- From: Roy T. Fielding <fielding@gbiv.com>
- Date: Wed, 5 Sep 2012 11:21:27 -0700
- To: Rigo Wenning <rigo@w3.org>
- Cc: W3 Tracking <public-tracking@w3.org>
On Sep 5, 2012, at 9:04 AM, Rigo Wenning wrote: > whether you exclude access logs from the initial definitions or > whether you cover them by permitted uses is just a matter of taste. No, it is a matter of laws and regulations. If a company says that it complies with the "Do Not Track" signal and the user has reason to believe (without reading *any* specification) that it means no access log will be retained past the current transaction, then the company can be held liable even if the specification says retention of the access log is permitted. Fine text cannot overrule common perception when there is no expectation that a user will read the fine text (it isn't even presented to them as part of the standard, and certainly doesn't reflect current UI for the DNT configuration). The purpose of a single, one or two sentence definition of what DNT:1 means (and also what DNT:0 means) is so that it can be included in the UI, either directly or via tooltip/documentation, and thus become part of the nomenclature that can be reasonably understood by the user setting that config. Furthermore, it allows us to make progress on the rest of the specification with a common understanding of what the specification is intended to accomplish, as opposed to what we just experienced on the call. > So please do not use the definition for the access log argument. The > real question on access logs is the time of non-anonymized > retention. W3C anonymizes logs as a matter of policy after 6 weeks. > This also helps with exuberant subpoenae. We can (and should IMHO) > discuss this explicitly instead of complicating the definition. No, we can use fine print to further *restrict* the scope of retention, because the user is not going to complain about further constraints on what they have already permitted. We cannot use fine print to broaden the scope to allow things that do not appear to be allowed by the definition. ....Roy
Received on Wednesday, 5 September 2012 18:21:48 UTC