tracking-dnt-LCWD.txt   tracking-dnt-20141217.txt 
W3C W3C
Tracking Preference Expression (DNT) Tracking Preference Expression (DNT)
W3C Last Call Working Draft 24 April 2014 W3C Editor's Draft 17 December 2014
This version: This version:
http://www.w3.org/TR/2014/WD-tracking-dnt-20140424/ http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html
Latest published version: Latest published version:
http://www.w3.org/TR/tracking-dnt/ http://www.w3.org/TR/tracking-dnt/
Latest editor's draft: Latest editor's draft:
http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html
Previous version:
http://www.w3.org/TR/2014/WD-tracking-dnt-20140128/
Editors: Editors:
Roy T. Fielding, Adobe Roy T. Fielding, Adobe
David Singer, Apple David Singer, Apple
Copyright (c) 2014 W3C(R) (MIT, ERCIM, Keio, Beihang), All Rights Copyright (c) 2014 W3C(R) (MIT, ERCIM, Keio, Beihang), All Rights
Reserved. W3C liability, trademark and document use rules apply. Reserved. W3C liability, trademark and document use rules apply.
---------------------------------------------------------------------- ----------------------------------------------------------------------
Abstract Abstract
This specification defines the DNT request header field as an HTTP This specification defines the DNT request header field as an HTTP
skipping to change at line 45 skipping to change at line 42
honor a received preference through use of the Tk response header field honor a received preference through use of the Tk response header field
and well-known resources that provide a machine-readable tracking status. and well-known resources that provide a machine-readable tracking status.
Status of This Document Status of This Document
This section describes the status of this document at the time of its This section describes the status of this document at the time of its
publication. Other documents may supersede this document. A list of publication. Other documents may supersede this document. A list of
current W3C publications and the latest revision of this technical report current W3C publications and the latest revision of this technical report
can be found in the W3C technical reports index at http://www.w3.org/TR/. can be found in the W3C technical reports index at http://www.w3.org/TR/.
This document was published by the Tracking Protection Working Group as a This document is an editors' straw man reflecting a snapshot of live
Last Call Working Draft on 24 April 2014. This document is intended to discussions within the Tracking Protection Working Group. It does not yet
become a W3C Recommendation. If you wish to make comments regarding this capture all of our work and does not constitute working group consensus.
document, please send them to public-tracking-comments@w3.org (subscribe, Text in option boxes (highlighted with light blue background color)
archives). All comments are publicly archived; if you have not used W3C present options that the group is currently considering, particularly
mailing lists in the past, you will need to approve archiving where consensus is known to be lacking, and should be read as a set of
(instructions are sent via email auto-reply) before your comments will be proposals rather than as limitations on the potential outcome. An issue
distributed. The Last Call period ends 18 June 2014. All comments are tracking system is available for recording raised, open, pending review,
welcome. closed, and postponed issues regarding this document.
The Tracking Protection Working Group invites broad community review,
especially of technical requirements and dependencies. Reviewers are
encouraged to comment on the extent to which technical requirements of the
group's charter have been met and how significant dependencies with groups
inside and outside W3C have been satisfied. The Working Group will
evaluate all comments received and determine whether or how the
specification needs to be modified in light of the comments. Comments will
be most useful in identifying technical problems with the TPE that might
inhibit adoption, or where the TPE fails to further goals of user privacy
and user control, and whether the TPE creates or does not otherwise
resolve dependencies with other technical standards, practices, or
processes. The Chairs of the Working Group will issue written responses to
all comments received.
Of note, this document does not define site behavior for complying with a
user's expressed tracking preference, but does provide sites with a
mechanism for indicating compliance. The Tracking Compliance and Scope
[TCS] specification which standardizes how sites should respond to Do Not
Track requests, including what information may be collected for limited
permitted uses despite a Do Not Track signal, is under discussion. The
Tracking Protection Working Group expects that specification to proceed to
Last Call in the summer of 2014. Both specifications are currently
scheduled to go to Candidate Recommendation in December 2014.
Readers may review changes from the previous Working Draft; in particular, This document was published by the Tracking Protection Working Group as an
recent changes include: updated definitions, revised requirements on Editor's Draft. If you wish to make comments regarding this document,
determining a user preference, and a media type. An issue tracking system please send them to public-tracking@w3.org (subscribe, archives). All
is available for recording issues regarding this document and their comments are welcome.
resolutions.
Publication as a Last Call Working Draft does not imply endorsement by the Publication as an Editor's Draft does not imply endorsement by the W3C
W3C Membership. This is a draft document and may be updated, replaced or Membership. This is a draft document and may be updated, replaced or
obsoleted by other documents at any time. It is inappropriate to cite this obsoleted by other documents at any time. It is inappropriate to cite this
document as other than work in progress. document as other than work in progress.
This is a Last Call Working Draft and thus the Working Group has
determined that this document has satisfied the relevant technical
requirements and is sufficiently stable to advance through the Technical
Recommendation process.
This document was produced by a group operating under the 5 February 2004 This document was produced by a group operating under the 5 February 2004
W3C Patent Policy. W3C maintains a public list of any patent disclosures W3C Patent Policy. W3C maintains a public list of any patent disclosures
made in connection with the deliverables of the group; that page also made in connection with the deliverables of the group; that page also
includes instructions for disclosing a patent. An individual who has includes instructions for disclosing a patent. An individual who has
actual knowledge of a patent which the individual believes contains actual knowledge of a patent which the individual believes contains
Essential Claim(s) must disclose the information in accordance with Essential Claim(s) must disclose the information in accordance with
section 6 of the W3C Patent Policy. section 6 of the W3C Patent Policy.
This document is governed by the 1 August 2014 W3C Process Document.
Table of Contents Table of Contents
* 1. Introduction * 1. Introduction
* 2. Terminology * 2. Terminology
* 3. Notational Conventions * 3. Notational Conventions
* 3.1 Requirements * 3.1 Requirements
* 3.2 Formal Syntax * 3.2 Formal Syntax
* 4. Determining User Preference * 4. Determining User Preference
* 5. Expressing a Tracking Preference * 5. Expressing a Tracking Preference
* 5.1 Expression Format * 5.1 Expression Format
* 5.2 DNT Header Field for HTTP Requests * 5.2 DNT Header Field for HTTP Requests
* 5.3 JavaScript Property to Detect Preference * 5.3 JavaScript Property to Detect Preference
* 5.4 Tracking Preference Expressed in Other Protocols * 5.4 Tracking Preference Expressed in Other Protocols
* 6. Communicating a Tracking Status * 6. Communicating a Tracking Status
* 6.1 Overview * 6.1 Overview
* 6.2 Tracking Status Value * 6.2 Tracking Status Value
* 6.2.1 Definition * 6.2.1 Definition
* 6.2.2 Under Construction (!) * 6.2.2 Under Construction (!)
* 6.2.3 Dynamic (?) * 6.2.3 Dynamic (?)
* 6.2.4 Not Tracking (N) * 6.2.4 Gateway (G)
* 6.2.5 Tracking (T) * 6.2.5 Not Tracking (N)
* 6.2.6 Consent (C) * 6.2.6 Tracking (T)
* 6.2.7 Potential Consent (P) * 6.2.7 Consent (C)
* 6.2.8 Disregarding (D) * 6.2.8 Potential Consent (P)
* 6.2.9 Updated (U) * 6.2.9 Disregarding (D)
* 6.2.10 Updated (U)
* 6.3 Tk Header Field for HTTP Responses * 6.3 Tk Header Field for HTTP Responses
* 6.3.1 Definition * 6.3.1 Definition
* 6.3.2 Referring to a Request-specific Tracking Status * 6.3.2 Referring to a Request-specific Tracking Status
Resource Resource
* 6.3.3 Indicating an Interactive Status Change * 6.3.3 Indicating an Interactive Status Change
* 6.4 Tracking Status Resource * 6.4 Tracking Status Resource
* 6.4.1 Site-wide Tracking Status * 6.4.1 Site-wide Tracking Status
* 6.4.2 Request-specific Tracking Status * 6.4.2 Request-specific Tracking Status
* 6.4.3 Status Checks are Not Tracked * 6.4.3 Status Checks are Not Tracked
* 6.4.4 Caching * 6.4.4 Caching
skipping to change at line 219 skipping to change at line 189
Users need a mechanism to express their own preferences regarding tracking Users need a mechanism to express their own preferences regarding tracking
that is both simple to configure and efficient when implemented. However, that is both simple to configure and efficient when implemented. However,
merely expressing a preference does not imply that all recipients will be merely expressing a preference does not imply that all recipients will be
able to comply. In some cases, a server might be dependent on some forms able to comply. In some cases, a server might be dependent on some forms
of tracking and is unwilling or unable to turn that off. In other cases, a of tracking and is unwilling or unable to turn that off. In other cases, a
server might perform only limited forms of tracking that would be server might perform only limited forms of tracking that would be
acceptable to most users. Servers need mechanisms for communicating their acceptable to most users. Servers need mechanisms for communicating their
tracking behavior and for storing user-granted exceptions after the user tracking behavior and for storing user-granted exceptions after the user
has made an informed choice. has made an informed choice.
This specification defines Hypertext Transfer Protocol [HTTP] elements for This specification extends Hypertext Transfer Protocol (HTTP) semantics
communicating the user's tracking preference (if any) and communicating [RFC7231] to communicate a user's tracking preference, if any, and an
the server's tracking behavior (if any). The DNT request header field is origin server's tracking behavior. The DNT request header field is defined
defined for communicating the user's tracking preference for the request for communicating the user's tracking preference for the request target. A
target. A well-known URI for a tracking status resource and the Tk well-known URI for a tracking status resource and the Tk response header
response header field are defined for communicating the server's tracking field are defined for communicating the server's tracking behavior. In
behavior. In addition, JavaScript APIs are defined for enabling scripts to addition, JavaScript APIs are defined for enabling scripts to determine
determine DNT status and register a user-granted exception. DNT status and register a user-granted exception.
This specification does not define requirements on what a recipient needs This specification does not define requirements on what a recipient needs
to do to comply with a user's expressed tracking preference, except for to do to comply with a user's expressed tracking preference, except for
the means by which such compliance is communicated. Instead, the tracking the means by which such compliance is communicated. Instead, the tracking
status provides the ability to identify a set of compliance regimes to status provides the ability to identify a set of compliance regimes to
which the server claims to comply, with the assumption being that each which the server claims to comply, with the assumption being that each
regime defines its own requirements on compliant behavior. For example, regime defines its own requirements on compliant behavior. For example,
[TCS] is a work-in-progress that intends to define such a compliance [TCS] is a work-in-progress that intends to define such a compliance
regime. regime.
skipping to change at line 248 skipping to change at line 218
Tracking is the collection of data regarding a particular user's activity Tracking is the collection of data regarding a particular user's activity
across multiple distinct contexts and the retention, use, or sharing of across multiple distinct contexts and the retention, use, or sharing of
data derived from that activity outside the context in which it occurred. data derived from that activity outside the context in which it occurred.
A context is a set of resources that are controlled by the same party or A context is a set of resources that are controlled by the same party or
jointly controlled by a set of parties. jointly controlled by a set of parties.
A user is a natural person who is making, or has made, use of the Web. A user is a natural person who is making, or has made, use of the Web.
A user agent is any of the various client programs capable of initiating A user agent is any of the various client programs capable of initiating
HTTP requests [HTTP], including (but not limited to) browsers, spiders HTTP requests, including (but not limited to) browsers, spiders (web-based
(web-based robots), command-line tools, custom applications, and mobile robots), command-line tools, custom applications, and mobile apps
apps. [RFC7230].
A network interaction is a single HTTP request and its corresponding A network interaction is a single HTTP request and its corresponding
response(s): zero or more interim (1xx) responses and a single final response(s): zero or more interim (1xx) responses and a single final
(2xx-5xx) response. (2xx-5xx) response.
A user action is a deliberate action by the user, via configuration, A user action is a deliberate action by the user, via configuration,
invocation, or selection, to initiate a network interaction. Selection of invocation, or selection, to initiate a network interaction. Selection of
a link, submission of a form, and reloading a page are examples of user a link, submission of a form, and reloading a page are examples of user
actions. User activity is any set of such user actions. actions. User activity is any set of such user actions.
skipping to change at line 310 skipping to change at line 280
3. Notational Conventions 3. Notational Conventions
3.1 Requirements 3.1 Requirements
The key words must, must not, required, should, should not, recommended, The key words must, must not, required, should, should not, recommended,
may, and optional in this specification are to be interpreted as described may, and optional in this specification are to be interpreted as described
in [RFC2119]. in [RFC2119].
3.2 Formal Syntax 3.2 Formal Syntax
This specification uses Augmented Backus-Naur Form [ABNF] to define This specification uses the Augmented Backus-Naur Form (ABNF) notation of
network protocol syntax and WebIDL [WEBIDL] for defining scripting APIs. [RFC5234] to define network protocol syntax and WebIDL [WEBIDL] to define
scripting APIs. Conformance criteria and considerations regarding error
handling are defined in Section 2.5 of [RFC7230].
4. Determining User Preference 4. Determining User Preference
The goal of this protocol is to allow a user to express their personal The goal of this protocol is to allow a user to express their personal
preference regarding tracking to each server and web application that they preference regarding tracking to each server and web application that they
communicate with via HTTP, thereby allowing recipients of that preference communicate with via HTTP, thereby allowing recipients of that preference
to adjust tracking behavior accordingly or to reach a separate agreement to adjust tracking behavior accordingly or to reach a separate agreement
with the user that satisfies all parties. with the user that satisfies all parties.
Key to that notion of expression is that the signal sent MUST reflect the Key to that notion of expression is that the signal sent MUST reflect the
skipping to change at line 433 skipping to change at line 405
appropriate for the given user, particularly when considered in light of appropriate for the given user, particularly when considered in light of
the user's privacy expectations and cultural circumstances. Likewise, the user's privacy expectations and cultural circumstances. Likewise,
servers might make use of other preference information outside the scope servers might make use of other preference information outside the scope
of this protocol, such as site-specific user preferences or third-party of this protocol, such as site-specific user preferences or third-party
registration services, to inform or adjust their behavior when no explicit registration services, to inform or adjust their behavior when no explicit
preference is expressed via this protocol. preference is expressed via this protocol.
5.2 DNT Header Field for HTTP Requests 5.2 DNT Header Field for HTTP Requests
The DNT header field is a mechanism for expressing the user's tracking The DNT header field is a mechanism for expressing the user's tracking
preference in an HTTP request [HTTP]. preference in an HTTP request ([RFC7230]).
DNT-field-name = "DNT" DNT-field-name = "DNT"
DNT-field-value = ( "0" / "1" ) *DNT-extension DNT-field-value = ( "0" / "1" ) *DNT-extension
A user agent MUST NOT generate a DNT header field if the user's tracking A user agent MUST NOT generate a DNT header field if the user's tracking
preference is not enabled. preference is not enabled.
A user agent MUST generate a DNT header field with a field-value that A user agent MUST generate a DNT header field with a field-value that
begins with the numeric character "1" (%x31) if the user's tracking begins with the numeric character "1" if the user's tracking preference is
preference is enabled, their preference is for DNT:1, and no exception has enabled, their preference is for DNT:1, and no exception has been granted
been granted for the request target (see section 7. User-Granted for the request target (see section 7. User-Granted Exceptions).
Exceptions).
A user agent MUST generate a DNT header field with a field-value that A user agent MUST generate a DNT header field with a field-value that
begins with the numeric character "0" (%x30) if the user's tracking begins with the numeric character "0" if the user's tracking preference is
preference is enabled and their preference is for DNT:0, or if an enabled and their preference is for DNT:0, or if an exception has been
exception has been granted for the request target. granted for the request target.
A proxy MUST NOT generate a DNT header field unless it has been A proxy MUST NOT generate a DNT header field unless it has been
specifically installed or configured to do so by the user making the specifically installed or configured to do so by the user making the
request and adheres to the above requirements as if it were a user agent. request and adheres to the above requirements as if it were a user agent.
Example 1 Example 1
GET /something/here HTTP/1.1 GET /something/here HTTP/1.1
Host: example.com Host: example.com
DNT: 1 DNT: 1
skipping to change at line 488 skipping to change at line 459
User agents that do not implement DNT extensions MUST NOT send User agents that do not implement DNT extensions MUST NOT send
DNT-extension characters in the DNT field-value. Servers that do not DNT-extension characters in the DNT field-value. Servers that do not
implement DNT extensions SHOULD ignore anything beyond the first implement DNT extensions SHOULD ignore anything beyond the first
character. character.
Note Note
The extension syntax is restricted to visible ASCII characters that can be The extension syntax is restricted to visible ASCII characters that can be
parsed as a single word in HTTP and safely embedded in a JSON string parsed as a single word in HTTP and safely embedded in a JSON string
without further encoding (section 6.5 Tracking Status Representation). At without further encoding (section 6.5 Tracking Status Representation). At
most one DNT header field can be present in a valid request [HTTP]. most one DNT header field can be present in a valid request [RFC7230].
5.3 JavaScript Property to Detect Preference 5.3 JavaScript Property to Detect Preference
The doNotTrack property enables a client-side script with read access to The doNotTrack property enables a client-side script with read access to
the Window object to determine what DNT header field value would be sent the Navigator object to determine what DNT header field value would be
in requests to the document-origin, taking into account the user's general sent in requests to the document-origin, taking into account the user's
preference (if any) and any user-granted exceptions applicable to that general preference (if any) and any user-granted exceptions applicable to
origin server. that origin server.
partial interface Window { partial interface Navigator {
readonly attribute DOMString doNotTrack; readonly attribute DOMString? doNotTrack;
}; };
doNotTrack of type DOMString, readonly doNotTrack of type DOMString, readonly , nullable
Returns the same string value that would be sent in a Returns the same string value that would be sent in a
DNT-field-value (section 5.2 DNT Header Field for HTTP Requests) DNT-field-value (section 5.2 DNT Header Field for HTTP Requests)
to a target that is the document-origin of the window, in the to a target that is the document-origin of the window, in the
browser context of the current top-level origin. The value is null browser context of the current top-level origin. The value is null
if no DNT header field would be sent (e.g., because a tracking if no DNT header field would be sent (e.g., because a tracking
preference is not enabled). preference is not enabled).
Note
Note that the value includes not only the "0" or "1", but also any
DNT-extension; if no DNT header is sent, the return value is null, not an
empty string (which would indicate that a header is sent with no
DNT-field-value).
5.4 Tracking Preference Expressed in Other Protocols 5.4 Tracking Preference Expressed in Other Protocols
A user's tracking preference is intended to apply in general, regardless A user's tracking preference is intended to apply in general, regardless
of the protocols being used for Internet communication. However, it is of the protocols being used for Internet communication. However, it is
beyond the scope of this specification to define how a user's tracking beyond the scope of this specification to define how a user's tracking
preference might be communicated via protocols other than HTTP. preference might be communicated via protocols other than HTTP.
6. Communicating a Tracking Status 6. Communicating a Tracking Status
6.1 Overview 6.1 Overview
skipping to change at line 545 skipping to change at line 523
resource is any resource on the same origin server. For a Tk response resource is any resource on the same origin server. For a Tk response
header field, the target resource of the corresponding request is the header field, the target resource of the corresponding request is the
designated resource, and remains so for any subsequent request-specific designated resource, and remains so for any subsequent request-specific
tracking status resource referred to by the Tk field value. tracking status resource referred to by the Tk field value.
The tracking status value is case sensitive, as defined formally by the The tracking status value is case sensitive, as defined formally by the
following ABNF. following ABNF.
TSV = %x21 ; "!" - under construction TSV = %x21 ; "!" - under construction
/ %x3F ; "?" - dynamic / %x3F ; "?" - dynamic
/ %x47 ; "G" - gateway to multiple parties
/ %x4E ; "N" - not tracking / %x4E ; "N" - not tracking
/ %x54 ; "T" - tracking / %x54 ; "T" - tracking
/ %x43 ; "C" - tracking with consent / %x43 ; "C" - tracking with consent
/ %x50 ; "P" - tracking only if consented / %x50 ; "P" - tracking only if consented
/ %x44 ; "D" - disregarding DNT / %x44 ; "D" - disregarding DNT
/ %x55 ; "U" - updated / %x55 ; "U" - updated
6.2.2 Under Construction (!) 6.2.2 Under Construction (!)
skipping to change at line 576 skipping to change at line 555
information to determine tracking status, usually because the designated information to determine tracking status, usually because the designated
resource dynamically adjusts behavior based on information in a request. resource dynamically adjusts behavior based on information in a request.
If ? is present in the site-wide tracking status, the origin server MUST If ? is present in the site-wide tracking status, the origin server MUST
send a Tk header field in all responses to requests on the designated send a Tk header field in all responses to requests on the designated
resource. If ? is present in the Tk header field, more information will be resource. If ? is present in the Tk header field, more information will be
provided in a request-specific tracking status resource referred to by the provided in a request-specific tracking status resource referred to by the
status-id. An origin server MUST NOT send ? as the tracking status value status-id. An origin server MUST NOT send ? as the tracking status value
in the representation of a request-specific tracking status resource. in the representation of a request-specific tracking status resource.
6.2.4 Not Tracking (N) 6.2.4 Gateway (G)
A tracking status value of G means the server is acting as a gateway to an
exchange involving multiple parties. This might occur if a response to the
designated resource involves an automated selection process, such as
dynamic bidding, where the party that is selected determines how the
request data will be treated with respect to an expressed tracking
preference. Similar to the ? value, the G TSV indicates that the actual
tracking status is dynamic and will be provided in the response message's
Tk header field, presumably using information forwarded from the selected
party.
This tracking status value is only valid as a site-wide status. A server
MUST NOT send G as the tracking status value in a Tk header field or
within the representation of a request-specific tracking status resource.
If G is present in the site-wide tracking status:
* the gateway MUST send a link within its site-wide tracking status
representation to a privacy policy that explains what limitations are
placed on parties that might receive data via that gateway;
* the gateway MUST forward any expressed tracking preference in the
request to each party that receives data from that request;
* the gateway MUST have a contract in place with each of the parties to
whom it provides request data such that only the selected party is
allowed to retain tracking data from a request with an expressed
tracking preference of DNT:1; and,
* the gateway MUST send a Tk header field in responses to requests on
the designated resource and include within that field's value a
status-id specific to the selected party, such that information about
the selected party can be obtained via the request-specific tracking
status resource (see section 6.4.2 Request-specific Tracking Status).
With respect to tracking performed by the gateway itself, the G response
can be considered equivalent to the T (tracking) response defined below.
The other information within the site-wide tracking status representation
indicates how the gateway intends to comply with an expressed tracking
preference, aside from the potential sharing of data implied by the
gateway process.
6.2.5 Not Tracking (N)
A tracking status value of N means the origin server claims that data A tracking status value of N means the origin server claims that data
collected via the designated resource is not used for tracking and will collected via the designated resource is not used for tracking and will
not be combined with other data in a form that would enable tracking. not be combined with other data in a form that would enable tracking.
6.2.5 Tracking (T) 6.2.6 Tracking (T)
A tracking status value of T means the origin server might perform or A tracking status value of T means the origin server might perform or
enable tracking using data collected via the designated resource. enable tracking using data collected via the designated resource.
Information provided in the tracking status representation might indicate Information provided in the tracking status representation might indicate
whether such tracking is limited to a set of commonly accepted uses or whether such tracking is limited to a set of commonly accepted uses or
adheres to one or more compliance regimes. adheres to one or more compliance regimes.
6.2.6 Consent (C) 6.2.7 Consent (C)
A tracking status value of C means that the origin server believes it has A tracking status value of C means that the origin server believes it has
received prior consent for tracking this user, user agent, or device, received prior consent for tracking this user, user agent, or device,
perhaps via some mechanism not defined by this specification, and that perhaps via some mechanism not defined by this specification, and that
prior consent overrides the tracking preference expressed by this prior consent overrides the tracking preference expressed by this
protocol. An origin server that sends the C tracking status value for a protocol. An origin server that sends the C tracking status value for a
designated resource MUST provide a reference for controlling consent designated resource MUST provide a reference for controlling consent
within the config property of its corresponding tracking status within the config property of its corresponding tracking status
representation (section 6.5 Tracking Status Representation). representation (section 6.5 Tracking Status Representation).
6.2.7 Potential Consent (P) 6.2.8 Potential Consent (P)
A tracking status value of P means that the origin server does not know, A tracking status value of P means that the origin server does not know,
in real-time, whether it has received prior consent for tracking this in real-time, whether it has received prior consent for tracking this
user, user agent, or device, but promises not to use or share any DNT:1 user, user agent, or device, but promises not to use or share any DNT:1
data until such consent has been determined, and further promises to data until such consent has been determined, and further promises to
delete or de-identify within forty-eight hours any DNT:1 data received for delete or de-identify within forty-eight hours any DNT:1 data received for
which such consent has not been received. which such consent has not been received.
Since this status value does not itself indicate whether a specific Since this status value does not itself indicate whether a specific
request is tracked, an origin server that sends a P tracking status value request is tracked, an origin server that sends a P tracking status value
skipping to change at line 623 skipping to change at line 642
representation that links to a resource for obtaining consent status. representation that links to a resource for obtaining consent status.
The P tracking status value is specifically meant to address audience The P tracking status value is specifically meant to address audience
survey systems for which determining consent at the time of a request is survey systems for which determining consent at the time of a request is
either impractical, due to legacy systems not being able to keep up with either impractical, due to legacy systems not being able to keep up with
Web traffic, or potentially "gamed" by first party sites if they can Web traffic, or potentially "gamed" by first party sites if they can
determine which of their users have consented. The data cannot be used for determine which of their users have consented. The data cannot be used for
the sake of personalization. If consent can be determined at the time of a the sake of personalization. If consent can be determined at the time of a
request, the C tracking status is preferred. request, the C tracking status is preferred.
6.2.8 Disregarding (D) 6.2.9 Disregarding (D)
A tracking status value of D means that the origin server is unable or A tracking status value of D means that the origin server is unable or
unwilling to respect a tracking preference received from the requesting unwilling to respect a tracking preference received from the requesting
user agent. An origin server that sends the D tracking status value MUST user agent. An origin server that sends the D tracking status value MUST
detail within the server's corresponding privacy policy the conditions detail within the server's corresponding privacy policy the conditions
under which a tracking preference might be disregarded. under which a tracking preference might be disregarded.
For example, an origin server might disregard the DNT field received from For example, an origin server might disregard the DNT field received from
specific user agents (or via specific network intermediaries) that are specific user agents (or via specific network intermediaries) that are
deemed to be non-conforming, might be collecting additional data from deemed to be non-conforming, might be collecting additional data from
skipping to change at line 646 skipping to change at line 665
local law, regulation, or order. local law, regulation, or order.
Note Note
This specification is written with an assumption that the D tracking This specification is written with an assumption that the D tracking
status value would only be used in situations that can be adequately status value would only be used in situations that can be adequately
described to users as an exception to normal behavior. If this turns out described to users as an exception to normal behavior. If this turns out
not to be the case, either the server's decision to send the D signal not to be the case, either the server's decision to send the D signal
needs re-examination, or this specification, or both. needs re-examination, or this specification, or both.
6.2.9 Updated (U) 6.2.10 Updated (U)
A tracking status value of U means that the request resulted in a A tracking status value of U means that the request resulted in a
potential change to the tracking status applicable to this user, user potential change to the tracking status applicable to this user, user
agent, or device. A user agent that relies on a cached tracking status agent, or device. A user agent that relies on a cached tracking status
SHOULD update the cache entry with the current status by making a new SHOULD update the cache entry with the current status by making a new
request on the applicable tracking status resource. request on the applicable tracking status resource.
An origin server MUST NOT send U as a tracking status value anywhere other An origin server MUST NOT send U as a tracking status value anywhere other
than a Tk header field that is in response to a state-changing request. than a Tk header field that is in response to a state-changing request.
6.3 Tk Header Field for HTTP Responses 6.3 Tk Header Field for HTTP Responses
6.3.1 Definition 6.3.1 Definition
The Tk response header field is hereby defined as an OPTIONAL means for The Tk response header field is a means for indicating the tracking status
indicating the tracking status that applied to the corresponding request that applied to the corresponding request. An origin server is REQUIRED to
and as a REQUIRED means for indicating that a state-changing request has send a Tk header field if its site-wide tracking status value is ?
resulted in an interactive change to the tracking status. (dynamic) or G (gateway), or when an interactive change is made to the
tracking status and indicated by U (updated).
Tk-field-name = "Tk" Tk-field-name = "Tk"
Tk-field-value = TSV [ ";" status-id ] Tk-field-value = TSV [ ";" status-id ]
The Tk field-value begins with a tracking status value (section 6.2 The Tk field-value begins with a tracking status value (section 6.2
Tracking Status Value), optionally followed by a semicolon and a status-id Tracking Status Value), optionally followed by a semicolon and a status-id
that refers to a request-specific tracking status resource (section 6.3.2 that refers to a request-specific tracking status resource (section 6.3.2
Referring to a Request-specific Tracking Status Resource). Referring to a Request-specific Tracking Status Resource).
skipping to change at line 687 skipping to change at line 707
Example 2 Example 2
Tk: N Tk: N
6.3.2 Referring to a Request-specific Tracking Status Resource 6.3.2 Referring to a Request-specific Tracking Status Resource
If an origin server has multiple, request-specific tracking policies, such If an origin server has multiple, request-specific tracking policies, such
that the tracking status might differ depending on some aspect of the that the tracking status might differ depending on some aspect of the
request (e.g., method, target URI, header fields, data, etc.), the origin request (e.g., method, target URI, header fields, data, etc.), the origin
server MAY provide an additional subtree of well-known resources server can provide an additional subtree of well-known resources
corresponding to each of those distinct tracking statuses. The OPTIONAL corresponding to each of those distinct tracking statuses. The status-id
status-id portion of the Tk field-value indicates which specific tracking portion of the Tk field-value indicates which specific tracking status
status resource applies to the current request. resource applies to the current request. The status-id is case-sensitive.
status-id = 1*id-char status-id = 1*id-char
id-char = ALPHA / DIGIT / "_" / "-" / "+" / "=" / "/" id-char = ALPHA / DIGIT / "_" / "-" / "+" / "=" / "/"
For example, a response containing For example, a response containing
Example 3 Example 3
Tk: T;fRx42 Tk: T;fRx42
indicates that data collected via the target resource might be used for indicates that data collected via the target resource might be used for
tracking and that an applicable tracking status representation can be tracking and that an applicable tracking status representation can be
obtained by performing a retrieval request on obtained by performing a retrieval request on
/.well-known/dnt/fRx42 /.well-known/dnt/fRx42
If a Tk field-value has a tracking status value of ? (dynamic), then the Note that the status-id is resolved relative to the origin server of the
origin server MUST also send a status-id in the field-value. The status-id current request. A retrieval request targeting that URI can be redirected,
is case-sensitive. if desired, to some other server. The status-id has been intentionally
limited to a small set of characters to encourage use of short tokens
instead of potentially long, human-readable strings.
If a Tk field-value has a tracking status value of ? (dynamic), the origin
server MUST send a status-id in the field-value.
6.3.3 Indicating an Interactive Status Change 6.3.3 Indicating an Interactive Status Change
Interactive mechanisms might be used, beyond the scope of this Interactive mechanisms might be used, beyond the scope of this
specification, that have the effect of asking for and obtaining prior specification, that have the effect of asking for and obtaining prior
consent for tracking, or for modifying prior indications of consent. For consent for tracking, or for modifying prior indications of consent. For
example, the tracking status resource's status-object defines a config example, the tracking status resource's status-object defines a config
property that can refer to such a mechanism. Although such out-of-band property that can refer to such a mechanism. Although such out-of-band
mechanisms are not defined by this specification, their presence might mechanisms are not defined by this specification, their presence might
influence the tracking status object's response value. influence the tracking status object's response value.
skipping to change at line 761 skipping to change at line 786
representation can be cached, as described in section 6.4.4 Caching. representation can be cached, as described in section 6.4.4 Caching.
See section 6.7 Using the Tracking Status for examples of how tracking See section 6.7 Using the Tracking Status for examples of how tracking
status resources can be used to discover support for this protocol. status resources can be used to discover support for this protocol.
6.4.2 Request-specific Tracking Status 6.4.2 Request-specific Tracking Status
If an origin server has multiple, request-specific tracking policies, such If an origin server has multiple, request-specific tracking policies, such
that the tracking status might differ depending on some aspect of the that the tracking status might differ depending on some aspect of the
request (e.g., method, target URI, header fields, data, etc.), the origin request (e.g., method, target URI, header fields, data, etc.), the origin
server MAY provide an additional subtree of well-known resources server can provide an additional subtree of well-known resources
corresponding to each of those distinct tracking statuses. The Tk response corresponding to each of those distinct tracking statuses. The Tk response
header field (section 6.3 Tk Header Field for HTTP Responses) can include header field (section 6.3 Tk Header Field for HTTP Responses) can include
a status-id to indicate which specific tracking status resource applies to a status-id to indicate which specific tracking status resource applies to
the current request. the current request.
A tracking status resource space is defined by the following URI Template A tracking status resource space is defined by the following URI Template
[URI-TEMPLATE]: [RFC6570]:
/.well-known/dnt/{+status-id} /.well-known/dnt/{+status-id}
where the value of status-id is a string of URI-safe characters provided where the value of status-id is a string of URI-safe characters provided
by a Tk field-value in response to a prior request. For example, a prior by a Tk field-value in response to a prior request. For example, a prior
response containing response containing
Example 5 Example 5
Tk: ?;ahoy Tk: ?;ahoy
skipping to change at line 790 skipping to change at line 815
refers to the specific tracking status resource refers to the specific tracking status resource
/.well-known/dnt/ahoy /.well-known/dnt/ahoy
Resources within the request-specific tracking status resource space are Resources within the request-specific tracking status resource space are
represented using the same format as a site-wide tracking status resource. represented using the same format as a site-wide tracking status resource.
6.4.3 Status Checks are Not Tracked 6.4.3 Status Checks are Not Tracked
When sending a request for the tracking status, a user agent SHOULD When sending a request for the tracking status, a user agent SHOULD
include any cookie data [COOKIES] (set prior to the request) that would be include any cookie data [RFC6265] (set prior to the request) that would be
sent in a normal request to that origin server, since that data might be sent in a normal request to that origin server, since that data might be
needed by the server to determine the current tracking status. For needed by the server to determine the current tracking status. For
example, the cookie data might indicate a prior out-of-band decision by example, the cookie data might indicate a prior out-of-band decision by
the user to opt-out or consent to tracking by that origin server. the user to opt-out or consent to tracking by that origin server.
An origin server MUST NOT retain tracking data regarding requests on the An origin server MUST NOT retain tracking data regarding requests on the
site-wide tracking status resource or within the tracking status resource site-wide tracking status resource or within the tracking status resource
space, regardless of the presence, absence, or value of a DNT header space, regardless of the presence, absence, or value of a DNT header
field, cookies, or any other information in the request. In addition, an field, cookies, or any other information in the request. In addition, an
origin server MUST NOT send Set-Cookie or Set-Cookie2 header fields in origin server MUST NOT send Set-Cookie or Set-Cookie2 header fields in
responses to those requests, including the responses to redirected responses to those requests, including the responses to redirected
tracking status requests, and MUST NOT send a response having content that tracking status requests, and MUST NOT send a response having content that
initiates tracking beyond what was already present in the request. A user initiates tracking beyond what was already present in the request. A user
agent SHOULD ignore, or treat as an error, any Set-Cookie or Set-Cookie2 agent SHOULD ignore, or treat as an error, any Set-Cookie or Set-Cookie2
header field received in such a response. header field received in such a response.
6.4.4 Caching 6.4.4 Caching
If the tracking status is applicable to all users, regardless of the If the tracking status is applicable to all users, regardless of the
received DNT-field-value or other data received via the request, then the received DNT-field-value or other data received via the request, then the
origin server SHOULD mark the response as cacheable [HTTP-cache] and origin server SHOULD mark the response as cacheable [RFC7234] and assign a
assign a time-to-live (expiration or max-use) that is sufficient to enable time-to-live (expiration or max-use) that is sufficient to enable shared
shared caching but not greater than the earliest point at which the caching but not greater than the earliest point at which the service's
service's tracking behavior might increase. tracking behavior might increase.
For example, if the tracking status response is set to expire in seven For example, if the tracking status response is set to expire in seven
days, then the earliest point in time that the service's tracking behavior days, then the earliest point in time that the service's tracking behavior
can be increased is seven days after the tracking status representation can be increased is seven days after the tracking status representation
has been updated to reflect the new behavior, since old copies might has been updated to reflect the new behavior, since old copies might
persist in caches until the expiration is triggered. A service's tracking persist in caches until the expiration is triggered. A service's tracking
behavior can be reduced at any time, with or without a corresponding behavior can be reduced at any time, with or without a corresponding
change to the tracking status resource. change to the tracking status resource.
If the tracking status is only applicable to users that have the same If the tracking status is only applicable to users that have the same
skipping to change at line 1081 skipping to change at line 1106
6.6 Status Code for Tracking Required 6.6 Status Code for Tracking Required
If an origin server receives a request with DNT:1, does not have If an origin server receives a request with DNT:1, does not have
out-of-band consent for tracking this user, and wishes to deny access to out-of-band consent for tracking this user, and wishes to deny access to
the requested resource until the user provides some form of user-granted the requested resource until the user provides some form of user-granted
exception or consent for tracking, then the origin server SHOULD send a exception or consent for tracking, then the origin server SHOULD send a
409 (Conflict) response with a message payload that describes why the 409 (Conflict) response with a message payload that describes why the
request has been refused and how one might supply the required consent or request has been refused and how one might supply the required consent or
exception to avoid this conflict [HTTP-semantics]. exception to avoid this conflict [RFC7231].
The 409 response ought to include a user authentication mechanism in the The 409 response ought to include a user authentication mechanism in the
header fields and/or message body if user login is one of the ways through header fields and/or message body if user login is one of the ways through
which access is granted. which access is granted.
6.7 Using the Tracking Status 6.7 Using the Tracking Status
Note Note
This section is for collecting use cases that describe questions a user This section is for collecting use cases that describe questions a user
skipping to change at line 1236 skipping to change at line 1261
This section describes the effect of the APIs in terms of a logical This section describes the effect of the APIs in terms of a logical
processing model; this model describes the behavior, but is not to be read processing model; this model describes the behavior, but is not to be read
as mandating any specific implementation. as mandating any specific implementation.
This API considers exceptions which are double-keyed to two domains: the This API considers exceptions which are double-keyed to two domains: the
site, and the target. A user might - for instance - want AnalytiCo to be site, and the target. A user might - for instance - want AnalytiCo to be
allowed to track them on Example News, but not on Example Medical. To allowed to track them on Example News, but not on Example Medical. To
simplify language used in this API specification, we define three terms: simplify language used in this API specification, we define three terms:
* top-level origin is the domain name of the top-level document origin * top-level origin is a top-level browsing context as defined in [HTML5]
of this DOM: essentially the fully qualified domain name in the * A target site is the Host part of an HTTP URL as defined in [RFC3986]
address bar. * The document origin of a script is the effective script origin as
* A target site is a domain name which is the target of an HTTP request, defined in [HTML5]
and which may be an origin for embedded resources on the indicated
top-level origin.
* The document origin of a script is the domain of origin of the
document that caused that script to be loaded (not necessarily the
same as the origin of the script itself).
For instance, if the document at For instance, if the document at
http://web.exnews.com/news/story/2098373.html references the resources http://web.exnews.com/news/story/2098373.html references the resources
http://exnews.analytico.net/1x1.gif and http://exnews.analytico.net/1x1.gif and
http://widgets.exsocial.org/good-job-button.js, the top-level origin is http://widgets.exsocial.org/good-job-button.js, the top-level origin is
web.exnews.com; exnews.analytico.net and widgets.exsocial.org are both web.exnews.com; exnews.analytico.net and widgets.exsocial.org are both
targets. targets.
The domains that enter into the behavior of the APIs include: The domains that enter into the behavior of the APIs include:
skipping to change at line 1281 skipping to change at line 1301
The calls cause the following steps to occur (subject to user confirmation The calls cause the following steps to occur (subject to user confirmation
of the exception, if the user agent asks for it): of the exception, if the user agent asks for it):
* The UA adds to its local database one or more site-pair duplets * The UA adds to its local database one or more site-pair duplets
[document-origin, target]; one or other of these may be a wild-card [document-origin, target]; one or other of these may be a wild-card
("*"); ("*");
* While the user is browsing a given site (top-level origin), and a DNT * While the user is browsing a given site (top-level origin), and a DNT
header is to be sent to a target domain, if the duplet [top-level header is to be sent to a target domain, if the duplet [top-level
origin, target domain] matches any duplet in the database, then a origin, target domain] matches any duplet in the database, then a
DNT:0 header is sent, otherwise DNT:1 is sent. DNT:0 preference is sent, otherwise the user's general preference is
sent (if any).
A pair of duplets [A,B] and [X,Y] match if A matches X and B matches Y. A A pair of duplets [A,B] and [X,Y] match if A matches X and B matches Y. A
pair of values A and X match if and only if one of the following is true: pair of values A and X match if and only if one of the following is true:
* either A or X is "*"; * either A or X is "*";
* A and X are the same string; * A and X are the same string;
* A has the form '*.domain' and X is 'domain' or is of the form * A has the form '*.domain' and X is 'domain' or is of the form
'string.domain', where 'string' is any sequence of characters. 'string.domain', where 'string' is any sequence of characters.
In addition, responses to the JavaScript API indicated should be In addition, responses to the JavaScript API indicated should be
skipping to change at line 1337 skipping to change at line 1358
Parameter Type Nullable Optional Description Parameter Type Nullable Optional Description
properties StoreSiteSpecificExceptionPropertyBag * * properties StoreSiteSpecificExceptionPropertyBag * *
Return type: void Return type: void
dictionary StoreExceptionPropertyBag { dictionary StoreExceptionPropertyBag {
DOMString? domain; DOMString? domain;
DOMString? siteName; DOMString? siteName;
DOMString? explanationString; DOMString? explanationString;
DOMString? detailURI; DOMString? detailURI;
DOMString? expires;
long? maxAge;
}; };
detailURI of type DOMString, nullable detailURI of type DOMString, nullable
A location at which further information about this request can be A location at which further information about this request can be
found. found.
domain of type DOMString, nullable domain of type DOMString, nullable
Cookie-like domain string to which the exception applies. a cookie-domain as defined in [RFC6265], to which the exception
applies.
expires of type DOMString, nullable
A date and time, encoded as described for the cookie Expires
attribute described in [RFC6265], indicating the maximum lifetime
of the remembered grant.
explanationString of type DOMString, nullable explanationString of type DOMString, nullable
A short explanation of the request. A short explanation of the request.
maxAge of type long, nullable
A positive number of seconds indicating the maximum lifetime of
the remembered grant.
siteName of type DOMString, nullable siteName of type DOMString, nullable
A user-readable string for the name of the top-level origin. A user-readable string for the name of the top-level origin.
dictionary StoreSiteSpecificExceptionPropertyBag : StoreExceptionPropertyBag { dictionary StoreSiteSpecificExceptionPropertyBag : StoreExceptionPropertyBag {
sequence<DOMString> arrayOfDomainStrings; sequence<DOMString> arrayOfDomainStrings;
}; };
arrayOfDomainStrings of type sequence<DOMString> arrayOfDomainStrings of type sequence<DOMString>
A JavaScript array of strings. A JavaScript array of strings.
skipping to change at line 1401 skipping to change at line 1434
If domain is supplied and not empty then it is treated in the same way as If domain is supplied and not empty then it is treated in the same way as
the domain parameter to cookies and allows setting for subdomains. The the domain parameter to cookies and allows setting for subdomains. The
domain argument can be set to fully-qualified right-hand segment of the domain argument can be set to fully-qualified right-hand segment of the
document host name, up to one level below TLD. document host name, up to one level below TLD.
For example, www.foo.bar.example.com may set the domain parameter as as For example, www.foo.bar.example.com may set the domain parameter as as
"bar.example.com" or "example.com", but not to "bar.example.com" or "example.com", but not to
"something.else.example.com" or "com". "something.else.example.com" or "com".
If the document-origin would not be able to set a cookie on the domain If the document-origin would not be able to set a cookie on the domain
following the cookie domain rules [COOKIES] (e.g. domain is not a following the cookie domain rules [RFC6265] (e.g. domain is not a
right-hand match or is a TLD) then the duplet MUST NOT be entered into the right-hand match or is a TLD) then the duplet MUST NOT be entered into the
database and a SYNTAX_ERR exception SHOULD be thrown. database and a SYNTAX_ERR exception SHOULD be thrown.
If permission is stored for an explicit list, then the set of duplets (one If permission is stored for an explicit list, then the set of duplets (one
per target): per target):
[*.domain, target] [*.domain, target]
is added to the database of remembered grants. is added to the database of remembered grants.
If permission is stored for a site-wide exception, then the duplet: If permission is stored for a site-wide exception, then the duplet:
[*.domain, * ] [*.domain, * ]
is added to the database of remembered grants. is added to the database of remembered grants.
A particular response to the API - like a DNT response header - is only A particular response to the API - like a DNT response header - is only
valid immediately, and users may choose to edit the list of stored valid immediately, and users may choose to edit the list of stored
exceptions and revoke some or all of them. exceptions and revoke some or all of them.
If expires is supplied and not null or empty the remembered grant will be
cancelled (i.e. processed as if the relevant Cancel API had been called)
no later than the specified date and time. After this the database of
remembered grants will no longer contain any duplets for which the first
part is the current document origin; i.e., no duplets [document-origin,
target] for any target.
If maxAge is supplied and not null, empty or negative the remembered grant
will be cancelled (i.e. processed as if the relevant Cancel API had been
called) no later than the specified number of seconds following the grant.
If both maxAge and expires are supplied, maxAge has precedence. If neither
maxAge or expires are supplied, the user agent MAY retain the remembered
grant until it is cancelled.
7.4.2 API to Cancel a Site-specific Exception 7.4.2 API to Cancel a Site-specific Exception
partial interface Navigator { partial interface Navigator {
void removeSiteSpecificTrackingException (RemoveExceptionPropertyBag proper ties); void removeSiteSpecificTrackingException (RemoveExceptionPropertyBag proper ties);
}; };
removeSiteSpecificTrackingException removeSiteSpecificTrackingException
If domain is not supplied or is null or empty then this ensures If domain is not supplied or is null or empty then this ensures
that the database of remembered grants no longer contains any that the database of remembered grants no longer contains any
skipping to change at line 1454 skipping to change at line 1502
Parameter Type Nullable Optional Description Parameter Type Nullable Optional Description
properties RemoveExceptionPropertyBag * * properties RemoveExceptionPropertyBag * *
Return type: void Return type: void
dictionary RemoveExceptionPropertyBag { dictionary RemoveExceptionPropertyBag {
DOMString? domain; DOMString? domain;
}; };
domain of type DOMString, nullable domain of type DOMString, nullable
Cookie-like domain string to which the exception applies. a cookie-domain as defined in [RFC6265], to which the exception
applies.
When this method returns the database of grants no longer contains the When this method returns the database of grants no longer contains the
indicated grant(s); if some kind of processing error occurred then an indicated grant(s); if some kind of processing error occurred then an
appropriate exception will be thrown. appropriate exception will be thrown.
If there are no matching duplets in the database of remembered grants when If there are no matching duplets in the database of remembered grants when
the method is called then this operation does nothing (and does not throw the method is called then this operation does nothing (and does not throw
an exception). an exception).
7.4.3 API to Confirm a Site-specific Exception 7.4.3 API to Confirm a Site-specific Exception
skipping to change at line 1483 skipping to change at line 1532
Parameter Type Nullable Optional Description Parameter Type Nullable Optional Description
properties ConfirmSiteSpecificExceptionPropertyBag * * properties ConfirmSiteSpecificExceptionPropertyBag * *
Return type: boolean Return type: boolean
dictionary ConfirmExceptionPropertyBag { dictionary ConfirmExceptionPropertyBag {
DOMString? domain; DOMString? domain;
}; };
domain of type DOMString, nullable domain of type DOMString, nullable
Cookie-like domain string to which the exception applies. a cookie-domain as defined in [RFC6265], to which the exception
applies.
dictionary ConfirmSiteSpecificExceptionPropertyBag : ConfirmExceptionPropertyBa g { dictionary ConfirmSiteSpecificExceptionPropertyBag : ConfirmExceptionPropertyBa g {
sequence<DOMString> arrayOfDomainStrings; sequence<DOMString> arrayOfDomainStrings;
}; };
arrayOfDomainStrings of type sequence<DOMString> arrayOfDomainStrings of type sequence<DOMString>
A JavaScript array of strings. A JavaScript array of strings.
If the call does not include the arrayOfDomainStrings, then this call is If the call does not include the arrayOfDomainStrings, then this call is
to confirm a site-wide exception. Otherwise each string in to confirm a site-wide exception. Otherwise each string in
skipping to change at line 1608 skipping to change at line 1658
7.6 Transfer of an exception to another third party 7.6 Transfer of an exception to another third party
A site may request an exception for one or more third party services used A site may request an exception for one or more third party services used
in conjunction with its own offer. Those third party services may wish to in conjunction with its own offer. Those third party services may wish to
use other third parties to complete the request in a chain of use other third parties to complete the request in a chain of
interactions. The first party will not necessarily know in advance whether interactions. The first party will not necessarily know in advance whether
a known third party will use some other third parties. a known third party will use some other third parties.
If a user agent sends a tracking exception to a given combination of If a user agent sends a tracking exception to a given combination of
origin server and a named third party, the user agent will send DNT:0 to origin server and a named third party, the user agent will send DNT:0 to
that named third party. By receiving the DNT:0 header, the named third that named third party. By receiving the DNT:0 preference, the named third
party acquires the permission to track the user agent and collect the data party acquires the permission to track the user agent and collect the data
and process it in any way allowed by the legal system it is operating in. and process it in any way allowed by the legal system it is operating in.
Furthermore, the named third party receiving the DNT:0 header acquires at Furthermore, the named third party receiving the DNT:0 header acquires at
least the right to collect data and process it for the given interaction least the right to collect data and process it for the given interaction
and any other use unless it receives a DNT:1 header from that particular and any other use unless it receives a DNT:1 from that particular
identified user agent. identified user agent.
The named third party is also allowed to transmit the collected data for The named third party is also allowed to transmit the collected data for
uses related to this interaction to its own sub-services and uses related to this interaction to its own sub-services and
sub-sub-services (transitive permission). The tracking permission request sub-sub-services (transitive permission). The tracking permission request
triggered by the origin server is thus granted to the named third party triggered by the origin server is thus granted to the named third party
and its sub-services. This is even true for sub-services that would and its sub-services. This is even true for sub-services that would
normally receive a DNT:1 web-wide preference from the user agent if the normally receive a DNT:1 web-wide preference from the user agent if the
user agent interacted with this service directly. user agent interacted with this service directly.
For advertisement networks this typically would mean that the collection For advertisement networks this typically would mean that the collection
and auction system chain can use the data for that interaction and combine and auction system chain can use the data for that interaction and combine
it with existing profiles and data. The sub-services to the named third it with existing profiles and data. The sub-services to the named third
party do not acquire an independent right to process the data for party do not acquire an independent right to process the data for
independent secondary uses unless they, themselves, receive a DNT:0 header independent secondary uses unless they, themselves, receive a DNT:0
from the user agent (as a result of their own request or the request of a preference from the user agent (as a result of their own request or the
first-party). In our example of advertisement networks that means the request of a first-party). In our example of advertisement networks that
sub-services can use existing profiles in combination with the data means the sub-services can use existing profiles in combination with the
received, but they can not store the received information into a profile data received, but they can not store the received information into a
until they have received a DNT:0 of their own. profile until they have received a DNT:0 of their own.
A named third party acquiring an exception with this mechanism MUST make A named third party acquiring an exception with this mechanism MUST make
sure that sub-services it uses acknowledge this constraint by requiring sure that sub-services it uses acknowledge this constraint by requiring
the use of the appropriate tracking status value of 'C' (consent), and the the use of the appropriate tracking status value of 'C' (consent), and an
qualifier "t", from its sub-sub-services. appropriate qualifier defined by the compliance regime(s) that they
operate under that indicates this transfer; the qualifier "t"
(transferred) is suggested.
The permission acquired by the DNT mechanism does not override retention The permission acquired by the DNT mechanism does not override retention
limitations found in the legal system the content provider or the named limitations found in the legal system the content provider or the named
third party are operating in. third party are operating in.
7.7 User interface guidelines 7.7 User interface guidelines
This section is non-normative. This section is non-normative.
As described above, it is the responsibility solely of the site making the As described above, it is the responsibility solely of the site making the
skipping to change at line 1663 skipping to change at line 1715
It is expected that the site will explain, in its online content, the need It is expected that the site will explain, in its online content, the need
for an exception, and the consequences of granting or denying an for an exception, and the consequences of granting or denying an
exception, to the user. exception, to the user.
User agents are free to implement exception management user interfaces as User agents are free to implement exception management user interfaces as
they see fit. Some agents might provide a notification to the user at the they see fit. Some agents might provide a notification to the user at the
time of the request, or even not complete the storing of the exception time of the request, or even not complete the storing of the exception
until the user approves. Some agents might provide a user-interface to see until the user approves. Some agents might provide a user-interface to see
and edit the database of recorded exception grants. The API parameters and edit the database of recorded exception grants. The API parameters
siteName, explanationString, and detailURI are provided so that the user siteName, explanationString, and detailURI are provided so that the user
agent may use them in their user interface. agent may use them in their user interface. If user-agents present this to
the user, it should be clear that they are claims by the site, and might
be written to mislead.
A user agent that chooses to highlight when tracking exceptions have been A user agent that chooses to highlight when tracking exceptions have been
stored might provide an interface like the following. stored might provide an interface like the following.
* an icon in the status bar indicating that an exception has been * an icon in the status bar indicating that an exception has been
stored, which, when clicked on, gives the user more information about stored, which, when clicked on, gives the user more information about
the exception and an option to revoke such an exception. the exception and an option to revoke such an exception.
* an infobar stating "Example News (news.example.com) has indicated to * an infobar stating "Example News (news.example.com) has indicated to
Browser that you have consented to granting it exceptions to your Browser that you have consented to granting it exceptions to your
general Do Not Track preference. If you believe this is incorrect, general Do Not Track preference. If you believe this is incorrect,
skipping to change at line 1723 skipping to change at line 1777
Sites might wish to request exceptions even when a user arrives without a Sites might wish to request exceptions even when a user arrives without a
DNT header. Users might wish to grant affirmative permission to tracking DNT header. Users might wish to grant affirmative permission to tracking
on or by certain sites even without expressing general tracking on or by certain sites even without expressing general tracking
preferences. preferences.
User agents MAY instantiate navigator.storeSiteSpecificTrackingException User agents MAY instantiate navigator.storeSiteSpecificTrackingException
even when window.doNotTrack is null. Scripts SHOULD test for the existence even when window.doNotTrack is null. Scripts SHOULD test for the existence
of storeSiteSpecificTrackingException before calling the method. If an of storeSiteSpecificTrackingException before calling the method. If an
exception is granted and the user agent stores that preference, a user exception is granted and the user agent stores that preference, a user
agent may send a DNT:0 header field even if a tracking preference isn't agent may send the DNT:0 tracking preference even if it has not enabled
expressed for other requests. Persisted preferences MAY also affect which preferences to be sent for other requests. Persisted preferences MAY
header is transmitted if a user later chooses to express a tracking affect which preference is transmitted if a user later chooses to express
preference. a tracking preference.
Note Note
Users might not configure their agents to have simple values for DNT, but Users might not configure their agents to have simple values for DNT, but
use different browsing modes or other contextual information to decide on use different browsing modes or other contextual information to decide on
a DNT value. What algorithm a user agent employs to determine DNT values a DNT value. What algorithm a user agent employs to determine DNT values
(or the lack thereof) is out of the scope of this specification. (or the lack thereof) is out of the scope of this specification.
7.10 Exception use by sites 7.10 Exception use by sites
skipping to change at line 1753 skipping to change at line 1807
The 'Store' calls do not have a return value, and return immediately. If The 'Store' calls do not have a return value, and return immediately. If
there is a problem with the calling parameters, then a Javascript there is a problem with the calling parameters, then a Javascript
exception will be raised. In addition, it may be that the user agent does exception will be raised. In addition, it may be that the user agent does
not immediately store the exception, possibly because it is allowing the not immediately store the exception, possibly because it is allowing the
user to confirm. Even though the site has acquired the user's informed user to confirm. Even though the site has acquired the user's informed
consent before calling the 'Store' API, it is possible that the user will consent before calling the 'Store' API, it is possible that the user will
change their mind, and allow the store to proceed but then later ask it be change their mind, and allow the store to proceed but then later ask it be
removed, or even by denying the storage in the first place. removed, or even by denying the storage in the first place.
Sites can call the 'Confirm' APIs to enquire whether a specific exception Nonetheless, at the time of the call the site has acquired the user's
has been granted and stands in the user agent. This is the call to make to consent, and can proceed on that basis, whether or not the user-agent has
determine whether the exception exists, and hence to control access to the stored the exception immediately. It is not necessary to call the confirm
function or operation; if it fails (the exception has been deleted, or not API at the time of consent.
yet granted), then the user is ideally again offered the information
needed to give their informed consent, and again offered the opportunity On other visits, sites can call the 'Confirm' APIs to enquire whether a
to indicate that they grant it. As stated in the normative text, the site specific exception has been granted and stands in the user agent. This is
needs to explain and acquire consent immediately prior to calling the the call to make to determine whether the exception exists, and hence to
Store API, and not remember some past consent; this allows the user to control access to the function or operation; if it fails (the exception
change their mind. has been deleted, or not yet granted), then the user is ideally again
offered the information needed to give their informed consent, and again
offered the opportunity to indicate that they grant it. As stated in the
normative text, the site needs to explain and acquire consent immediately
prior to calling the Store API, and not remember some past consent; this
allows the user to change their mind.
If they do grant it (using some positive interaction such as a button), If they do grant it (using some positive interaction such as a button),
the site can return to checking the 'Confirm' API. the site can return to checking the 'Confirm' API.
In this way the site: In this way the site:
* does not assume that the storage is instantaneous, and mistakenly * does not assume that the storage is instantaneous, and mistakenly
grant access when the exception does not (yet) stand; grant access when the exception does not (yet) stand;
* does not call the Confirm API repeatedly without a user-interaction * does not call the Confirm API repeatedly without a user-interaction
between each call, in a loop; between each call, in a loop;
skipping to change at line 1861 skipping to change at line 1920
Restrictions on usage: Restrictions on usage:
N/A N/A
Author(s): Author(s):
Roy T. Fielding and David Singer Roy T. Fielding and David Singer
Change controller: Change controller:
W3C W3C
ReSpec
Save SnapshotAbout ReSpecSearch Specref DB
C. References C. References
C.1 Normative references C.1 Normative references
[ABNF] [HTML5]
D. Crocker; P. Overell. Augmented BNF for Syntax Specifications: Ian Hickson; Robin Berjon; Steve Faulkner; Travis Leithead; Erika
ABNF. January 2008. STD. URL: http://www.ietf.org/rfc/rfc5234.txt Doyle Navara; Edward O'Connor; Silvia Pfeiffer. HTML5. 28 October
2014. W3C Recommendation. URL: http://www.w3.org/TR/html5/
[COOKIES]
A. Barth. HTTP State Management Mechanism. April 2011. RFC. URL:
http://www.ietf.org/rfc/rfc6265.txt
[HTTP] [RFC2119]
Roy T. Fielding; Julian Reschke. Hypertext Transfer Protocol S. Bradner. Key words for use in RFCs to Indicate Requirement
(HTTP/1.1): Message Syntax and Routing. 6 February 2014. Levels. March 1997. Best Current Practice. URL:
Internet-Draft. URL: https://tools.ietf.org/html/rfc2119
http://datatracker.ietf.org/doc/draft-ietf-httpbis-p1-messaging/
[HTTP-cache] [RFC3986]
Roy T. Fielding; Mark Nottingham; Julian Reschke. Hypertext T. Berners-Lee; R. Fielding; L. Masinter. Uniform Resource
Transfer Protocol (HTTP/1.1): Caching. 6 February 2014. Identifier (URI): Generic Syntax. January 2005. Internet Standard.
Internet-Draft. URL: URL: https://tools.ietf.org/html/rfc3986
http://datatracker.ietf.org/doc/draft-ietf-httpbis-p6-cache/
[HTTP-semantics] [RFC5234]
Roy T. Fielding; Julian Reschke. Hypertext Transfer Protocol D. Crocker, Ed.; P. Overell. Augmented BNF for Syntax
(HTTP/1.1): Semantics and Content. 6 February 2014. Specifications: ABNF. January 2008. Internet Standard. URL:
Internet-Draft. URL: https://tools.ietf.org/html/rfc5234
http://datatracker.ietf.org/doc/draft-ietf-httpbis-p2-semantics/
[RFC2119] [RFC6265]
S. Bradner. Key words for use in RFCs to Indicate Requirement A. Barth. HTTP State Management Mechanism. April 2011. Proposed
Levels. March 1997. Internet RFC 2119. URL: Standard. URL: https://tools.ietf.org/html/rfc6265
http://www.ietf.org/rfc/rfc2119.txt
[RFC7159] [RFC7159]
Tim Bray, Ed.. The JavaScript Object Notation (JSON) Data T. Bray, Ed.. The JavaScript Object Notation (JSON) Data
Interchange Format. March 2014. Internet RFC 7159. URL: Interchange Format. March 2014. Proposed Standard. URL:
http://www.rfc-editor.org/rfc/rfc7159.txt https://tools.ietf.org/html/rfc7159
[RFC7230]
R. Fielding, Ed.; J. Reschke, Ed.. Hypertext Transfer Protocol
(HTTP/1.1): Message Syntax and Routing. June 2014. Proposed
Standard. URL: https://tools.ietf.org/html/rfc7230
[RFC7231]
R. Fielding, Ed.; J. Reschke, Ed.. Hypertext Transfer Protocol
(HTTP/1.1): Semantics and Content. June 2014. Proposed Standard.
URL: https://tools.ietf.org/html/rfc7231
[RFC7234]
R. Fielding, Ed.; M. Nottingham, Ed.; J. Reschke, Ed.. Hypertext
Transfer Protocol (HTTP/1.1): Caching. June 2014. Proposed
Standard. URL: https://tools.ietf.org/html/rfc7234
[WEBIDL] [WEBIDL]
Cameron McCormack. Web IDL. 19 April 2012. W3C Candidate Cameron McCormack. Web IDL. 19 April 2012. W3C Candidate
Recommendation. URL: http://www.w3.org/TR/WebIDL/ Recommendation. URL: http://www.w3.org/TR/WebIDL/
C.2 Informative references C.2 Informative references
[KnowPrivacy] [KnowPrivacy]
Joshua Gomez; Travis Pinnick; Ashkan Soltani. KnowPrivacy. 1 June Joshua Gomez; Travis Pinnick; Ashkan Soltani. KnowPrivacy. 1 June
2009. URL: 2009. URL:
http://www.knowprivacy.org/report/KnowPrivacy_Final_Report.pdf http://www.knowprivacy.org/report/KnowPrivacy_Final_Report.pdf
[RFC5785] [RFC5785]
Mark Nottingham; Eran Hammer-Lahav. Defining Well-Known Uniform M. Nottingham; E. Hammer-Lahav. Defining Well-Known Uniform
Resource Identifiers (URIs) (RFC 5785). April 2010. RFC. URL: Resource Identifiers (URIs). April 2010. Proposed Standard. URL:
http://www.rfc-editor.org/rfc/rfc5785.txt https://tools.ietf.org/html/rfc5785
[RFC6570]
J. Gregorio; R. Fielding; M. Hadley; M. Nottingham; D. Orchard.
URI Template. March 2012. Proposed Standard. URL:
https://tools.ietf.org/html/rfc6570
[TCS] [TCS]
Heather West; Justin Brookman; Sean Harvey; Erica Newland. Heather West; Justin Brookman; Sean Harvey; Erica Newland.
Tracking Compliance and Scope. 08 April 2014. W3C Editor's Draft. Tracking Compliance and Scope. 08 May 2014. W3C Editor's Draft.
URL: URL:
http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance .html http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance .html
[URI-TEMPLATE]
Joe Gregorio; Roy T. Fielding; Marc Hadley; Mark Nottingham; David
Orchard. URI Template. March 2012. RFC 6570. URL:
http://www.rfc-editor.org/rfc/rfc6570.txt
 End of changes. 62 change blocks. 
183 lines changed or deleted 258 lines changed or added

This html diff was produced by rfcdiff 1.40. The latest version is available from http://tools.ietf.org/tools/rfcdiff/