- From: Rigo Wenning <rigo@w3.org>
- Date: Sun, 16 Sep 2012 22:46:02 +0200
- To: public-tracking@w3.org
- Cc: David Singer <singer@apple.com>, Ed Felten <ed@felten.com>, David Wainberg <david@networkadvertising.org>
On Thursday 13 September 2012 12:26:15 David Singer wrote: > On Sep 12, 2012, at 6:58 , Ed Felten <ed@felten.com> wrote: > > What I'm trying to get at is what statement the user is thought > > to be making by sending DNT:0 rather than sending nothing. > As I see it, DNT:0 means We say DNT should represent an expression of the user's preference. DNT:1 means "please respect the compliance document and tell me DNT:unset means "I have no clue or I do not care or I'm not configured yet" DNT:0 means "I see you want to track me and that is ok" (within the boundaries of my local law". In the absence of all local data protection/privacy law, unset and DNT:0 are equivalent. But if you hit a sectorial privacy law in the US or if you want to track in the EU (above the Radar), then you need an affirmative user expression that you can record. Whether the TPE or the Compliance Spec will be sufficient for EU law is a thing I had the assumption, we are working on. And as I understood Rob, we may issue a Working Group Note that explains what we believe must be done in addition to DNT implementation to express consent. I think it would be good to have that in a separate document. But on the other hand, if we tear down the foundation of the expression and communication of consent by removing DNT:0 we can just forget about all this and tell the EU folks to move on and forget about DNT. The banners about cookies on UK sites are nice, aren't they? This is what you get if DNT:0 fails. Best, Rigo
Received on Sunday, 16 September 2012 20:46:26 UTC