W3C home > Mailing lists > Public > public-tracking@w3.org > January 2012

Issue-5: Do Not Collect Identifiable Data

From: Ninja Marnau <nmarnau@datenschutzzentrum.de>
Date: Thu, 26 Jan 2012 14:56:05 +0100
Message-ID: <4F215B75.6020800@datenschutzzentrum.de>
To: "public-tracking@w3.org" <public-tracking@w3.org>
Issue 5

Do Not Collect Identifiable Data

I try to sum up, what we've discussed so far:

1. Collection: Third parties Must Not collect data to the extent possible.

	Don't set or collect unique identifiers (outside of exceptions or to 
answer a user-agent request).

2. Retention: Third parties must not retain any data which is 
identifiable outside
legitimate exceptions according to the DNT Compliance Document with a 
limited purpose

	Problematic are longer retention periods for identifiable data (e.g. IP 
Adresses)
	for purposes of security or litigation
	We want to address this by data segregation, purpose limitation, 
retention periods

3. Correlation: Third Parties Must Not correlate anything for the 
purpose of identifying a user


Best regards,
Ninja
-- 

Ninja Marnau
mail: NMarnau@datenschutzzentrum.de - http://www.datenschutzzentrum.de
Telefon: +49 431/988-1285, Fax +49 431/988-1223
Unabhaengiges Landeszentrum fuer Datenschutz Schleswig-Holstein
Independent Centre for Privacy Protection Schleswig-Holstein
Received on Thursday, 26 January 2012 13:54:40 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:38:30 UTC