Privacy/TPWG/Proposals on Disregard signal
Please see ISSUE-197 for the discussion.
Current text in the TPE Editors' draft
- 5.2.8 Disregarding (D)
- For example, an origin server might disregard the DNT field received from specific user agents (or via specific network intermediaries) that are deemed to be non-conforming, might be collecting additional data from specific source network locations due to prior security incidents, or might be compelled to disregard certain DNT requests to comply with a local law, regulation, or order.
- Note that the D tracking status value is meant to be used only in situations that can be adequately described to users as an exception to normal behavior. An origin server that responds with D in ways that are inconsistent with their other published and unexpired claims regarding tracking is likely to be considered misleading.
Proposal 1 - Remove third paragraph
By David Wainberg via email from December 11, 2013:
- Delete the following sentence from the third paragraph “Note that the D tracking status value is meant to be used only in situations that can be adequately described to users as an exception to normal behavior.”
By David Singer via email on December 20 as alternative to the third paragraph:
- "Note: This specification was written assuming that the D tracking status value would be used only in situations that can be adequately described to users as an exception to normal behavior. If this turns out not to be the case, either the logic that is leading to the D signal may need re-examination, or this specification, or both."
Proposal 3: Prohibit judgement of headers beyond syntax
Proposal from Walter van Holst, updated December 18:
Replace existing paragraphs with:
- In light of the fact that it is fundamentally impossible to validate any HTTP-headers beyond their syntax, nothing in this TPE MUST be interpreted as judgement of the validity of a DNT signal, regardless of its content, beyond the extent to which it adheres to the syntax of this TPE. Any calls beyond that MUST be left to the applicable compliance regime.