Re: Sitecom adds Do Not Track to its routers

Okay, thanks.  So, if I have this right, you have proposed text (at http://lists.w3.org/Archives/Public/public-tracking/2012Oct/0507.html), which is currently pending review,
that would define the Sitecom routers as noncompliant.

I ask because these routers appear to be devices that when used as designed and documented, result in the sending of a DNT header that accurately reflects an informed explicit user preference.  So there is a choice here for the group: should these and similar devices be part of the DNT ecosystem, and if so, how?  The consideration of that question ought to drive the consideration of the proposed text, not the other way around.

James

--------------------------------------------------
James Grimmelmann              Professor of Law
New York Law School                 (212) 431-2864
185 West Broadway       james.grimmelmann@nyls.edu<mailto:james.grimmelmann@nyls.edu>
New York, NY 10013    http://james.grimmelmann.net


On 2012-12-01, at 10:32 PM, Ian Fette (イアンフェッティ) <ifette@google.com<mailto:ifette@google.com>> wrote:


See my text on action-284

On Dec 1, 2012 6:02 PM, "Grimmelmann, James" <James.Grimmelmann@nyls.edu<mailto:James.Grimmelmann@nyls.edu>> wrote:
Ian, what language in the draft would the router be noncompliant with?  For example, the requirement that there be a doNotTrack DOM attribute is expressed as a MUST only for user agents.  Am I missing something else that would impose a requirement on the router?

Thanks,
James

--------------------------------------------------
James Grimmelmann              Professor of Law
New York Law School                 (212) 431-2864<tel:%28212%29%20431-2864>
185 West Broadway       james.grimmelmann@nyls.edu<mailto:james.grimmelmann@nyls.edu><mailto:james.grimmelmann@nyls.edu<mailto:james.grimmelmann@nyls.edu>>
New York, NY 10013    http://james.grimmelmann.net<http://james.grimmelmann.net/>

On 2012-12-01, at 8:43 PM, Ian Fette (イアンフェッティ)
 <ifette@google.com<mailto:ifette@google.com><mailto:ifette@google.com<mailto:ifette@google.com>>>
 wrote:


David, when you say compliant I assume you mean with respect to the overall setting being representative of an explicit user choice? I'm not sure how something with no provisions for exceptions, or consistency between header and DOM values could be considered compliant...

On Dec 1, 2012 3:43 PM, "David Singer" <singer@apple.com<mailto:singer@apple.com><mailto:singer@apple.com<mailto:singer@apple.com>>> wrote:

On Nov 30, 2012, at 14:56 , Craig Spiezle <craigs@otalliance.org<mailto:craigs@otalliance.org><mailto:craigs@otalliance.org<mailto:craigs@otalliance.org>>> wrote:

As JC and i also confirmed this is an opt in device are you suggesting it would be non-compliant?

My read of their product literature is that the device is intended for individual sale, so in that case, it's probably compliant.  It is someone being enabled to have single central control of DNT for all their devices on their own network.

My read may be wrong, of course.


As more sw and hw solutions come to market specially designed to block ads, enhance privacy or third party calls I believe the intent of the user will be met through the user's purchase. That said I would hope there is a user string detectable so the site can detect such usage and determine what content / services are made available


Sent from my phone

On Nov 30, 2012, at 5:13 PM, Brendan Riordan-Butterworth <Brendan@iab.net<mailto:Brendan@iab.net><mailto:Brendan@iab.net<mailto:Brendan@iab.net>>> wrote:

http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#dnt-header-field


“An HTTP intermediary must not add, delete, or modify the DNT header field in requests forwarded through that intermediary unless that intermediary has been specifically installed or configured to do so by the user making the requests. For example, an Internet Service Provider must not inject DNT: 1 on behalf of all of their users who have not expressed a preference.”

If the router has a single point to configure the DNT header field for all outbound traffic, and the LAN it is in front of has more than one user making HTTP requests, then the Sitecom functionality is not compliant with the requirements on intermediaries as defined in section 4.2 of the TPE document.

/brendan.

From: JC Cannon [mailto:jccannon@microsoft.com<mailto:jccannon@microsoft.com>]
Sent: Thursday, November 29, 2012 1:14 PM
To: W3C DNT Working Group Mailing List
Subject: Sitecom adds Do Not Track to its routers

“The Do Not Track functionality is disabled by default, and requires the user to visit the router's configuration page to enable it. Sitecom has confirmed that, in addition to launching the software on third-generation X-Series routers, it will bring the Do Not Track option to existing devices with Sitecom Cloud Security through a free firmware update.”

http://www.bit-tech.net/news/hardware/2012/11/29/sitecom-do-not-track/1


JC

David Singer
Multimedia and Software Standards, Apple Inc.

Received on Sunday, 2 December 2012 04:22:23 UTC