- From: Shane Wiley <wileys@yahoo-inc.com>
- Date: Wed, 25 Jan 2012 10:28:55 -0800
- To: Jonathan Mayer <jmayer@stanford.edu>
- CC: Tom Lowenthal <tom@mozilla.com>, David Singer <singer@apple.com>, "public-tracking@w3.org" <public-tracking@w3.org>
Jonathan, I don't believe it's appropriate to state if you want to be DNT compliant you now need to sign-up for legal disclosures that have NOTHING to do with DNT. I believe this is an overreach to provide generally greater privacy protections for consumers in general - but outside of the scope of DNT. While I generally agree with the sentiment, this is not the right location for it. - Shane -----Original Message----- From: Jonathan Mayer [mailto:jmayer@stanford.edu] Sent: Wednesday, January 25, 2012 7:22 PM To: Shane Wiley Cc: Tom Lowenthal; David Singer; public-tracking@w3.org Subject: Re: Mandatory Legal Process (ACTION-57, ISSUE-28) The text I've proposed addresses web information practices for DNT users. By all means argue why organizations shouldn't inform their users of compelled disclosure, but I think this text is unambiguously within the working group's scope. On Jan 25, 2012, at 7:15 PM, Shane Wiley wrote: > I believe attempts to "add on" to the party responsibilities within legal process "outside of the DNT standard" is outside of scope of the working group. Instead I would suggest the preamble of each document simply state "this standard is not intended to override local, state, or country law." > > - Shane > > -----Original Message----- > From: Tom Lowenthal [mailto:tom@mozilla.com] > Sent: Wednesday, January 25, 2012 7:11 PM > To: David Singer; public-tracking@w3.org > Subject: Re: Mandatory Legal Process (ACTION-57, ISSUE-28) > > I don't think we need anything apart from Jonathan's text. I'd argue that for process applied to data collected in a third party capacity, notification is a must; for first party data, a should; and for any breach where you must notify some users, you must notify all users. > > On Wed 25 Jan 2012 06:43:06 PM CET, David Singer wrote: >> >> On Jan 25, 2012, at 16:12 , Jonathan Mayer wrote: >> >>> Proposed text: >>> >>> A party MAY take action contrary to the requirements of this standard if compelled by mandatory legal process. To the extent allowed by law, the party MUST (SHOULD? MAY? non-normative?) notify affected users. >> >> which means we need a 'legal exception'? >> >> >> >> David Singer >> Multimedia and Software Standards, Apple Inc. >> >> >
Received on Wednesday, 25 January 2012 18:29:54 UTC