- From: John Simpson <john@consumerwatchdog.org>
- Date: Tue, 16 Jul 2013 16:21:19 -0700
- To: Nicholas Doty <npdoty@w3.org>
- Cc: "Roy T. Fielding" <fielding@gbiv.com>, "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
Answers below, Best, John On Jul 16, 2013, at 3:52 PM, Nicholas Doty <npdoty@w3.org> wrote: > Hi John and Roy, > > I just wanted to clarify some distinctions for your change proposal on security/fraud permitted use: > > One key difference is certainly adding the definition of graduated response and stating that it is preferred. There are a couple of other distinctions from the Editors' Draft text, and I wasn't sure how essential they are to the proposal. (If we can consolidate proposals, that will make the groups' decision-making easier.) Adding graduated response language is essential from my view. > > 1. To the extent reasonably necessary vs. to the extent proportionate and reasonably necessary: > I believe the "proportionate" language came out of some concerns from our EU colleagues. Would you agree with including proportionate as well? In that case, I think the graduated-response-is-preferred language would explain the concept nicely. I have no problem with proportionate. > > 2. "malicious, deceptive, fraudulent, or illegal activity" vs. "security risks and fraudulent or malicious activity" > Is deceptive necessary here? Would deceptive include use of anonymizing proxies, onion routing, or other network-related privacy measures? Or is it just aimed at malicious deception (like fraudulent automated impressions, say)? I would mean it NOT to include anonymizing proxies, etc. Just malicious deception. I think I'm comfortable with "security risks and fraudulent or malicious activity." > > Thanks, > Nick > > Re: http://www.w3.org/wiki/Privacy/TPWG/Change_Proposal_Security#WD-style_text_.2B_Graduated_Response
Received on Tuesday, 16 July 2013 23:21:47 UTC