Add the following text to 4. First Party Compliance:
When DNT:1 is received:
-- A 1st Party MUST NOT combine or otherwise use identifiable data
received from another party with data it has collected while a 1st Party.
-- A 1st Party MUST NOT share identifiable data with another party unless
the data was provided voluntarily by the user and is necessary to complete
a business transaction with the user.
-- A Party MUST NOT use data gathered while a 1st Party when operating as
a 3rd Party.
If I correctly understand the proposal made by David Singer about Third Party compliance an appropriate variation could be:
When DNT:1 is received:
-- A 1st Party MUST NOT combine or otherwise use tracking data
received from another party with tracking data it has collected while a 1st Party.
-- A 1st Party MUST NOT share identifiable data with another party unless
the data was provided voluntarily by the user and is necessary to complete
a business transaction with the user.
-- A Party MUST NOT use tracking data gathered while a 1st Party when operating as
a 3rd Party.
Regards,
John
---------
John M. Simpson
Privacy Project Director
Consumer Watchdog
2701 Ocean Park Blvd., Suite 112
Santa Monica, CA, 90405
Tel: 310-392-7041
Cell: 310-292-1902
www.ConsumerWatchdog.org
john@consumerwatchdog.org