ACTION-169 ISSUE-61 same-party relations

Hi all, 

at our Washington F2F meeting, I was tasked to write up text describing "if 
your privacy policies don't match, don't claim an associated domain". This 
was subsequent to a discussion on 12 April:
Rigo: If we allow for lists where somebody can say "a,b,c,d,e belong to me 
and are the same" and A responds that they honor DNT, and the rest don't, 
and A says 'not my business', then you go into a problem saying that if you 
state that others belong to you, you have to take responsibility for that

This addresses Section 5.2.2 Representation of the Tracking Preference 
Expression Specification:

I suggest to add the following text: after the paragraph starting with 
"An optional member named same-party may"
If a legal entity responsible for the orgin-server making such declarations 
of additional domains in the <code>same-party</code> field is responsible 
for the correctness of the statements made about those <code>same-
party</code> sites in the file on the origin-server as if it would be a 
representation about the origin-server itself. 

I encourage all to look at
Where P3P 1.1 solved the same issue.



Received on Friday, 4 May 2012 08:37:28 UTC