- From: jdelhommeau via GitHub <sysbot+gh@w3.org>
- Date: Thu, 10 Feb 2022 15:54:34 +0000
- To: public-patcg@w3.org
I am not sure if some of your notes above are addressed to my previous comment @alextcone, but wanted to clarify my position so it is not mis-interpreted. I am not saying that status quo is good. I believe that there can definitely be an improvement for user's privacy over the web using some of the enhanced privacy technics that have been discussed during the call yesterday. However, my only points is that we shouldn't assume that those new techniques will allow us to bypass the existing laws. So we need to make sure that whatever we come up with can work with the current framework of the law. While I wouldn't risk myself into making broad assumption about GDPR / ePrivacy interpretation, I believe it is fine to assume that device access requires consent under ePrivacy and personal data processing requires a legal base (likely consent or legitimate interest in our position). So unless we have reason to believe 100% that none of the solution we will come up with will require device access, or that legitimate interest will perfectly satisfy any PD processing, starting with the assumption that we can have an opt-in by default with possibility to opt-out likely means those solutions will not be available for EMEA market. At least in the current state of the law. -- GitHub Notification of comment by jdelhommeau Please view or discuss this issue at https://github.com/patcg/proposals/issues/5#issuecomment-1035086341 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 10 February 2022 15:54:37 UTC