Moving "C"onsent from Tracking Status to Permitted Use?

Hi Team,


I discussed our approach to consent (in-band and out of band) with Rigo.

We observed that the fact that you have consent is orthogonal to the 
overall tracking status.
As a consequence, we believe that "C"onsent should be signaled as a 
qualifier (similar to a permitted use).

If we introduce this change, the scenario/flow for in-band exceptions 
would not change:
    1. - The site has an exception and has therefore received DNT;0 from 
the browser
    2. - The site responds with "1" or  "3" to indicate that they comply 
with DNT

However, the flow for out-of-band exception would get clearer:

OLD:
    1. - The site receives DNT;1
    2. - The site (somehow) reliably determines _in real time_ that it 
has out of band consent
    3. - The site responds with "C" thus indicating that it has out of 
band consent
          and provides a control link.

NEW:
    1. - The site receives DNT;1
    2. - The site (somehow) reliably determines _in real time_ that it 
has out of band consent
    3. - The site responds with "3C" thus indicating that
             - It acts as a 3rd party
             - It will use the data in ways that are beyond the usages 
permitted by DNT;1 since
               it has obtained out of band consent. A  control link is 
still required.

I think that modeling out of band consent as a permitted us is cleaner 
than the current approach
that models it as a special tracking status.

Note: This discussion is orthogonal to the discussion what to do if the 
site cannot determine the consent in real time.


Opinions/Feedback?


Regards,
matthias

Received on Thursday, 28 March 2013 11:48:09 UTC