- From: CVS User npdoty <cvsmail@w3.org>
- Date: Mon, 27 Apr 2015 23:08:09 +0000
- To: public-tracking-commit@w3.org
Update of /w3ccvs/WWW/2011/tracking-protection/drafts
In directory gil:/var/tmp/cvs-serv50059
Modified Files:
tracking-compliance.html
Log Message:
remove tracking data and update compliance requirements per: https://lists.w3.org/Archives/Public/public-tracking/2015Apr/0002.html https://lists.w3.org/Archives/Public/public-tracking/2015Apr/0010.html
--- /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-compliance.html 2015/04/08 16:44:22 1.145
+++ /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-compliance.html 2015/04/27 23:08:09 1.146
@@ -281,18 +281,14 @@
<ul>
<li>technical safeguards that prohibit re-identification of
- de-identified data and/or merging of the original tracking data and
de-identified data;</li>
<li>business processes that specifically prohibit re-identification of
- de-identified data and/or merging of the original tracking data and
de-identified data;</li>
- <li>business processes that prevent inadvertent release of either the
- original tracking data or de-identified data;</li>
+ <li>business processes that prevent inadvertent release of de-identified data;</li>
- <li>administrative controls that limit access to both the original
- tracking data and de-identified data.</li>
+ <li>administrative controls that limit access to de-identified data.</li>
</ul>
<p>Geolocation data (of a certain precision or over a period of time)
@@ -309,9 +305,6 @@
which it occurred. A <dfn>context</dfn> is a set of resources that are
controlled by the same party or jointly controlled by a set of
parties.</p>
-
- <p><dfn>Tracking data</dfn> is any data that could be combined with other
- data to engage in tracking a user across different contexts.</p>
</section>
<section id="collection">
@@ -459,16 +452,16 @@
<p>Other than under those enumerated conditions, that party:</p>
<ol start="1">
- <li>MUST NOT collect, share, or use <a>tracking data</a>
- related to that interaction;
- </li>
-
- <li>MUST NOT use data about network interactions with that
+ <li>MUST NOT collect data from this network interaction that would
+ result in data regarding this particular user being associated across
+ multiple contexts;</li>
+ <li>MUST NOT retain, use, or share data from this particular user's
+ activity outside the context in which that activity occurred; and</li>
+ <li>MUST NOT use data from network interactions with this particular
user in a different <a>context</a>.
</li>
</ol>
-
<aside class="example">
<p>An embedded widget provider (a third party to users' interactions
with various sites) counts visitors' country of origin and device type
@@ -541,8 +534,7 @@
<h5>No Personalization</h5>
<p>A party that collects data for a permitted use MUST NOT use that
- data to alter a specific user's online experience based on tracking
- data, except as specifically permitted below.</p>
+ data to alter a specific user's online experience, except as specifically permitted below.</p>
</section>
<section id="reasonable-security">
@@ -695,7 +687,7 @@
<aside class="example">
<p>A site that tracks user activity across several unrelated sites
(through a tracking pixel or embedded script, for example) but
- collects and uses tracking data only as necessary for security and
+ collects and uses data about that activity only as necessary for security and
debugging purposes might create a tracking status resource with a
tracking status value of <code>T</code> (to indicate tracking) and a
qualifiers value of <code>sd</code> (to indicate the particular
Received on Monday, 27 April 2015 23:08:10 UTC