Re: ACTION-260: Update debugging text (add normative 'short term', 'diagnostic', expand on or replace "graduated response")

Comments and an alternate proposal included below:

On 10/17/12 3:35 AM, Nicholas Doty wrote:
>  From discussing the debugging permitted use on a September call, there were several suggestions for updated text. An updated proposal is below:
>
>> Operators MAY retain data related to a communication in a third-party context to use for identifying and repairing bugs in functionality. As described in the general requirements [reference to Minimization section], for this permitted use services MAY collect  and retain data from DNT:1 users ONLY when reasonably necessary to identify and repair errors in functionality; in some cases, graduated responses (for example, collecting more data after report of a bug) may be feasible. This permitted use is intended for short-term diagnosis and repair of third-party Web functionality, not to cover broad quality assurance measurements.

Why does this specify third-party context? Isn't that implicit in that 
it's an exception to DNT, which is targeted at data collected in a 
third-party context? If it's already described in the general 
requirements, why reference minimization here? To me, all of the text 
after the first sentence, if included at all, is more appropriate for 
non-normative text. Normative text should state a requirement simply and 
clearly.

I would propose alternate language consistent with my proposal regarding 
security:

/Parties may collect and use data in any way to the extent reasonably 
necessary for //the detection and mitigation of system bugs./ Nick
-David

Received on Wednesday, 24 October 2012 13:59:40 UTC