- From: Roy T. Fielding <fielding@gbiv.com>
- Date: Wed, 24 Oct 2012 15:56:56 -0700
- To: <rob@blaeu.com>
- Cc: <public-tracking@w3.org>
On Oct 24, 2012, at 10:49 AM, Rob van Eijk wrote: > Tracking Protection Working Group Issue Tracker schreef op 2012-10-24 19:07: >> tracking-ISSUE-184 (Walter van Holst): 3rd party dependencies in 1st >> party content [Tracking Definitions and Compliance] >> >> http://www.w3.org/2011/tracking-protection/track/issues/184 >> >> Raised by: Walter van Holst >> On product: Tracking Definitions and Compliance >> >> As anyone that plays around with ad blockers, selective javascript >> tools, cookie killers and assorted privacy-enhancing browser >> extensions can attest there is a steady increase of content provided >> by what under the current text would be a 1st party that cannot be >> viewed unless content from a 3rd party is also accepted by the UA, be >> it cookies or javascript. >> >> This raises an interesting situation if we have DNT. For example we >> have a 1st party that is trusted by the user and also claims to comply >> to DNT and a 3rd party that is neither. Since the 1st party content is >> technically dependent on 3rd party content, the user has the choice >> between either granting consent to the 3rd party in order to have the >> 1st party function properly or not getting the content at all. >> >> To what extent is such consent informed, genuine and meaningful? > > I would like to add the question the element of free (i.e. freely given): to what extent is such consent freely given. > > (Recital 17 (2002/58/EC): Consent may be given by any appropriate method enabling a freely given, specific and informed indication of the user’s whishes.) Hi Rob and Walter, My understanding of "freely given" is that it is intended to disallow forced consent, such as when an employer demands that an employee provide the information or be fired. The pressure to comply is quite apparent and is not necessary to provide the service. In contrast, there is nothing forced about a user making voluntary requests to a service that is supported by advertising and its associated data collection practices. If the user is asked for consent for such a service and are not externally forced to provide that consent, then denying the free service if the user chooses not to consent is fine. Likewise, denying service to browsers that disable javascript or fail to show advertising is not a failure to comply with "freely given". If that were not true, then all sites in Europe based on user account services would also be illegal (e.g., Elsevier). People do not have a fundamental right to all content being free, though there are certain sites (e.g., access to essential government services) for which the "freely given" clause should apply regardless of DNT. I don't think we need to address it. If my understanding is incorrect, please let me know. ....Roy
Received on Wednesday, 24 October 2012 22:57:19 UTC