- From: Chappelle, Kasey, VF-Group <Kasey.Chappelle@vodafone.com>
- Date: Wed, 20 Oct 2010 11:13:50 +0200
- To: "Rigo Wenning" <rigo@w3.org>, "David Singer" <singer@apple.com>
- Cc: "Mark Lizar" <mark@smartspecies.com>, <public-privacy@w3.org>
Nothing in the laws/regulations we have prescribe a particular form of notice, and I think that's the right approach from a legal perspective. There's nothing in the law keeping us from innovating here. On the other hand, the existing regulatory frameworks create misaligned incentives - it's what's led to heavy privacy notices and burdensome SAR processes. Legalistic privacy notices and customer-support based SARs are cheap and legally proven to be sufficient. Companies won't splash out with heavy investment in alternative (and legally unproven) compliance systems without some kind on external pressure. But if someone can show that it works, and provides the resources so that companies can cheaply and easily implement, I don't doubt that they will. I think standards bodies and industry organizations have an important role to play here, and I'd rather work towards better notice in that context than push for regulation. -----Original Message----- From: public-privacy-request@w3.org [mailto:public-privacy-request@w3.org] On Behalf Of Rigo Wenning Sent: 19 October 2010 23:48 To: David Singer Cc: Mark Lizar; public-privacy@w3.org Subject: Re: Evolving Notice and Consensus for W3 to consider OECD Input David, trouble is: If we keep out, we have to swallow whatever people bake out that are considerably less technically savvy than people I've seen so far discussing here. Hands off will just bring you unrealistic expectations from the regulators transformed into unusable laws. The OECD Guidelines are a beacon in the privacy sphere. All the principle that you're regularly smacked with come from there: data minimization, finality etc. The EU Directive is an implementation of the OECD Guidelines. But in 1980, they weren't not really able to predict the development of the Internet. So there needs to be some renovation. So it might be nice to engage in the rather high level discussions and figure out, which of the high level requirements causes the most pain for implementations of web apps, device apis and the like... This will allow us to set expectations of what is achievable and not end up with a set of rules that is unrealistic, tortures technologists and doesn't really help consumers. Maybe think about it again. But I can understand your reluctance... Best, Rigo On Tuesday 19 October 2010 23:28:50 David Singer wrote: > I think your thoughts are good, but I also think that the W3C's mind is a > long way from being clear enough to make recommendations to governmental > or other powerful bodies. And I think 'advocating regulation' to these is > dangerous. One never knows what will, in fact, emerge from a political > process.
Received on Wednesday, 20 October 2010 09:15:07 UTC