diff --git a/index.src.html b/index.src.html
index f0fc84b..9f6be17 100644
--- a/index.src.html
+++ b/index.src.html
@@ -289,6 +289,17 @@ Reports
counter, which is a non-negative integer representing the number of times the
user agent attempted to deliver the report.
+ User configuration
+
+ Reporting may be disabled for particular [=report
+ types=], potentially on particular [=origins=]. The specification does not
+ define how [=/user agents=] determine whether their users prefer to disable
+ reporting.
+
+ Changing the default for a [=report type=] across all
+ origins is a [=tracking vector=] because a site can detect that an expected
+ report isn't sent.
+
The media type used when POSTing reports to a specified endpoint is
@@ -493,6 +504,9 @@ Generate report of |type| with
1. Let |settings| be |context|'s [=relevant settings object=].
+ 1. If reporting is [=reporting/disabled=] for |type| and |settings|'
+ [=environment settings object/origin=], return.
+
2. Let |report| be the result of running [=generate a report=] with |data|,
|type|, |destination| and |settings|.
@@ -1086,9 +1100,14 @@ Disabling Reporting
Sending reports costs bandwidth, and potentially could reveal some small
amount of additional information above and beyond what a website can obtain
in-band ([[NETWORK-ERROR-LOGGING]], for instance). User agents MUST allow
- users to disable reporting with some reasonable amount of granularity in order
- to maintain the priority of constituencies espoused in
+ users to [=reporting/disabled|disable reporting=] with some reasonable amount
+ of granularity in order to maintain the priority of constituencies espoused in
[[HTML-DESIGN-PRINCIPLES]].
+
+ To reduce the amount that this configuration is a [=tracking vector=], the
+ user agent would need to make it difficult to detect whether it sends an
+ expected report, perhaps by spreading out reports over a wider time or by
+ omitting some reports even if that type of reporting is enabled.