W3C home > Mailing lists > Public > public-tracking@w3.org > October 2012

Re: Proposed Text for Local Law and Public Purpose

From: Walter van Holst <walter.van.holst@xs4all.nl>
Date: Wed, 24 Oct 2012 12:27:12 +0200
Message-ID: <5087C280.6040509@xs4all.nl>
To: public-tracking@w3.org
On 10/24/12 4:13 AM, David Wainberg wrote:
> 
> On 10/23/12 8:34 PM, Dan Auerbach wrote:
>> the onus is on me to explain privacy risks through examples
> 
> Please do. There continues to be reluctance to specify the exact risks
> we're trying to address with this standard. It would be extremely useful
> for us to finally enumerate the problems we're trying to solve so that
> we can zero in on the appropriate solutions. Thanks!

I am sorry David, but we're dealing here with fundamental human rights.
To take a horrible historical analogy: there was much resistance against
abolition of slavery in the Southern US states for economic reasons. The
mere fact that a billion dollar industry has sprung up around what is
essentially stalking internet usage to the point that Orwell comes
across as an optimist does not put a burden of proof on the side of
those who advocate for privacy and freedom of expression to provide
exact numbers. Dan was talking about giving examples, not about 'exact
risks'.

Do not forget that a lack of privacy also erodes freedom of expression
by putting barriers to access information.

To give an example of a risk we're talking about is the prevalence of
'like' buttons on pages, including those of newssites. That allows
Facebook to compile a list of all news articles a Facebook user reads. I
think a society in which entities not only know which newspapers you
read, but also which articles and are even capable of measuring how much
time you've spent on each of them, is post-Orwellian.

This also brings me back why I don't think an exception for third-party
trackers that also happen to be first-party trackers is in place.

It should be mentioned there is a business interest in behavioural
advertising. And that interest is even perfectly legitimate under sound
consent conditions. I think this discussion is essential fruitless
because it is based on a fundamental wrong assumption: that there is a
legitimate business interest in processing data for which users have
given an express opt-out signal. At the core we all (at least I hope)
want a nimble standard to provides a mechanism for expressing consent or
lack thereof.

Regards,

 Walter
Received on Wednesday, 24 October 2012 10:27:42 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:36 UTC