- From: Heather West via cvs-syncmail <cvsmail@w3.org>
- Date: Tue, 30 Oct 2012 23:39:26 +0000
- To: public-tracking-commit@w3.org
Update of /w3ccvs/WWW/2011/tracking-protection/drafts
In directory hutz:/tmp/cvs-serv27775
Modified Files:
tracking-compliance.html
Log Message:
Resolved outstanding actions to add text.
Index: tracking-compliance.html
===================================================================
RCS file: /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-compliance.html,v
retrieving revision 1.85
retrieving revision 1.86
diff -u -d -r1.85 -r1.86
--- tracking-compliance.html 5 Oct 2012 09:42:18 -0000 1.85
+++ tracking-compliance.html 30 Oct 2012 23:39:24 -0000 1.86
@@ -677,7 +677,7 @@
<h3>Contract</h3>
<p>
- A <a>first party</a> MUST enter into a contract with an
+ A <a>First party</a> or <a>Third party</a> MUST enter into a contract with an
outsourced party that requires that outsourced party to comply
with these requirements.
</p>
@@ -691,7 +691,7 @@
<p>
Outsourced service providers are considered to be the same party as
their clients if the outsourced service providers only act as data
- processors on behalf of that party, silo the data so that it cannot
+ processors on behalf of that party in relation to that party, silo the data so that it cannot
be accessed by other parties, and have no control over the use or
sharing of that data except as directed by that party.
</p>
@@ -699,12 +699,11 @@
<section class="option" id="def-service-providers-opt-3">
<h4>Option 3: Service Provider/Outsourcer Definition</h4>
-
<p>
- Service Providers acting on the behalf of a First Party and with no
- independent rights to use the First Party’s data outside of the
- context of that First Party and Permitted Uses are also considered
- to be acting as the First Party.
+ Service Providers acting on the behalf of a <a>First party</a> or <a>Third party</a>, and with no
+ independent rights to use that party’s data outside of the
+ context of that party and Permitted Uses, are also considered
+ to be acting as that party.
</p>
</section>
</section>
@@ -1902,10 +1901,8 @@
<section id="user-granted-exceptions">
<h2>User-Granted Exceptions</h2>
-
- <p class="note">
- Figure out which parts of UGE belong in which document.
- </p>
+<p class="note">First and third paragraphs added per ACTION-251. Needs edits for fluency.</p>
+ <p>When a user sends the DNT:0 signal, they are expressing a preference for a personalized experience. This signal indicates explicit consent for data collection, retention, processing, disclosure, and use by the recipient of this signal to provide a personalized experience for the user. This recommendation places no restrictions on data collected from requests received with DNT:0.</p>
<p>
The operator of a website may engage in practices otherwise described
by this standard if the user has given explicit and informed consent.
@@ -1917,7 +1914,11 @@
operator must indicate this consent to the user agent as described in
the companion [[!TRACKING-DNT]] document.
</p>
-<!--
+ <p class="informative">This protocol does not define what constitutes explicit consent in any jurisdiction; check with your lawyer.</p>
+ <p class="note">
+ Figure out which parts of UGE belong in which document.
+ </p>
+ <!--
<p class="issue" data-number="83" title="How do you opt out if already opted in? - pretty sure this belongs in the technical spec"></p>
<p class="issue" data-number="67" title="Should opt-back-in be stored on the client side? - pretty sure this belongs in the technical spec"></p>
-->
Received on Tuesday, 30 October 2012 23:39:27 UTC