Re: [TCS] comments on 17 Feb 2015 editors draft

Roy, thanks

two comments, one minor, one less so.

>> 
>> 
>>      3.3.1.1  No Secondary Uses
>> 
>>   A party MUST NOT use data collected for permitted uses for purposes other
>>   than the permitted uses for which each datum was permitted to be
>>   collected.
> 
> Yikes.  How about:
> 
>   A party MUST NOT use data collected for permitted uses for purposes
>   other than those permitted uses.

A party MUST NOT use data that was collected for a permitted use, for any purpose other than the permitted use.

(minor, I think it’s better in the singular.)

 
>> 
>> 7. Legal Compliance
>> 
>>   Notwithstanding anything in this recommendation, a party MAY collect, use,
>>   and share data required to comply with applicable laws, regulations, and
>>   judicial processes.
> 
> I still think this section is silly, but *shrug* ... Normally, I would
> expect such a party to be non-compliant due to powers that be, rather
> than compliant by escape clause.
> 

I totally agree. I think the server should indicate “I cannot comply because of a law, regulation, or judicial process”.  (Now, the legal compulsion may also say that they have to lie to users and claim that they are complying, but I see no reason why we should bless such deception.)

David Singer
Manager, Software Standards, Apple Inc.

Received on Wednesday, 4 March 2015 17:18:26 UTC