Privacy/TPWG/Proposals on Disregard signal

From W3C Wiki
< Privacy‎ | TPWG

Please see ISSUE-197 for the discussion.

Current text in the TPE Editors' draft

5.2.8 Disregarding (D)
A tracking status value of D means that the origin server is unable or unwilling to respect a tracking preference received from the requesting user agent. An origin server that sends this tracking status value must detail within the server's corresponding privacy policy the conditions under which a tracking preference might be disregarded.
For example, an origin server might disregard the DNT field received from specific user agents (or via specific network intermediaries) that are deemed to be non-conforming, might be collecting additional data from specific source network locations due to prior security incidents, or might be compelled to disregard certain DNT requests to comply with a local law, regulation, or order.
Note that the D tracking status value is meant to be used only in situations that can be adequately described to users as an exception to normal behavior. An origin server that responds with D in ways that are inconsistent with their other published and unexpired claims regarding tracking is likely to be considered misleading.

Proposal 1 - Remove third paragraph

By David Wainberg via email from December 11, 2013:

Delete the following sentence from the third paragraph “Note that the D tracking status value is meant to be used only in situations that can be adequately described to users as an exception to normal behavior.”

Proposal 2

By David Singer via email on December 20 as alternative to the third paragraph:

"Note: This specification was written assuming that the D tracking status value would be used only in situations that can be adequately described to users as an exception to normal behavior. If this turns out not to be the case, either the logic that is leading to the D signal may need re-examination, or this specification, or both."

Proposal 3: Prohibit judgement of headers beyond syntax

Proposal from Walter van Holst, updated December 18:

Replace existing paragraphs with:

In light of the fact that it is fundamentally impossible to validate any HTTP-headers beyond their syntax, nothing in this TPE MUST be interpreted as judgement of the validity of a DNT signal, regardless of its content, beyond the extent to which it adheres to the syntax of this TPE. Any calls beyond that MUST be left to the applicable compliance regime.
Retrieved from "https://www.w3.org/wiki/index.php?title=Privacy/TPWG/Proposals_on_Disregard_signal&oldid=71502"