Re: Proposals for Compliance issue clean up

Hi Rob,

On 11/11/12 9:58 PM, Rob Sherman wrote:
> On the substance of Shane's proposal, though, I'd suggest that it be
> modified along the lines of my correspondence with Shane
> (http://lists.w3.org/Archives/Public/public-tracking/2012Oct/0310.html) to
> make clear that there are situations in which information is "declared
> data" even if it is not "directly and expressly supplied by a user to a
> party."  As described in the thread, Shane and I agreed that this concept
> includes a situation in which the user authorizes sharing of information
> but does not "directly and expressly suppl[y]" it.  (For example, we
> agreed that if you specifically authorize an app to publish information
> about actions you take within the app to your Facebook timeline (or
> specifically authorize Facebook to receive that information), that
> information would be deemed "declared data" as to Facebook even though it
> is not provided "directly" by the user to Facebook.)
It sounds like what you're saying is that "declared data" includes any 
data and any purpose for which a user has given consent. This is just a 
question of what is adequate consent for various uses of data. If the 
user gives consent for a use, then that's fine. Why should the DNT spec 
say anything about it?

-David

Received on Monday, 12 November 2012 13:19:42 UTC