- From: Joseph Lorenzo Hall <joe@cdt.org>
- Date: Thu, 8 Oct 2015 09:50:37 -0400
- To: "Lukasz Olejnik (W3C)" <lukasz.w3c@gmail.com>
- Cc: public-tracking-comments@w3.org, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
On Tue, Oct 6, 2015 at 5:08 PM, Lukasz Olejnik (W3C) <lukasz.w3c@gmail.com> wrote: >> >> There is a pretty big divide between US and EU models for consent and >> legal theories... Frederik Z-B and Aleecia MacDonald just presented a >> net paper at TPRC entitled "Do Not Track for Europe" that nicely >> outlines the pretty stark differences that the DNT standard would need >> to support to be usable in the EU: >> http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2588086 > > > Interesting. So instead of forking DNT one might be interested in making > sure all is set. The understanding and reasoning is that in order for the > DNT standard/tracking compliance be enforced and honored in practice, at > some point it will be necessary to engage regulatory bodies? Absolutely... I don't think anyone ever envisioned DNT as a technical enforcement mechanism (there was a similar line of work chartered for the WG that would have created Tracking Protection Lists, but I don't think that got very far despite MSFT IE implementing their idea about it in some flavor of IE). In the US, the State of California has a law on the books that requires internet companies that do business with california residents to state in their privacy policy what they do upon receipt of a DNT signal. If a company were to follow that law and put a statement in their privacy policy and if they were subsequently found to be doing something substantially different from what they state in their privacy policy, that could be a deceptive business practice that our Federal Trade Commission could investigate and enforce against. I'll stop here because I could have misunderstood your question and I may be in the weeds. best, Joe -- Joseph Lorenzo Hall Chief Technologist Center for Democracy & Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 joe@cdt.org PGP: https://josephhall.org/gpg-key fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871
Received on Thursday, 8 October 2015 13:51:35 UTC