- From: Shane Wiley <wileys@yahoo-inc.com>
- Date: Wed, 24 Oct 2012 13:07:41 -0700
- To: "Mike O'Neill" <michael.oneill@baycloud.com>, "'David Singer'" <singer@apple.com>
- CC: "public-privacy@w3.org" <public-privacy@w3.org>
Mike, Your assertion that EU law requires opt-in and that consent cannot be implied is incorrect and varies greatly by the ePrivacy Directive transposition details of each country. - Shane -----Original Message----- From: Mike O'Neill [mailto:michael.oneill@baycloud.com] Sent: Wednesday, October 24, 2012 12:54 PM To: 'David Singer' Cc: public-privacy@w3.org Subject: RE: TPAC breakout session - Is user agent Fingerprinting a lost cause? And a consent service can persist the state with a cookie in its own domain (which it gets user consent for). This works well in Europe because the law requires opt-in (consent cannot be implied). We still need DNT for 3rd party, which it is only good for anyway as things stand. Mike -----Original Message----- From: David Singer [mailto:singer@apple.com] Sent: 24 October 2012 19:12 To: JC Cannon Cc: public-privacy@w3.org Subject: Re: TPAC breakout session - Is user agent Fingerprinting a lost cause? On Oct 24, 2012, at 11:08 , JC Cannon <jccannon@microsoft.com> wrote: > If the user blocks cookies and is not logged into a service then how would a website be able to persist a user's consent? In a world where consent is sought and respected, why would the user block cookies? > > JC > > -----Original Message----- > From: David Singer [mailto:singer@apple.com] > Sent: Wednesday, October 24, 2012 11:01 AM > To: public-privacy@w3.org > Subject: Re: TPAC breakout session - Is user agent Fingerprinting a lost cause? > > I would like to think that fingerprinting is un-needed. One of the reasons I like the DNT approach is that it is, ideally, consensus-based on both sides. The alternative is the mutually hostile measure-counter-measure, at the end of which, no-one wins. > > Examples: > * if we block cookies, the sites find other ways to 'tag' us -- like fingerprints. So then we try to reduce the fingerprint surface. And so on. > * if we block 'known trackers', probably by host address, then the sites would probably start cycling their DNS, or masquerading under the name of a legitimate non-tracking entity (e.g. the first party), and so on. > > If a site wants to 'tag' me, I want it consensual and evident; cookies are much more evident than a fingerprint I cannot see. > > So, reacting to the thread title: what was the 'cause' that fingerprint was on, that might now be 'lost'? > > David Singer > Multimedia and Software Standards, Apple Inc. > > David Singer Multimedia and Software Standards, Apple Inc.
Received on Wednesday, 24 October 2012 20:19:56 UTC