Re: ACTION-265

Hi Lauren,

On 10/17/12 4:50 PM, Lauren Gelman wrote:
>
> I have to say I think this is an extraneous provision.  It does 
> nothing to affect liability imposed for promises that were made while 
> the company was out of compliance that were not adhered to.  Saying 
> that a company who has promised DNT and breached that promise can 
> continue to to claim to be in compliance with it for an arbitrary 
> period of additional time is bizarre.  It is self-evident that to cap 
> liability for the breach of promise you need to either stop promising 
> or must bring your practices into compliance with the standard.
I disagree. This gives companies who unintentionally violate the 
standard an explicit exception from liability as long as they fix the 
problem within a reasonable time after discovery. Why is that concept 
extraneous or bizarre?

>
> It could be useful for the group to require that a company that finds 
> itself out of compliance (a) notify its users or (b) require that it 
> delete any data collected while the company was not accurately tagging 
> the data's DNT signal.
>
Isn't option b what this does? Bring the data that was collected out of 
compliance into compliance within a reasonable time.

Regards,

David

> On Oct 16, 2012, at 9:58 PM, Shane Wiley wrote:
>
>> Updated text per our discussions in Amsterdam.
>> Tracking Compliance and Scope
>> Section 3.8.1
>> /It may happen that a party claiming compliance with this standard 
>> will retain or use data without awareness that it is doing so 
>> contrary to its intended party position with respect to the standard. 
>> In such a case, the party must bring its practices and prior 
>> collected data into compliance with the standard within a 
>> commercially reasonable time after it learns of such non-compliant 
>> activity./
>