- From: Vinay Goel <vigoel@adobe.com>
- Date: Wed, 6 Mar 2013 06:57:36 -0800
- To: Rigo Wenning <rigo@w3.org>
- CC: David Wainberg <david@networkadvertising.org>, Haakon Bratsberg <haakonfb@opera.com>, "public-tracking-international@w3.org" <public-tracking-international@w3.org>
Hi Rigo, I don't think your statement "So everybody has to behave like a 3rd party in DNT" is how it will play out. I don't expect most global companies to modify its web servers, analytics practices, and onsite optimization services so that it will treat itself as a first party on www.company.com, www.company.ch, etc., but treat itself as a third party on www.company.uk. It will not be easy for a company to programmatically treat itself as a 3rd party for its EU websites; especially when the site is www.company.com/uk. For global companies that set global policies and need consistent systems/approaches/privacy policies across the globe, I expect them to treat the DNT signal the same regardless of market; and those global companies will do whatever they need to do outside of DNT for legal compliance. I can't speak for other global companies, but I can speak for how Adobe is considering its global compliance obligations. I still think a fair discussion at the Global Considerations workshop is how companies actually plan to implement this globally. -Vinay On Mar 5, 2013, at 10:04 AM, Rigo Wenning <rigo@w3.org> wrote: > Vinay, > > > On Tuesday 05 March 2013 08:46:53 Vinay Goel wrote: >> Perhaps I'm missing something here, but unless we change what a >> website can no longer do when it receives DNT:1 (ie. first party >> analytics and/or first party customization), isn't DNT only part of >> the solution to handle the restrictions of the ePrivacy Directive? > > One of the things that is already clear is that the 1st party/ 3rd party > distinction doesn't work for Europe. So everybody has to behave like a > 3rd party in DNT > >> I >> don't understand how DNT removes the entire need for websites to do >> window shades/other consent mechanisms for the use of cookies. > > This works via the Whereas 66 in the ePrivacy Directive: > Where it is technically possible and effective, in accordance with the > relevant provisions of Directive 95/46/EC, the user’s consent to > processing may be expressed by using the appropriate settings of a > browser or other application. > > Window shades are soooo ugly. We can get rid of them. > >> I >> think we should discuss in the Berlin workshop what compliance looks >> like for websites; and whether DNT is enough to comply with the >> ePrivacy Directive. > > That's the plan. The plan is to have DNT:1 as an implementation guide > for conformance and DNT:0 as a way to open up and do > business/personalization etc. >> >> Am I missing an interpretation/analysis that DNT (as currently drafted >> to not restrict 1st party analytics/customization) could equal >> compliance with the ePrivacy directive? > > again, 3rd party cross-site only comes from a requirement from the FTC > that isn't viable in Europe. Once you remove that distinction, > everything works fine so far IMHO. This is one of the things to discuss. > > --Rigo
Received on Wednesday, 6 March 2013 14:58:26 UTC