Global Considerations

Hi Rigo / Rob,

The value of any Global considerations work would go up exponentially if
the EU regulators were in position to define precisely what it will take
for them it to meet the criteria for ePrivacy. The Global considerations
work is a bit of a leap of faith without some indication that the group
will get some clarity here. Remember, you're asking people to spend even
more time and energy on this - over and above the TPWG. Absent a
discernible path to success, that may be a tough sell.

Similarly, (and I may be in the minority here) but I think its a bit
premature for the W3C to be looking to address new privacy and public
policy challenges when we haven't really demonstrated whether this is the
most productive venue to address DNT. (http://www.w3.org/2012/dnt-ws/)

Alan





On 10/12/12 5:30 PM, "Rigo Wenning" <rigo@w3.org> wrote:

>Roy, 
>
>I'm working on it. Please help with the global considerations! I
>still think that defining tracking will lead us into one infinite
>rathole, so I try to avoid that. But for the rest, I must admit I
>lost with you: 
>
>- I want to have a definition of what we can "at least" do with
>DNT;0
> - I want to have authorities accepting opt/in/out signals (or just
>opt-signals)
> - I don't think Rob has definitely closed the door on whether we
>can meet the EU requirements, so I have some hope with global
>considerations. 
>
>Rigo
>
>On Friday 12 October 2012 00:49:43 Roy T. Fielding wrote:
>> On Oct 11, 2012, at 3:36 PM, Rob van Eijk wrote:
>> > With all respect, the TPWG is working towards affirmative opt-in
>> > consent for third-party web tracking.
>> It is?  How so?  Thus far, the working group has refused to
>> define tracking, refused to define DNT, refused to define what
>> DNT:0 implies for a recipient, refused to require an opt-in
>> signal be implemented by browsers, refused any discussion of UI
>> for informing consent, and you and Ninja have repeatedly stated
>> that a global setting of DNT:0, even if deliberately set by a
>> user because they just don't care about pseudonymous privacy
>> concerns, would still not satisfy the EU requirements for
>> specific and informed consent.
>> 
>> Please, how on earth do you expect us to work on an affirmative
>> opt-in consent mechanism for third-party tracking when you've
>> made it unlikely that any browser-based consent mechanism will be
>> implemented and impossible for a server to use the DNT mechanisms
>> to inform the user, be specific about what is being consented,
>> and be reasonably assured that all of the consent options will
>> be presented to that user?
>> 
>> What is the point of having an exception mechanism that might
>> (if anyone implements it) send a DNT:0 signal to a third-party
>> server if this group cannot agree that such a signal will
>> indicate an explicit and informed consent for data collection
>> for a specific set of purposes?
>> 
>> Industry in Europe will obey the laws, but they will have to do
>> so using cookies and out-of-band consent mechanisms because
>> some privacy advocates in this working group are so consumed
>> with self-righteousness that they cannot even allow a user
>> to make their own choices.
>> 
>> If you want DNT to be usable as an opt-in mechanism for EU,
>> as I do, then you need to insist that the working group
>> defines tracking, defines DNT:0, defines what it means
>> when DNT:0 is received, and requires browsers to implement
>> that consent mechanism if they implement DNT:1, at least to
>> an extent necessary to satisfy those EU laws.
>> 
>> I am sick and tired of EU regulators blaming industry for lack
>> of progress on DNT when it has been the non-implementers in
>> this group that have refused to define anything necessary for
>> obtaining specific and informed consent.
>> 
>> ....Roy
>
>

Received on Monday, 15 October 2012 17:10:13 UTC