W3C home > Mailing lists > Public > public-tracking@w3.org > March 2013

Re: TPE Handling Out-of-Band Consent (including ISSUE-152)

From: Ronan Heffernan <ronansan@gmail.com>
Date: Sun, 24 Mar 2013 18:53:55 -0400
Message-ID: <CAHyiW9K7k_TfnV-YykjZK==xELnbTpnCuSsgew1h77ExoWkWKg@mail.gmail.com>
To: "Mike O'Neill" <michael.oneill@baycloud.com>
Cc: public-tracking@w3.org, rob@blaeu.com, "Roy T. Fielding" <fielding@gbiv.com>, Justin Brookman <justin@cdt.org>
Mike,

I'm sorry if I wasn't clear.  I was proposing that whatever level of
de-identification, unlinkability, "munging", etc., that would apply to any
other DNT:1 data would apply to this data (for those users for whom an
out-of-band consent cannot be found) after the OOBC determination is made
or as soon as the window (48-hours?) for making that determination expires,
whichever comes first.  I do not intend for any other permitted retention
or permitted use, from other provisions in the spec to be made any more or
any less stringent by the non-real-time OOBC-detection mechanism.

--ronan



On Sat, Mar 23, 2013 at 11:42 AM, Mike O'Neill
<michael.oneill@baycloud.com>wrote:

> Hi Ronan,****
>
> ** **
>
> If you said that the collected data would be de-identified and also made
> unlinkable i.e. the identifiers were transparently deleted immediately
> after collection (or maybe after a short time to filter out multiple visits
> and detect unique visitors), then that would work in my opinion (if you
> cannot get explicit consent). But the unlinkability is important because
> that goes to the essence of Do Not Track.****
>
> ** **
>
> Mike****
>
>
>
Received on Sunday, 24 March 2013 22:54:43 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:45:07 UTC