RE: Status of First-Party Sets

Google have bound<https://assets.publishing.service.gov.uk/media/62052c6a8fa8f510a204374a/100222_Appendix_1A_Google_s_final_commitments.pdf> themselves to work to GDPR globally. As far as Google and their employees are concerned when it comes to privacy GDPR provides the sole definition. Anything else is irrelevant until 2028.

“Applicable Data Protection Legislation” means all applicable data protection and privacy legislation in force in the UK, including the Data Protection Act 2018, the UK General Data Protection Regulation (and regulations made thereunder) and the Privacy and Electronic Communications (EC Directive) Regulations 2003

That means dropping first and third party terminology and justifications.

Standards and their development also need to be competitively neutral and aligned to laws.

From: Daniel Veditz <dveditz@mozilla.com>
Sent: 07 June 2022 04:30
To: James Rosewell <james@51degrees.com>
Cc: public-privacycg@w3.org
Subject: Re: Status of First-Party Sets

On Sat, Jun 4, 2022 at 12:52 AM James Rosewell <james@51degrees.com<mailto:james@51degrees.com>> wrote:
Only data controllers and processors matter under GDPR.

The GDPR protects only a minority of the people who use the web. Standards have to describe technical solutions that will work for everyone else, too.


This email and any attachments are confidential and may also be privileged. If you are not the named recipient, please notify the sender immediately and do not disclose, use, store or copy the information contained herein. This is an email from 51Degrees.mobi Limited, Davidson House, Forbury Square, Reading, RG1 3EU. T: +44 118 328 7152; E: info@51degrees.com; 51Degrees.mobi Limited t/as 51Degrees.