- From: Matthias Schunter (Intel Corporation) <mts-std@schunter.org>
- Date: Thu, 28 Mar 2013 12:47:45 +0100
- To: "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
Hi Team,
I discussed our approach to consent (in-band and out of band) with Rigo.
We observed that the fact that you have consent is orthogonal to the
overall tracking status.
As a consequence, we believe that "C"onsent should be signaled as a
qualifier (similar to a permitted use).
If we introduce this change, the scenario/flow for in-band exceptions
would not change:
1. - The site has an exception and has therefore received DNT;0 from
the browser
2. - The site responds with "1" or "3" to indicate that they comply
with DNT
However, the flow for out-of-band exception would get clearer:
OLD:
1. - The site receives DNT;1
2. - The site (somehow) reliably determines _in real time_ that it
has out of band consent
3. - The site responds with "C" thus indicating that it has out of
band consent
and provides a control link.
NEW:
1. - The site receives DNT;1
2. - The site (somehow) reliably determines _in real time_ that it
has out of band consent
3. - The site responds with "3C" thus indicating that
- It acts as a 3rd party
- It will use the data in ways that are beyond the usages
permitted by DNT;1 since
it has obtained out of band consent. A control link is
still required.
I think that modeling out of band consent as a permitted us is cleaner
than the current approach
that models it as a special tracking status.
Note: This discussion is orthogonal to the discussion what to do if the
site cannot determine the consent in real time.
Opinions/Feedback?
Regards,
matthias
Received on Thursday, 28 March 2013 11:48:09 UTC