- From: CVS User rfieldin <cvsmail@w3.org>
- Date: Fri, 20 Mar 2015 13:46:12 +0000
- To: public-tracking-commit@w3.org
Update of /w3ccvs/WWW/2011/tracking-protection/drafts
In directory gil:/tmp/cvs-serv13928/drafts
Modified Files:
tracking-dnt.html
Log Message:
Remove section on transitive exceptions since it adds nothing to the protocol, but rather states a set of requirements on compliance regarding transferred consent. This section is expected to be picked up by TCS
--- /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-dnt.html 2015/03/20 13:37:36 1.280
+++ /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-dnt.html 2015/03/20 13:46:12 1.281
@@ -2033,59 +2033,6 @@
</section>
- <section id="transitive-exceptions">
- <h2>Transfer of an exception to another third party</h2>
- <p>A site may request an exception for one or more third party services used in
- conjunction with its own offer. Those third party services may wish to use
- other third parties to complete the request in a chain of interactions. The
- first party will not necessarily know in advance whether a known third party
- will use some other third parties.</p>
-
- <p>If a user agent sends a tracking exception to a given combination of origin
- server and a named third party, the user agent will send <code><a>DNT:0</a></code> to that named
- third party. By receiving the <code><a>DNT:0</a></code> preference, the named third party acquires
- the permission to track the user agent and collect the data and process it
- in any way allowed by the legal system it is operating in.</p>
-
- <p>Furthermore, the named third party receiving the <code><a>DNT:0</a></code> header acquires at
- least the right to collect data and process it for the given interaction and
- any other use unless it receives a <code><a>DNT:1</a></code> from that particular
- identified user agent.</p>
-
- <p>The named third party is also allowed to transmit the collected data for
- uses related to <strong>this</strong> interaction to its own
- sub-services and sub-sub-services (transitive permission).
- The tracking permission request triggered
- by the origin server is thus granted to the named third party and its
- sub-services. This is even true for sub-services that would normally receive a
- <code><a>DNT:1</a></code> web-wide preference from the user agent if the user agent
- interacted with this service directly.</p>
-
- <p>For advertisement networks this typically would mean that the collection and
- auction system chain can use the data for that interaction and combine it
- with existing profiles and data. The sub-services to the named third party
- do not acquire an independent right to process the data for independent
- secondary uses unless they, themselves, receive a <code><a>DNT:0</a></code>
- preference from the user agent (as a result of their own request or the request of
- a first-party). In our example of advertisement networks that
- means the sub-services can use existing profiles in combination with the
- data received, but they can not store the received information into a
- profile until they have received a <code><a>DNT:0</a></code> of their own. </p>
-
- <p>A named third party
- acquiring an exception with this mechanism MUST make sure that sub-services
- it uses acknowledge this constraint by requiring the use of the appropriate
- tracking status <a href="#tracking-status-value">value</a> of 'C' (consent),
- and an appropriate qualifier defined by the compliance regime(s) that
- they operate under that indicates this transfer; the
- <a href="#dfn-qualifiers">qualifier</a> "t" (transferred) is suggested.</p>
-
- <p>The permission acquired by the DNT mechanism does not override retention
- limitations found in the legal system the content provider or the named
- third party are operating in.</p>
-
- </section>
-
<section id="exceptions-ui" class="informative">
<h2>User interface guidelines</h2>
Received on Friday, 20 March 2015 13:46:13 UTC