Re: Proposed Text for Local Law and Public Purpose from Rigo Wenning on 2012-10-25 (public-tracking@w3.org from October 2012)

From: Rigo Wenning <rigo@w3.org>
Date: Thu, 25 Oct 2012 18:54:14 +0200
To: public-tracking@w3.org
Cc: David Wainberg <david@networkadvertising.org>, Kimon Zorbas <vp@iabeurope.eu>, Walter van Holst <walter.van.holst@xs4all.nl>
Message-ID: <5477195.ivjjokLx06@hegel.sophia.w3.org>
David, 

I think Walter is an invited expert and offered his opinion on why 
he thinks we should also take the EU system into account. I think 
Walter gave a pretty accurate view on current EU feelings as I also 
saw them in the hearing of the EU parliament on the new regulation. 
There is much emphasis that privacy is a human right and that it 
should not under all circumstances be trumped by commercial 
considerations. I think you should read his statement like a report 
rather than an opinion.  

And his EU comments are important for me as I think that global 
considerations are important. I think we are much closer to 
usefulness of DNT in Europe than many believe. And this is a big 
thing if you consider the current UK solution that is not as nice. 
So killing the European solution for an alleged impossibility to 
comply with MRC raises heat that we should take out again. 

Note further that IMHO he is not threatening in any way. I was at 
the OECD this week and last week. There are discussions about 
transborder data flow and how to achieve that. Many OECD countries 
have appropriate protections in place and now urge to create a level 
playing field to avoid a race to the bottom. And there are serious 
voices questioning the transborder data flow to countries not having 
the right protection level. Again, this is rather a report. I do not 
have the intention to say: "see you should do this or that". And I 
see DNT as an opportunity. Because it can't be mandated by W3C 
anyway it can only be an opportunity and never a threat. The threat 
is elsewhere. 

Apart from that I concur to Kimon. Measures are done anonymously and 
this is part of the innovation challenge. Then outreach is out of 
the way. This is why I talked about "transition". In the sixties we 
had nice cars, but consumption was 7mpg. Now we still have nice cars 
and consumption is 60mpg and they are even faster. Better outreach 
measures with less personal data. We can talk about how far we get 
with Version 1 if there is a will to innovate. But just saying: "DNT 
will not change my business" would misunderstand the commitments and 
the unease in the market and between the regulators.

Rigo

On Wednesday 24 October 2012 18:14:22 David Wainberg wrote:
> Rob, Rigo, Ninja, what are your thoughts?
> 
> On 10/24/12 6:12 PM, David Wainberg wrote:
> > Hi Kimon,
> > 
> > I would not suggest that MRC is or should be relevant in Europe.
> > My questions to other Europeans in the group is whether they
> > share Walter's position, quoted below, regarding U.S. law and
> > the goals for the DNT standard.
> > 
> > -David
> > 
> > On 10/24/12 11:32 AM, Kimon Zorbas wrote:
> >> David,
> >> 
> >> I am struggling to understand why MRC should be relevant in
> >> Europe? (I am a bit lost in this debate – it seems to me that
> >> MRC certifies products to conduct measurement - in the US). If
> >> companies operate in Europe, they need to comply with our
> >> strict laws.
> >> 
> >> Audience measurement in Europe is to my knowledge conducted via
> >> anonymous data. Safe Harbor wouldn't apply to such data. If
> >> audience data is transferred to outside the EEA (and adequate
> >> countries), then there is no issue (with anonymous data sets).
> >> If personal data is collected, then you could benefit of the
> >> Safe Harbor regime as a US based company. Not sure that has
> >> anything to do with MRC (being only a certification body, if I
> >> understand correctly).
> >> 
> >> Kind regards,
> >> Kimon
> >> 
> >> From: David Wainberg <david@networkadvertising.org
> >> <mailto:david@networkadvertising.org>>
> >> Date: Wednesday 24 October 2012 17:15
> >> To: Walter van Holst <walter.van.holst@xs4all.nl
> >> <mailto:walter.van.holst@xs4all.nl>>, "public-tracking@w3.org
> >> <mailto:public-tracking@w3.org>" <public-tracking@w3.org
> >> <mailto:public-tracking@w3.org>>
> >> Subject: Re: Proposed Text for Local Law and Public Purpose
> >> Resent-From: <public-tracking@w3.org
> >> <mailto:public-tracking@w3.org>> Resent-Date: Wednesday 24
> >> October 2012 17:15
> >> 
> >> Is this the view of other Europeans participating in this
> >> working group?>> 
> >> On 10/24/12 10:39 AM, Walter van Holst wrote:
> >>             Actually, from a EU perspective this standard as a
> >>             whole
> >>             is unnecessary
> >>             because most business practices, at least the one
> >>             that
> >>             are publicly
> >>             known, in this field are in violation of EU-law
> >>             already.
> >>         
> >>         So why do we keep talking about it in terms of EU law?
> >>         Why do we
> >>         continue to have proposals aimed at suiting EU
> >>         requirements?
> >>     
> >>     Well, I am going to be offensive again and maybe even
> >>     patronising, but
> >>     the US legal context for privacy discussions is not quite
> >>     up to
> >>     par with
> >>     the rest of the industrialised world. For all its defects,
> >>     the
> >>     European
> >>     legal framework embodies a coherent framework of concepts
> >>     on this
> >>     subject matter. Which sadly the USA does not have. So,
> >>     apart from
> >>     my own
> >>     geographical bias by virtue of being Dutch, other than in
> >>     terms of consent it is difficult to discuss this in
> >>     outside the terms of EU law.
> >>     Not to mention that similar frameworks have been adopted by
> >>     Canada, Australia, South-Africa, Japan, Korea and Brazil
> >>     as well as that India
> >>     is in the process of moving in a similar direction.
> >>     
> >>        I will be
> >>        
> >>         happy if we can once and for all determine that this
> >>         
> >>             Having a
> >>             mechanism for consent in the form of DNT is much
> >>             more
> >>             significant in the
> >>             US context than in the EU context. The fact that
> >>             various
> >>             EU parties are
> >>             sitting at the table in this process is in itself a
> >>             sign
> >>             that the lack
> >>             of appetite by the US to import EU concepts (unlike
> >>             most
> >>             other
> >>             democracies on the planet) has been noticed in the
> >>             EU.
> >>         
> >>         Are you saying that EU participation in this forum is
> >>         precisely for the
> >>         purpose of trying to impose EU concepts on US
> >>         companies?
> >>     
> >>     No, it is an acknowledgement that EU law is not applicable
> >>     in the USA and that merely leaning back basking in an
> >>     ill-conceived dream of EU-superiority in this regard is
> >>     not going to be helpful at all if large
> >>     parts of the relevant industries are (for now) out of scope
> >>     of EU
> >>     law.
> >>     Therefore it is still useful to participate in a
> >>     self-regulatory
> >>     approach, despite it being unnecessary in the EU-context.
> >>     
> >>         But to my previous question, if the EU can impose these
> >>         concepts
> >>         extra-territorially through regulation then why try to
> >>         do it
> >>         through
> >>         this DNT process?
> >>     
> >>     Well, why get to what you want by asking nicely if you can
> >>     do it by holding a gun to someone's head? The former is
> >>     rather more constructive,
> >>     one would think.
> >>     
> >>     Regards,
> >>     
> >>        Walter
Received on Thursday, 25 October 2012 16:54:39 UTC