- From: Walter van Holst <walter.van.holst@xs4all.nl>
- Date: Sun, 13 Jan 2013 20:36:49 +0100
- To: public-tracking-international@w3.org, public-tracking@w3.org
On 1/12/13 9:16 PM, Shane Wiley wrote: > Don’t you believe it’s a bit premature to integrate elements of an > unofficial version of the Data Protection Regulation into the > de-identification discussion? There is still considerable time (in > parliamentary terms) for the draft regulation to undergo significant > changes prior to voting. Dear Shane, I would concur that it is somewhat premature to discuss the fluctuating texts of the DPR right now. The long standing interpretation of the DPD by the Article 29 Working Party is that pseudonymous data is personal data. Moreover, the consensus in Europe seems to be that tracking across domains is stretching the legitimate interest as a valid ground for processing of such personal data way beyond the legislative intent for 'legitimate interest' as valid ground for processing. Lastly, the proposal by Jan Albrecht still wouldn't be a 'get out of jail free' card for what I understand (without knowing what industry practices actually are) is commonly done in the behavioural advertising world. So it still wouldn't be terribly helpful for defining DNT:0, especially since it clearly states that it can only be used within a specific context, which in case of tracking almost never is the case. Civil Society isn't too keen on introducing a third category of data at all. We firmly believe data is personal or it is anonymous. Pseudonymity tends to turn out to be personal in the not-even-so-long run. So yes, let's stick to the current legislative frameworks. The future of the DPR is too uncertain right now to take it into account too much. Regards, Walter
Received on Sunday, 13 January 2013 19:39:10 UTC