This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
As discussed in http://lists.w3.org/Archives/Public/www-tag/2014Oct/0106.html, some DRM implementations---for Silverlight, at least---bring along semi-permanent client IDs. We should consider requiring or strongly recommending that user agents prompt or inform the user if an EME implementation brings along identifiers that cannot be cleared along with regular cookies and site data (similar to Mark’s “more privacy sensitive than regular cookies” bar). I will file a separate bug exploring whether we can require that such identifiers be clearable, but we can use this bug to discuss mitigation strategies if they must be unclearable for robustness reasons.
Implemented in https://github.com/w3c/encrypted-media/commit/3ead3c182ac6cd75a0ab77e2bcb957c09cdea006 Note: The separate bug referenced in comment #0 is bug 27166.