- From: Rigo Wenning <rigo@w3.org>
- Date: Fri, 04 May 2012 17:53:56 +0200
- To: public-tracking@w3.org, rob@blaeu.com
Rob,
On Friday 04 May 2012 00:05:38 Rob van Eijk wrote:
> Explicit/explicit gives Controllers the opportunity to signal which 3rd
> parties are processors. Because the controller determines the purpose and
> means, controller is responsible for valid consent in the EU.
I think that explicit/explicit allows to determine the number of
controllers.
For processors You would use
"same-party": [
"example.com",
"example_vids.net",
"example_stats.com"
]
to indicate them. Because from a DNT point of view, a controller and her
processors are one bucket-entity. Here DNT may serve as a consent mechanism
also for the first party. (An optional beneficial use, an enabler in EU, not
DNT for first parties in the US)
[...]
>
> Use case [B]: a DNT:0 signal to service providers, not being processors,
> but as a result controllers themselves or in some cases joint controller.
This is the case I have in mind. To monetize the content, the site has P 1-4
but at least wants to have P1 and P2 to receive DNT;0
> It could be useful, but I haven't given it a lot of thought.
The question for me is:
1/ Self determination means I can send DNT;0 to P1-3 and DNT;1 to P4. The
normal shortcut would be "*" meaning P1-4
2/ "*" alone is not a list of controllers. The consent would be for an
undefined object that changes dynamically over time. Is that missing
determination of controllers at communication time a problem for the
consent?
> My
> assumption for DNT:0 to be useful in this scenario is that the browser
> reflects user consent. This implies that the user has made an informed
> choice, preferably in the install/update flow of the browser to use DNT
> technology as a granular consent expression mechanism.
This is the goal if we want to make DNT in any way useful for the EU market.
Rigo
Received on Friday, 4 May 2012 15:54:21 UTC