Re: tracking-ISSUE-147: Transporting Consent via the Exception / DNT mechanisms [Global Considerations] from Rigo Wenning on 2012-05-15 (public-tracking@w3.org from May 2012)

From: Rigo Wenning <rigo@w3.org>
Date: Tue, 15 May 2012 09:56:02 +0200
To: public-tracking@w3.org
Cc: Tracking Protection Working Group Issue Tracker <sysbot+tracker@w3.org>
Message-ID: <7204249.YhuQFORgb4@hegel.sophia.w3.org>

This is not true. If the origin server has received a DNT;0 header, we also 
assume that the user has given his/her consent to be tracked. This goes way 
beyond what would be the situation without header. 

Rigo

On Monday 14 May 2012 21:17:10 Tracking Protection Working Group Issue 
Tracker wrote:
> tracking-ISSUE-147: Transporting Consent via the Exception / DNT
> mechanisms [Global Considerations]
> 
> http://www.w3.org/2011/tracking-protection/track/issues/147
> 
> Raised by: Matthias Schunter
> On product: Global Considerations
> 
> >From my perspective, the current mechanisms of DNT (exceptions and DNT;0)
> >only exempt a site from the constraints defined in the compliance spec.
> I.e., once a user has granted an exception, all things are back to
> 'normal'  and the usual legal constraints apply. As a consequence, after
> having obtained an exception, enterprises are back to the situation
> without DNT.
> 
> I'd like to trigger the discussion to what extend we want to and can
> piggyback consent on top of the DNT exception and DNT;0 mechanisms. The
> question are as follows: 1. "A user has granted an exception to a site,
> for what purposes can the data now be used by whom?" 2. How can we shape
> the permitted purposes/parties to fit normal user expectations?

Received on Tuesday, 15 May 2012 07:56:31 UTC