New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
When using a different TPS, the URI for the policy document is not mandatory in the response #1
Comments
Can you add more detail? What is a "TPS"? What possible changes are you suggesting? |
Tracking Policy Specification. Basically the compliance specification. |
Currently the spec includes an optional Can you tell us what change you're asking for with this issue? Do you think the |
I am asking for making this property mandatory since leaving it empty will leave the UA with uncertainty regarding the actual policy implications of an affirmative response to DNT:1 |
But that's exactly what an empty compliance property is supposed to mean. Effectively, it means the user will have to read the site's privacy policies because the site does not comply with a named standard. A user agent is free to do with that information as it wishes. Making the compliance property mandatory would mean the communication ends if no standard is met, which would be a hopeless situation given the absence of current compliance standards. |
Hi Roy, I see your point that this will initially create to an unlimited number of links that are neither machine readable nor standardized. However, if useful standards evolve (which I hope) then it gets more likely that the URL point to a well-known URL. In this scenario, say 20% of sites point to the W3C policy, 15% to EFF, another 10% to a new EU policy, and the other 55% are pointers to other standards, policies, URLs that are just recorded or may also just be deemed untrusted. Why would such a scenario not work from your perspective? |
We already have a policy property, which defaults to controller if not present, which in turn defaults to the site's domain if not present. I don't think it is useful to make additional TSR properties required in TPE because they just supply information beyond what is required by the protocol itself. If the site wants to provide that information, it will supply the appropriate property. |
policy is now mandatory in some cases |
This is an inconsistency in the TPE.
The text was updated successfully, but these errors were encountered: