- From: Shane Wiley <wileys@yahoo-inc.com>
- Date: Thu, 17 Nov 2011 07:22:32 -0800
- To: Karl Dubost <karld@opera.com>
- CC: John Simpson <john@consumerwatchdog.org>, Jules Polonetsky <julespol@futureofprivacy.org>, Nicholas Doty <npdoty@w3.org>, "Roy T. Fielding" <fielding@gbiv.com>, Mark Nottingham <mnot@mnot.net>, "<public-tracking@w3.org>" <public-tracking@w3.org>
Karl, This statement is an attempt to remove the concern that a 1st party, which will mostly likely not be subject to the DNT signal, does not have a backdoor opportunity to pass user data directly to a 3rd party (aka - closing a loop-hole). 3rd parties present on the 1st party's web site should honor the DNT signal directly. - Shane -----Original Message----- From: Karl Dubost [mailto:karld@opera.com] Sent: Thursday, November 17, 2011 5:40 AM To: Shane Wiley Cc: John Simpson; Jules Polonetsky; Nicholas Doty; Roy T. Fielding; Mark Nottingham; <public-tracking@w3.org> Subject: Re: "cross-site" Le 16 nov. 2011 à 23:30, Shane Wiley a écrit : > Alter statement to read "First parties must NOT share user specific data with 3rd parties for those user who send the DNT signal and have not granted a site-specific exception to the 1st party." This will leave room for sharing with Agents/Service Providers/Vendors to the 1st party -- as well as sharing aggregate and anonymous data with "others" (general reporting, for example). I guess you mean s/DNT signal/DNT:1 signal" Trying to understand what you are saying. 1. User sends DNT:1 to a website with domain name www.example.org 2. www.example.org collects data about the user (IP address and categories of pages the user visits) 3. Company Acme Hosting Inc. (a 3rd party) has access to these data NOT through the Web but through an access to the logs file. What is happening? -- Karl Dubost - http://dev.opera.com/ Developer Relations & Tools, Opera Software
Received on Thursday, 17 November 2011 15:24:18 UTC