- From: David Singer <singer@apple.com>
- Date: Mon, 24 Jun 2013 08:28:17 -0700
- To: Nicholas Doty <npdoty@w3.org>
- Cc: "public-tracking@w3.org Mailing List" <public-tracking@w3.org>
On Jun 24, 2013, at 1:15 , Nicholas Doty <npdoty@w3.org> wrote: > Hi David, > > I've create ISSUE-203 to the Compliance June product; a new issue for the topic of this change. > > I've set up a wiki page for this proposal: http://www.w3.org/wiki/Privacy/TPWG/Change_Proposal_Tracking_Third_Party_Compliance > > As a question on the substance of the proposal, I'm not sure about your distinction between exceptions and consent. Doesn't the editors' draft "explicitly-granted exceptions, provided in accordance with the requirements of this standard" cover the case of out-of-band consent? I think that the terminology is that exceptions are a signal sent with the transaction (DNT:0), and hence are in-band. Out-of-band consent is consent that is derived and known/signalled through some other mechanism, out of (our) band. So, my understanding is that the answer to your question is 'no'. > > Thanks, > Nick > > On Jun 20, 2013, at 3:25 PM, David Singer <singer@apple.com> wrote: > >> Problem >> >> "If a third party receives a DNT: 1 signal, then: >> >> • the third party must not collect, retain, share, or use information related to the network interaction as part of which it received the DNT: 1 signal outside of the permitted uses as defined within this standard and any explicitly-granted exceptions provided in accordance with the requirements of this standard; >> • the third party must not use information about previous network interactions in which it was a third party, outside of the permitted uses as defined within this standard and any explicitly-granted exceptions, provided in accordance with the requirements of this standard." >> >> >> 1) We imply but nowhere say, that what third parties must do under DNT:1 is to reduce 'tracking', as defined. >> 2) We don't allow out-of-band-consent. >> 3) Exceptions don't need to be mentioned, as they cause DNT:0 to be sent, not DNT:1. >> >> Proposal >> >> Insert 'tracking' twice and remove exceptions: >> >> If a third party receives a DNT: 1 signal, then, unless it has consent from the user: >> >> • the third party must not collect, retain, share, or use tracking information related to the network interaction as part of which it received the DNT: 1 signal outside of the permitted uses as defined within this standard; >> • the third party must not use tracking information about previous network interactions in which it was a third party, outside of the permitted uses as defined within this standard. >> >> >> David Singer >> Multimedia and Software Standards, Apple Inc. >> >> > David Singer Multimedia and Software Standards, Apple Inc.
Received on Monday, 24 June 2013 15:28:52 UTC