- From: Walter van Holst <walter.van.holst@xs4all.nl>
- Date: Wed, 24 Oct 2012 14:20:19 +0200
- To: public-tracking@w3.org
On 10/24/12 1:56 PM, David Wainberg wrote: >>>> the onus is on me to explain privacy risks through examples >>> Please do. There continues to be reluctance to specify the exact risks >>> we're trying to address with this standard. It would be extremely useful >>> for us to finally enumerate the problems we're trying to solve so that >>> we can zero in on the appropriate solutions. Thanks! >> I am sorry David, but we're dealing here with fundamental human rights. >> To take a horrible historical analogy: there was much resistance against >> abolition of slavery in the Southern US states for economic reasons. > You're comparing online advertising to the enslavement and brutal abuse > of a race of people? With respect, I think hyperbole overshadows your > point, and some may even find it offensive. Perhaps you can think of a > more apt analogy. The core point stands: mere economic interest does not trump fundamental rights. And a society in which every thing you do, read and watch is monitored and registered, be it by private or government entities, is as close to a perfect prison as you can get. And I am not comparing online advertisement with enslavement, I am comparing the collection of every little piece of behaviour one can exhibit on in the online context for any purpose, be it advertising or something else, to enslavement. Online advertising was flourishing before behavioural advertising came along. > Aside from whether this point is hyperbole as well, it is irrelevant. > DNT as conceived by this working group will have little to no impact on > any Orwellian data collection. First parties online, all sorts of > parties offline, and more importantly, governments everywhere will > continue to have the ability to collect large amounts of data about all > of our behavior online and off. If that's the problem we're trying to > solve, we're way off base. Constraining the uses that 3rd parties are > allowed to make of data collected online will give no net benefit to > users in this regard. So you're stating that the whole DNT saga is without merit? If the point is not to allow users to restrict data collection, then what is it? > those, that might be a good route. For example, if access to data and > misuse of it by governments is a particular issue, let's explore that. > It's been mentioned regularly, but has never been approached as a > discrete concern we are trying to address. Governments will (and can in most jurisdictions) access all data gathered. Which in itself is justification for having as little data around as possible. If anything, may I recommend to have a chat with the European telco operators who have been forced to spend vast amounts of money on data retention schemes to satisfy the data hunger of governments? Without any tangible benefit for society whatsoever and all because some of them where keeping that data around anyway for potential marketing reasons. >> >> Do not forget that a lack of privacy also erodes freedom of expression >> by putting barriers to access information. > I'm not entirely sure I understand this point, but I think I see it > completely opposite. Third party online advertising services make > possible a much wider range of content and services than users would > have access to otherwise. Again, you are assuming that I am ranting against any form of third party online advertisement. I am fully aware that advertisement based business models have greatly contributed to the availability of content. What I am opposed to is the correlation of user behaviour over different contexts because it results in a collapse of social context. > This is not how it is in the US. Our law and our culture around these > issues are different. Although we have had many conversations in this > group about how we can try to craft DNT to suit needs in the EU, I'm not > sure there's an appetite here to import European law to the US via this > standard. This is the justification for my compliance token proposal: > there are significant differences we may not be able to accommodate in a > monolithic standard. > Actually, from a EU perspective this standard as a whole is unnecessary because most business practices, at least the one that are publicly known, in this field are in violation of EU-law already. Having a mechanism for consent in the form of DNT is much more significant in the US context than in the EU context. The fact that various EU parties are sitting at the table in this process is in itself a sign that the lack of appetite by the US to import EU concepts (unlike most other democracies on the planet) has been noticed in the EU. Moreover, please be aware that the successor to the Data Protection Directive, the Data Protection Regulation is quite likely to have an extraterritorial scope, the unprecedented lobbying efforts by the US Department of Commerce notwithstanding. Regards, Walter
Received on Wednesday, 24 October 2012 12:21:00 UTC