W3C home > Mailing lists > Public > public-tracking@w3.org > October 2011

Re: Propose to drop from the strawman: requirement for privacy policy disclosure

From: John Simpson <john@consumerwatchdog.org>
Date: Tue, 25 Oct 2011 17:32:20 -0700
Message-Id: <7136532B-E1EB-4F96-B086-88CD7799A73D@consumerwatchdog.org>
Cc: public-tracking@w3.org
To: Justin Brookman <justin@cdt.org>
I agree with Justin.

On Oct 25, 2011, at 2:50 PM, Justin Brookman wrote:

> A lot of this effort is dedicated to verifiability --- isn't that why we've spent so much time discussing the sending of compliance headers?  Having an accountable statement of compliance is another effort at that.  I suppose you could make an argument that it should be in the technical spec instead of the compliance spec (though I would disagree), but especially if third-party header responses are deemed optional or a Bad Idea, the spec needs to lay out how to communicate to consumers that the header is being respected.  If the header just flies into the blue with no standardized way to disclose compliance, this process seems destined to fail; if nothing else, privacy policy disclosure should be considered as an alternative to automated header responses.
> Justin Brookman
> Director, Consumer Privacy Project
> Center for Democracy & Technology
> 1634 I Street NW, Suite 1100
> Washington, DC 20006
> tel 202.407.8812
> fax 202.637.0969
> justin@cdt.org
> http://www.cdt.org
> @CenDemTech
> @JustinBrookman
> 
> On 10/25/2011 5:16 PM, David Wainberg wrote:
>> 
>> Section 6.4 of the Compliance and Scope document states, "In order to be compliant with this specification, an operator of a third-party domain must clearly and unambiguously assert in the privacy policy governing that domain that it is in compliance with this specification." Such a requirement is out of scope of this standard and should not be included in the strawman. While it may be in scope to create tools that facilitate auditing and enforcement by other entities, it is not the role of this technical standard to impose legal requirements for compliance. Any such requirements will come from entities with relevant authority, e.g. Congress or the FTC in the US.

----------
John M. Simpson
Consumer Advocate
Consumer Watchdog
1750 Ocean Park Blvd. ,Suite 200
Santa Monica, CA,90405
Tel: 310-392-7041
Cell: 310-292-1902
www.ConsumerWatchdog.org
john@consumerwatchdog.org
Received on Wednesday, 26 October 2011 14:12:46 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:44:41 UTC