- From: John Simpson <john@consumerwatchdog.org>
- Date: Wed, 1 Feb 2012 12:39:38 -0800
- To: Justin Brookman <justin@cdt.org>
- Cc: public-tracking@w3.org
- Message-Id: <76502B0F-A4DB-4D40-9E48-2CAFCB04C659@consumerwatchdog.org>
This is is different than saying that the standard does not attempt to override applicable laws. Justin's language is aimed at telling the user that a party has been legally required to gather data despite DNT 1. I like it and would be inclined to make it a "must." On Jan 31, 2012, at 1:01 PM, Justin Brookman wrote: > Revising Jonathan's text based on this string: > > A party MAY take action contrary to the requirements of this standard if compelled by applicable law. If compelled by applicable law to collect, retain, or transmit data despite receiving a DNT:1 signal for which there is no exception or exemption, the party SHOULD notify affected users to the extent practical and allowed by law. > > I suggest "applicable law" instead of "mandatory legal process" both to accommodate David's concern about using contract to compel and because a statute could mandate the retention of IP logs (for example) without serving a subpoena or court order (which is what "process" means to me). Feel free to revise the terms "exception or exemption" --- I was trying to convey the two scenarios of > (1) operational data collection/use/retention is allowed even if DNT is on and/or > (2) the user has given permission to a company to track, > but I haven't gotten all the way through the ponderous thread on the meanings of exception/exemption. > > I also don't think a requirement to tell users when DNT is being ignored because of government action is at all out of scope. I'm suggesting SHOULD as a placeholder but think a MUST is worth a discussion. However, it's relevant to note that we don't require (or even offer SHOULD guidance) that companies inform users about operational collection/usage/retention (exceptions???) that is allowed despite the DNT header. > Justin Brookman > Director, Consumer Privacy Project > Center for Democracy & Technology > 1634 I Street NW, Suite 1100 > Washington, DC 20006 > tel 202.407.8812 > fax 202.637.0969 > justin@cdt.org > http://www.cdt.org > @CenDemTech > @JustinBrookman > > On 1/31/2012 2:40 PM, Shane Wiley wrote: >> >> If the concern is that a party can somehow contract their way out of DNT compliance (versus other types of legal/government obligations) then I’m fine with calling that out more directly. >> >> - Shane >> >> From: David Singer [mailto:singer@apple.com] >> Sent: Tuesday, January 31, 2012 12:36 PM >> To: Shane Wiley >> Cc: John Simpson; Amy Colando (LCA); Joanne Furtsch; MeMe Rasmussen; Tom Lowenthal; Jonathan Mayer; public-tracking@w3.org >> Subject: Re: Mandatory Legal Process (ACTION-57, ISSUE-28) >> >> >> On Jan 31, 2012, at 19:22 , Shane Wiley wrote: >> >> >> Agreed – NO text seems like the appropriate path (in agreement with Amy and John). >> >> well, the rationale was way back at the end of the thread. it's two-fold: >> >> a) you can send DNT, but don't forget that tracking may still happen if legally required - there is a 'legislation exception' >> b) a notification of a 'legislation exception taken' will be signaled if legally possible, but under some laws, notification itself is not allowed. >> >> we can also explain that having a *contract* that 'forces' you to track is not a valid exception... >> >> David Singer >> Multimedia and Software Standards, Apple Inc. >> ---------- John M. Simpson Consumer Advocate Consumer Watchdog 1750 Ocean Park Blvd. ,Suite 200 Santa Monica, CA,90405 Tel: 310-392-7041 Cell: 310-292-1902 www.ConsumerWatchdog.org john@consumerwatchdog.org
Received on Wednesday, 1 February 2012 20:40:07 UTC