tracking-ISSUE-149: Compliance section for user agents [Tracking Definitions and Compliance] from Tracking Protection Working Group Issue Tracker on 2012-05-30 (public-tracking@w3.org from May 2012)

From: Tracking Protection Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Wed, 30 May 2012 02:38:56 +0000
To: public-tracking@w3.org
Message-Id: <E1SZYoK-0001VF-2D@tibor.w3.org>

tracking-ISSUE-149: Compliance section for user agents [Tracking Definitions and Compliance]

http://www.w3.org/2011/tracking-protection/track/issues/149

Raised by: Aleecia McDonald
On product: Tracking Definitions and Compliance

We have some related sub-issues we may need to break out, or perhaps we can do this as one. We will talk as a group to see which of the itemized points below are things we wish to take on. I expect we will need to create a new section in the Compliance document specifically about user agents.

First, and a motivating factor underlying other issues, we have the example of the AVG anti-spyware package enabling DNT:1 for new users who purchase their product. As a group, we have discussed the idea that users must be making some choice for privacy -- perhaps via slider, or by downloading MyPrivateWebBrowser, or something -- in order for them to send DNT:1. Reasonable people who were part of those discussions are disagreeing as to whether installing AVG counts as a decision for privacy, or not. This is problematic. Whatever decision we make as a group, we need to (a) be clear about it ourselves so we can (b) write it down clearly for others.

Second, due to multiple addons that support Do Not Track, there could be conflicts. For example, a user could turn off DNT (not unset, actually off, sending DNT:0) in Firefox, yet install Abine's "Do Not Track Plus" addon (which sends DNT:1). More fun, users could have three different addons, each with a different value. Do we have either best practices or requirements for user agents here?

Third, while we have documented DNT as being on / off / unset, do we want to write that as a requirement for user agents? User interface is out of scope by charter, but we could require user agents to offer all three options. Currently we only state all three are possible values (which we do document well.)

Finally, we have issue-143 against the TPE document that is at least somewhat a compliance issue as well, around informed consent and browser choices. This is tied into many of the issues above. We may wish to add a new issue, or move issue-143 to a compliance issue for the time being, or neither.

Received on Wednesday, 30 May 2012 02:38:58 UTC