- From: Rob van Eijk <rob@blaeu.com>
- Date: Fri, 12 Oct 2012 19:09:33 +0200
- To: <public-tracking@w3.org>
Roy, For THIRD-party compliance with the ePrivacy directive, the EFF/Mozilla/Standford proposal looks very promising. Also, the direction of the exception API proposal from Microsoft/Mozilla/Google during the Face-2-Face meeting in Amsterdam looks promosing to me too. I need some more time to look at it in detail if it meets criteria like integrity of the list, transparency to the user and control to the user. The revised api may tackle two problems: 1. a move away from a pop-up dialog scenario, and 2. storage of in-browser user consent instead of a out-of-band consent scenario. We have no disagreement when it comes to defining key definitions that fixate inter-dependent concepts. Because of the inter-dependency, these definitions need to be addressed in the compliance doc, not the global considerations note. Rob Roy T. Fielding schreef op 2012-10-12 09:49: > On Oct 11, 2012, at 3:36 PM, Rob van Eijk wrote: > >> With all respect, the TPWG is working towards affirmative opt-in >> consent for third-party web tracking. > > It is? How so? Thus far, the working group has refused to > define tracking, refused to define DNT, refused to define what > DNT:0 implies for a recipient, refused to require an opt-in > signal be implemented by browsers, refused any discussion of UI > for informing consent, and you and Ninja have repeatedly stated > that a global setting of DNT:0, even if deliberately set by a > user because they just don't care about pseudonymous privacy > concerns, would still not satisfy the EU requirements for > specific and informed consent. > > Please, how on earth do you expect us to work on an affirmative > opt-in consent mechanism for third-party tracking when you've > made it unlikely that any browser-based consent mechanism will be > implemented and impossible for a server to use the DNT mechanisms > to inform the user, be specific about what is being consented, > and be reasonably assured that all of the consent options will > be presented to that user? > > What is the point of having an exception mechanism that might > (if anyone implements it) send a DNT:0 signal to a third-party > server if this group cannot agree that such a signal will > indicate an explicit and informed consent for data collection > for a specific set of purposes? > > Industry in Europe will obey the laws, but they will have to do > so using cookies and out-of-band consent mechanisms because > some privacy advocates in this working group are so consumed > with self-righteousness that they cannot even allow a user > to make their own choices. > > If you want DNT to be usable as an opt-in mechanism for EU, > as I do, then you need to insist that the working group > defines tracking, defines DNT:0, defines what it means > when DNT:0 is received, and requires browsers to implement > that consent mechanism if they implement DNT:1, at least to > an extent necessary to satisfy those EU laws. > > I am sick and tired of EU regulators blaming industry for lack > of progress on DNT when it has been the non-implementers in > this group that have refused to define anything necessary for > obtaining specific and informed consent. > > ....Roy
Received on Friday, 12 October 2012 17:10:03 UTC