- From: Ninja Marnau <nmarnau@datenschutzzentrum.de>
- Date: Thu, 26 Jan 2012 14:56:05 +0100
- To: "public-tracking@w3.org" <public-tracking@w3.org>
Issue 5 Do Not Collect Identifiable Data I try to sum up, what we've discussed so far: 1. Collection: Third parties Must Not collect data to the extent possible. Don't set or collect unique identifiers (outside of exceptions or to answer a user-agent request). 2. Retention: Third parties must not retain any data which is identifiable outside legitimate exceptions according to the DNT Compliance Document with a limited purpose Problematic are longer retention periods for identifiable data (e.g. IP Adresses) for purposes of security or litigation We want to address this by data segregation, purpose limitation, retention periods 3. Correlation: Third Parties Must Not correlate anything for the purpose of identifying a user Best regards, Ninja -- Ninja Marnau mail: NMarnau@datenschutzzentrum.de - http://www.datenschutzzentrum.de Telefon: +49 431/988-1285, Fax +49 431/988-1223 Unabhaengiges Landeszentrum fuer Datenschutz Schleswig-Holstein Independent Centre for Privacy Protection Schleswig-Holstein
Received on Thursday, 26 January 2012 13:54:40 UTC