RE: DNT:1 and "data append"

Hi Chris, 

The problem I have with the data append concept, when DNT is set, is that a
unique user identifier needs to be shared between the parties, in order that
the appended data can be connected to a specific user. So personal data
(cookie identifiers, IP addresses etc. are  considered personal data in the
EU) has to be shared to make it work, perhaps with other collected data such
as the URI (passed for example in a Referer(sic) header). If one of the
parties is a data processor for the data controller, then this could be
indicated using David's service-provider mechanism and no further exemption
is needed. Have you a specific example which does not require sharing a UID
or other personal data (and no service provider contracts are in place)?

Mike 

-----Original Message-----
From: Jeffrey Chester [mailto:jeff@democraticmedia.org] 
Sent: 20 March 2013 18:57
To: Rigo Wenning
Cc: public-tracking@w3.org; Chris Pedigo; ifette@google.com; David Singer
Subject: Re: DNT:1 and "data append"

First parties now engage in data append with many, many data partners for
targeting.  It's a common practice and should not be permitted when a user
signals DNT.

Received on Wednesday, 20 March 2013 20:31:53 UTC