W3C home > Mailing lists > Public > public-tracking@w3.org > March 2013

Re: TPE Handling Out-of-Band Consent (including ISSUE-152)

From: Ronan Heffernan <ronansan@gmail.com>
Date: Tue, 19 Mar 2013 08:42:24 -0400
Message-ID: <CAHyiW9+L4_n_F-F9O6p86-D_P5S96hU7-bzQQu8XG=cfJxqoJw@mail.gmail.com>
To: "Matthias Schunter (Intel Corporation)" <mts-std@schunter.org>
Cc: public-tracking@w3.org
Matthias,

   You said that we now have 4 cases, but you seem to have only delineated
3 cases.  I think there is the fourth case: The site uses out-of-band
consent but the user cannot see or manage that consent via a control link,
and the site promises to respect it.  Was that the fourth case that you
envisioned?

--ronan


On Tue, Mar 19, 2013 at 7:38 AM, Matthias Schunter (Intel Corporation) <
mts-std@schunter.org> wrote:

>  Hi!
>
>
> for consent, we now have 4 cases:
> 1. The site has in-band consent (=DNT;0 either as a preference or an
> exception)
> 2. The site is reasonably certain that it has out of band consent
> 3. The site uses out of band consent and a user can see (and maybe manage)
> this out of band consent via "control" link
>     and the site promises to respect it
>
> I believe this translates into two qualifiers:
>  C = I obtained consent (either in-band or out-of-band)
>  c  = I will handle your data according to the out of band consent that
> you can retrieve via "control"
>        (in this case, the control link is mandatory).
>
> If browsers care, they can differentiate the cases (1) and (2) by means of
> the fact whether they have sent a DNT;0 or not.
>
>
> Does this sound like an appropriate resolution?
>
>
> Regards,
>  matthias
>
>
Received on Tuesday, 19 March 2013 12:43:12 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:45:07 UTC