- From: David Singer <singer@mac.com>
- Date: Wed, 31 Aug 2016 09:14:25 -0700
- To: "Matthias Schunter (Intel Corporation)" <mts-std@schunter.org>
- Cc: Alexandra Lacourba <alex@w3.org>, "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>, Jeff Jaffe <jeff@w3.org>
Minor edits suggested: > On Aug 30, 2016, at 23:43 , Matthias Schunter (Intel Corporation) <mts-std@schunter.org> wrote: > > Hi Alexandra, > > enclosed is the email that I would like to distribute to the EU > membership. Drop me a line if I need to send it myself to some > distribution address. > > Regards, > matthias > > > ------------------------------- > > Subject: TPAC Session: Privacy compliance in the EU using W3C Tracking > Protection (TPAC early registration ends Sept 02) > > > > Dear W3C Members in Europe, > > > we believe that the emerging EU privacy regulations will impact cookie > handling and web tracking. I would prefer not to judge that they ‘will’, can we say ‘may’? We believe that emerging EU privacy regulations may relate to our specifications, notably in cookie handling and web tracking. > The W3C Tracking Protection Working group (TPWG > https://www.w3.org/2011/tracking-protection/) has > completed two W3C > Candidate Recommendations: > 1. "Tracking Preference Expression (TPE)" allows users to express > preferences whether to constrain or allow web-tracking and defines > how web-sites should respond (https://www.w3.org/TR/tracking-dnt/) > 2. "Tracking Compliance and Scope (TCS)" provides guidance > for web-sites on how to respect these preferences > (https://www.w3.org/TR/tracking-compliance/). > We believe that these W3C recommendations can simplify compliance in the EU. > > > We invite you to join our breakout session at TPAC on Wednesday on > September 21 in Lisbon! Please register at > https://www.w3.org/2016/09/TPAC/ > (early registration ends September 02!). > > > The benefits we offer to W3C members in this session are: > 1. Learn how to implement the Tracking Protection recommendations. > 2. Share implementation experiences and ask questions > 3. Learn about and discuss (emerging) EU privacy regulations > 2. Provide feedback on the draft recommendations > 4. Discuss with us the future of the working group > > > Planned Agenda Items: > - Tutorial on EU Privacy Regulations (by Rob van Eijk; Technologist > at the Dutch Privacy Authority) > - Tutorial: On Implementing TPWG (by Mike O'Neil, Baycloud Systems) > - Discussion: Implementers Forum > - Discussion: Feedback and Way Forward for TPWG > > If you need any additional information, want to provide feedback, you > can email me at mts-std@schunter.org > > > > Regards, > Matthias Schunter, Intel Corp. (TPWG co-chair) > on behalf of the W3C Tracking Protection Working Group > > > > --- FYI Appendix: Background on EU Regulations by Rob van Eijk --- > > (1) The European Data Protection Supervisor reviewing the ePrivacy > Directive specifically refers (p. 16) to Do Not Track, and says > "Adherence to accepted technical and policy compliance standards by all > parties concerned, including the operators of the website, should become > obligatory" > > https://secure.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consultation/Opinions/2016/16-07-22_Opinion_ePrivacy_EN.pdf > > (2) The Article 29 Working Party issues its opinion with regards to the > ePrivacy review as well [1]. > > On DNT is says (p.17): > http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2016/wp240_en.pdf > > "The Working Party calls on the EC to pay special attention to the > position of news media, since they seem to be the heaviest users of > tracking cookies and cookie walls 18 . There is a clear democratic need > to ensure the economic survival of news media. However the EC should not > accept that news media impose invasive tracking of users. When consent > is the applicable legal basis, users must be provided with truly easy > (user friendly) means to provide and revoke consent. The Working Party > recommends rephrasing the requirements in the current Recital 66 of > Directive 2009/136/EC. Instead of relying on website operators to obtain > consent on behalf of third parties (such as advertising and social > networks), manufacturers of browsers and other software or operating > systems should be encouraged to develop, implement and ensure effective > user empowerment, by offering control tools within the browser (or other > software or operating system) such as Do Not Track (DNT), or other > technical means that allow users to easily express and withdraw their > specific consent, in accordance with Article 7 of the GDPR. Such tools > can be offered to the user at the initial set-up with privacy-friendly > default settings. Adherence to accepted technical and policy compliance > standards must become a common practice. In addition, website operators > should respect and adhere to browser control tools or other user > preference settings." > > (3) The GDPR Regulation (EU) 2016/679 is here: > http://eur-lex.europa.eu/legal-content/NL/TXT/?uri=CELEX%3A32016R0679 > > Article 21, Right to object, 21(5). "In the context of the use of > information society services, and notwithstanding Directive 2002/58/EC, > the data subject may exercise his or her right to object by automated > means using technical specifications." > > (4) The e-Privacy Directive is currently under review. The European > Commission's website about the consultation contains a background > Section that may read as a primer on this topic. > https://ec.europa.eu/digital-single-market/en/news/eprivacy-directive-commission-launches-public-consultation-kick-start-review. > > Dave Singer singer@mac.com
Received on Wednesday, 31 August 2016 16:14:56 UTC