RE: [Issue-5][Action-78] Remember to forget me

I apologize for being offline so long. I had other work that I needed to focus on. Responses below.

JC

-----Original Message-----
From: Karl Dubost [mailto:karld@opera.com] 
Sent: Friday, February 10, 2012 12:35 PM
To: JC Cannon
Cc: Vincent Toubiana; public-tracking@w3.org
Subject: Re: [Issue-5][Action-78] Remember to forget me


Le 2 févr. 2012 à 19:44, JC Cannon a écrit :
> Are you indicating that 3rd parties must go back through raw logs or processed data to erase the referrer de-identify the entry? If the former this will near impossible for companies who collect an enormous amount of logs daily.

This is a reasonable argument, but then the other solution would be to opacify the data on the spot and/or not record them at all.
Which one is the most reasonable? 

Shutting down options without proposing new ones doesn't help the discussion.

[JC] Keeping a separate set of logs and applying a DNT retention period to that set of logs seems like a reasonable approach. However, it will take time to modify systems to support this change. De-identification is another possible approach, though we need to specify the level of de-identification that is acceptable. Unlinkability could be a good measure.


>> - A User-Agent sending DNT:1 MAY prevent the transmission of cookies and other identifiers that are sent with the request.
> If cookie suppression occurs at the client it will override exceptions that may be place for a site.


exceptions of which nature? opt-in cookies and/or opt-out cookies. 
It might be interesting to develop a solution where this is manageable by sites. STill need to think about that.





-- 
Karl Dubost - http://dev.opera.com/
Developer Relations, Opera Software

Received on Sunday, 12 February 2012 19:30:49 UTC