Re: [ISSUE-5] What is the definition of tracking?

* Aleecia M. McDonald wrote:
>Bjoern is correct that the charter is very broad. Several people agree
>with the idea that we must figure out why we are here, what we want to
>accomplish, and we should start with principles like what is privacy,
>does privacy matter and if so to whom, and so forth. While I have some
>sympathy for that view, I've pushed not to have those discussions.

I have not seen anyone arguing the Working Group should debate whether
privacy matters, but if the Working Group does not figure out what it
wants to accomplish, arguments and confusion about that will be part of
all discussions on individual issues. As I understood it, Kevin Smith
said that is indeed happening. If the Working Group would settle on a
definition of dnt-relevant tracking, without actually formulating what
it wants to accomplish more generally, the problem would likely remain,
as the tracking definition by itself will not guide discussions around,
for instance, which exemptions the Working Group should adopt, while a
formulation of the Working Group's goals would.

I note that this could be as simple as saying the goal is that when a
user only uses web sites where all components are dnt-compliant, they
can be sure they are not being tracked. As it is, we are finding out
whether that is a goal piece by piece through the tracking definition,
the defintions of all the exemptions the group is likely to consider,
and so on. Maybe that is a or the goal, maybe it's not, we don't know.

>What does "collection" mean, anyway? Are IP addresses collected even if
>they are not logged? What about Germany's laws around IP addresses? If
>we take the broad question of "collection or not?" we could spend a lot
>of energy and still not have standards language. And yet. When we had a
>phone conference, we agreed in extraordinarily short time that third
>parties receiving DNT: 1 stop data collection, unless covered by an

If the Working Group was to formulate its goals, I would expect that it
would come up that people charged with implementing dnt-compliance on
their site would like to read the compliance specification and then get
to work, without contacting philosophers or lawyers specifically for
dnt-compliance, to grasp the meaning of requirements like to "stop data
collection". You seem to be saying that is a non-goal, everyone should
or will have to figure out on their own what "collection" means. That'd
be a bit of a surprise, which is precisely why I find it important to
have properly documented goals.
Björn Höhrmann · ·
Am Badedeich 7 · Telefon: +49(0)160/4415681 ·
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · 

Received on Tuesday, 13 December 2011 01:21:52 UTC