RE: Issue 24 - Consensus

Walter,

Thank you for sharing your perspective.  The working group initially agreed to focus our compliance efforts specific to the DNT:1 signal.  I understand the desire to expand the scope even further but I'm hopeful the group will continue to tackle one issue at a time and not attempt to solve all privacy issues within this single forum.

- Shane 

-----Original Message-----
From: Walter van Holst [mailto:walter.van.holst@xs4all.nl] 
Sent: Thursday, October 24, 2013 1:26 PM
To: public-tracking@w3.org
Subject: Re: Issue 24 - Consensus

On 24/10/2013 22:02, Shane M Wiley wrote:
> Walter,
> 
> We're attempting to build a document that says "this is what you do 
> when DNT:1" - not a document on how to manage all privacy issues 
> everywhere.  That perspective continues to slow down the progress of 
> the group.

Shane,

We're trying to build two documents:

- one that specifies how a UA should express a tracking preference and how a HTTP-server may respond to it (AKA the TPE)
- one that specifies how a party that claims to be DNT compliant should behave in order to validly do so (AKA the Compliance Specification)

Nowhere does our charter mention that group should only concern itself with the consequences of a DNT:1 signal.

The groupd may decide that outside a DNT:1 signal there is nothing to comply to, but I don't think we have reached consensus on that since we're not even sure whether we will have a Compliance Spec at all.

My take would be that, if we are going to have a Compliance Spec, that in order to be able to claim DNT-compliance one should restrict data gathering regardless of any DNT signal received, but that those restrictions may vary depending on the type of DNT signal received, if any. I am willing to entertain the notion that these restrictions may vary across a multitude of Compliance Specs as well.

Regards,

 Walter

Received on Thursday, 24 October 2013 20:31:29 UTC