- From: Tamir Israel <tisrael@cippic.ca>
- Date: Thu, 23 Aug 2012 20:23:58 -0400
- To: "Roy T. Fielding" <fielding@gbiv.com>
- CC: Justin Brookman <jbrookman@cdt.org>, public-tracking@w3.org
On 8/23/2012 8:19 PM, Roy T. Fielding wrote: > On Aug 23, 2012, at 4:58 PM, Tamir Israel wrote: > >> Hi Roy, >> >> On 8/23/2012 7:46 PM, Roy T. Fielding wrote: >>> To obtain explicit and informed prior consent, we have to do something >>> out of band that obtains explicit and informed consent. I don't >>> know exactly what that is, but I am sure it doesn't include giving >>> a pre-selected option in a dialog during initial installation/use >>> of an operating system default UA. >> Is this obligation (that out of band consent mechanisms must reflect explicit and informed user consent) in the TPE? > No, they are out of band mechanisms for the *purpose* of obtaining > explicit and informed prior consent. If the mechanisms don't work, > that's not our problem to solve [no implied permissions are given > just for trying]. But surely we should specify that compliance with the TPE includes ensuring out of band consent is only obtained by express means. Otherwise, since there's no obligation 'at large' to do so (at least in some jurisdictions), there's no reason to think that out of band consent will be anything of the sort. It could, in fact, be buried in a privacy policy or otherwise implied. Best, Tamir
Received on Friday, 24 August 2012 00:24:55 UTC