be verified
>1. Purpose/Scope:   User-granted exceptions allow sites and third
>parties to signal the desire to be exempted from the requirements under
>DNT;1
>2. We agreed that web-wide exceptions (widget as third parties on all
>sites) should be implemented
>3. We agreed that site-wide exceptions (any third party on a given site)
>should be implemented
>4. User-granted exceptions are managed and stored by the user-agent
>    (while out-of-band exceptions are stored and managed by the site)
>
>Did we also agree on?
>A) Web-wide exceptions should only be permitted to be requested by the
>site you are visiting (e.g.,
>      only when being on the widget-provider site can the provider ask
>for a web-wide exception)
>B) Site-wide exceptions should only be permittted to be requested by
>the site you are visiting
>C) The response to a request should reflect the user preference
>expressed at this point in time
>    [e.g., saying OK to a web-wide exception should only be done if
>subsequently you will
>      sent DNT;0 to the widget provider [assuming no further preference
>input/change has been made]]
>
>Please reply if you cannot live with these statements or if I
>misrepresented the current state of our discussion.
>We can then discuss this topic further during this wednesday's call. For
>the explicit/explicit discussion, I will send a separate mail.
>
>
>Regards,
>matthias
>
>
>
>
>
>
>
>
>

Confidentiality Notice: The contents of this e-mail (including any attachments) may be confidential to the intended recipient, and may contain information that is privileged and/or exempt from disclosure under applicable law. If you are not the intended recipient, please immediately notify the sender and destroy the original e-mail and any attachments (and any copies that may have been made) from your system or otherwise. Any unauthorized use, copying, disclosure or distribution of this information is strictly prohibited. <ACL>

Received on Monday, 14 May 2012 15:43:39 UTC