You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
With no standard compliance spec to set a minimum bar, a very common use case for all UIs will be to find a way to present text to users what they consent to when users agree to tracking. A standard hook to do this is both useful and necessary to ensure usability in practice, and address the gaping hole left by shooting the compliance spec. Of course, this also supports US law (AB 370) as well as likely EU law as well.
Specifically, I propose changes to section, 6.5.8 Policy Property, as follows:
Change from MAY to SHOULD provide a policy property.
Either:
a. Specify that while the exact details are out of spec, the Policy Property SHOULD inform users of what changes between DNT:0 and DNT:1, or
b. Extend to have two different policy properties, one for DNT:0 and the other for DNT:1.
(I suspect a is easier for users, and b is easier for implementors. I imagine others will have opinions as to which is better.)
Additionally, add the following text: User agents implementing Do Not Track SHOULD present this information to users when asking them to make decisions about tracking.
Of note: this leaves all text in the hands of the companies of how to describe things. It only requires that they do so (as with AB 370) and that they do so in a way that user agents can hook into to make DNT at all usable in practice. This is a mighty low bar.
The text was updated successfully, but these errors were encountered:
The main problem here is that the policy property is intended to refer to the site's privacy policy, which might be quite a bit larger than what you would want to display. I have added some clarification about describing the difference between DNT:0 and DNT:1 in commit 9cf7034
Aside from the usual spec requirement that examples not reflect real companies, it seems that the examples all presume a policy document that is tailored for user agent display. Since that is not what we defined for policy, I am going to remove the example section for now (at least until we have more time to review and decide what makes sense here). After all, we are supposed to be encouraging people to define and reference compliance regimes, which makes the policy machine-readable.
With no standard compliance spec to set a minimum bar, a very common use case for all UIs will be to find a way to present text to users what they consent to when users agree to tracking. A standard hook to do this is both useful and necessary to ensure usability in practice, and address the gaping hole left by shooting the compliance spec. Of course, this also supports US law (AB 370) as well as likely EU law as well.
Specifically, I propose changes to section, 6.5.8 Policy Property, as follows:
a. Specify that while the exact details are out of spec, the Policy Property SHOULD inform users of what changes between DNT:0 and DNT:1, or
b. Extend to have two different policy properties, one for DNT:0 and the other for DNT:1.
(I suspect a is easier for users, and b is easier for implementors. I imagine others will have opinions as to which is better.)
Of note: this leaves all text in the hands of the companies of how to describe things. It only requires that they do so (as with AB 370) and that they do so in a way that user agents can hook into to make DNT at all usable in practice. This is a mighty low bar.
The text was updated successfully, but these errors were encountered: