- From: Nick Doty via cvs-syncmail <cvsmail@w3.org>
- Date: Tue, 28 Aug 2012 21:01:10 +0000
- To: public-tracking-commit@w3.org
Update of /w3ccvs/WWW/2011/tracking-protection/drafts In directory hutz:/tmp/cvs-serv28369 Modified Files: tracking-compliance.html Log Message: re-adding justin's changes, inadvertently overwritten by heather Index: tracking-compliance.html =================================================================== RCS file: /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-compliance.html,v retrieving revision 1.69 retrieving revision 1.70 diff -u -d -r1.69 -r1.70 --- tracking-compliance.html 28 Aug 2012 20:10:44 -0000 1.69 +++ tracking-compliance.html 28 Aug 2012 21:01:08 -0000 1.70 @@ -806,6 +806,27 @@ <p>Outside of Security and Frequency Capping, data retained for Permitted Uses MUST NOT be used to alter a specific user's online experience based on multi-site activity.</p> </section> +<section id="no-persistent-identifiers"> +<h5>No Persistent Identifiers</h5> + +<p class="option">A third party may only collect, use, and retain for permitted uses +information that a user agent necessarily shares with a web server when it communicates +with the web server (e.g. IP address and User-Agent), and the URL of the top-level page, +communicated via a Referer header or other means, unless the URL contains information +that is not unlinkable (e.g. a username or user ID).</br></br>A third party may not +collect, use, or retain information that a web server could cause to not be sent but +still be able to communicate with the user agent (e.g. a cookie or a Request-URI +parameter generated by the user agent), except the URL of the top-level page, or any data +added by a network intermediary that the operator of a web server has actual knowledge of +(e.g. a unique device identifier HTTP header).</p> +<p class="note">The EFF/Mozilla/Stanford proposal is heavily dependent upon a requirement +that permitted use data is not correlated to a unique cookie or other persistent +identifier. This issue remains one of the biggest areas of dispute in the working group, +as the industry proposal allows for the use of cookies and other unique identifiers by +third parties despite a DNT:1 instruction.</p> +</section> + + <!-- <p class="issue" data-number="24" title="Possible permitted use for fraud detection and defense"></p> <p class="issue" data-number="25" title="Possible permitted use for research purposes"></p>
Received on Tuesday, 28 August 2012 21:01:11 UTC