- From: Alan Chapell <achapell@chapellassociates.com>
- Date: Mon, 02 Apr 2012 09:54:26 -0400
- To: Rigo Wenning <rigo@w3.org>, <public-tracking@w3.org>
- CC: Jeffrey Chester <jeff@democraticmedia.org>, Shane Wiley <wileys@yahoo-inc.com>, Jonathan Mayer <jmayer@stanford.edu>, David Singer <singer@apple.com>, John Simpson <john@consumerwatchdog.org>
HI Rigo - comments below. On 4/1/12 4:06 PM, "Rigo Wenning" <rigo@w3.org> wrote: >Alan, > >1/ we do not set standards at W3C, we issue Recommendations. Being >involved in >more traditional standardization, I know the difference between both and >I'm >happy to explain, but I assume you know this at least as much as I do. Thanks for the clarification, Rigo. You may want to direct this to Jonathan and Jeff - as they are the ones that seem to be pushing for this group to create consent standards. (Jonathan and Jeff - if there's a nuance I'm missing, please let me know.) > > >2/ We do technical specification here. And this means we define a certain >header that comes with a HTTP GET request. Now we define what the server >should do in case the server receives that header and wants to be >compliant to >the Recommendation. "Out-of-band" is creating the trouble, because it >imports >troubles from outside in our definition space and we have to decide in >how far >we accept that (see below) > >3/ Whether our factual specifications are accepted as "consent", >"meaningful >consent" or "informed consent" is not up to the Group as those >definitions are >under a different sovereignty. But what we can discuss is whether we want >to >align with requirements as defined elsewhere. We do that e.g. by trying >to get >some EU blessing with our tool so that it is really really useful for >industry >there and by inviting those others to our table. I'm not sure how aligning with a single jurisdiction's definition of consent isn't tantamount to creating a pan-world consent standard based upon that single jurisdictions laws. What works in the EU may not work elsewhere. Again - I may be missing a nuance here. > >So, to me, the consent discussion is a wrong discussion here, but has >some >merit. The problem of ISSUE-115 is that a user may not be consciously >logged >in. (see my other email). By allowing any "out-of-band" agreement to >trump >DNT, ALL other sovereign definitions will trump DNT, whatever they are. >This >will open the path back to the deep legalese that allows for all those >nice >surprises*. I like the coffee example - But the FTC and other regulators already have recourse if a business engages in these types of surprises. Do you agree? > And this is just giving in to any outside authority to invent >something that may serve as an argument to ignore the DNT signal and >STILL >claim compliance. Accordingly, we are back into reading 22 pages of >legalese >as they can tell whether the DNT signal will be ignored. And this would >even >be compliant. Again - regulators are free to take action to the extent they believe that 22 pages of legalese are unfair or deceptive based upon that jurisdictions legal framework. > This being compliant affects the value of the W3C Specification. >And W3C is the venue where we talk about W3C Specifications. That's why I >think we have a right to discuss criteria to put limitations on arbitrary >"out-of-band" agreements and when we accept that those can compliantly >top the >W3C Specification. > >This gives us a truckload of choices: > >1/ Try to really understand what Shane wants to avoid and define this to >get >the Spec closer to reality I think Shane has been pretty clear here. User consent trumps DNT. > >2/ Re-consider JC's solution to give DNT a meaning in a logged-in >scenario >(David, I disagree that this would be too subtle) > >3/ require "direct interaction" > >4/ explore the browser-maker outrage if we start telling them they should >show >us when we are logged in to something > >5/ Define the meaning of "logged in" for the compliance with the W3C >Specification > >etc ... > >If we brainstorm, there are more solutions.. > >Best, > >Rigo > >*My favorite example was that by buying a coffee maker you subscribed to >receiving a pound of coffee every week for 5 years at an outrageous >price. >(Court decision, Germany, 1957) > >On Thursday 29 March 2012 12:10:39 Alan Chapell wrote: >> I don't think the issue is regarding 'commitment' to meaningful >>consent. The >> issue is whether this is the appropriate forum to set pan-world >>standards >> for consent. Hence, I await some clarification from our co-chairs on >> process. > >
Received on Monday, 2 April 2012 13:55:44 UTC