Re: Geolocation compliance (ACTION-165)

Hi Ian, 

do you see an issue if we only talk about postal code? Is there another 
measure instead? I think we should tell the geolocation folks to also look 
at our specification if DNT can be utilized for better consent interfacing 
in case of location services. 

And I agree that we have some logical break if the geolocation wants consent 
and the DNT specification says tracking at postal code level is fine. But 
IMHO this is a tricky issue. So leaving the break where it is is an option 



On Tuesday 24 April 2012 19:36:56 Ian Fette wrote:
> Currently the definition/compliance document states "Geo-location
> information that is more granular than postal code is too granular.
> Geolocation data must not be used at any level more granular than postal
> code. Note that while the number of people living in a postal code varies
> from country to country, postal codes are extant world-wide.
> If specific consent has been granted for the use of more granular location
> data, than that consent prevails."
> There exists a browser API to gain potentially very fine-grained
> (GPS-level) location information, this has a built-in consent mechanism.
> I would propose adding into Non-Normative Discussion in the geolocation
> compliance section the following.
> "The Geolocation API [1] available in web browsers is one mechanism by
> which fine-grained location information can be requested by a website.
> This API ensures that location information is only sent with the express
> permission of the user. Use of this API would be an example of specific
> consent being granted for the use of more granular location data. A user
> explicitly typing a location into a website, such as entering an address
> in a form or selecting a location on a map, would also be an example of
> specific consent being granted."
> with the link to the API for [1] at
> -Ian

Received on Wednesday, 25 April 2012 07:31:10 UTC