Re: Issue:? Fingerprinting

I believe that digital fingerprinting is implicitly addressed in the standard, though not directly called our.  Third parties that receive a DNT:1 signal may only collect data elements that are reasonably necessary for the enumerated permitted uses.  That includes data elements that could be used to fingerprint a device.  Some companies may believe that they need to use fingerprinting-type techniques for fraud and security purposes even for DNT:1 users (though they would have to justify that under the standard).  But also keep in mind that much fingerprinting, as I understand it, is heavily dependent upon IP addresses, the use of which was envisioned for permitted uses even under the EFF/Moz/Stanford proposal.

However, if DNT is set at 0 or unset, the standard does not limit the use of fingerprinting, HTML5 cookies, drone surveillance, or anything else.

If I got any of this wrong, anyone, please feel free to correct me.

On Oct 1, 2013, at 1:49 PM, Jeffrey Chester <jeff@democraticmedia.org> wrote:

> I want to clarify that included in the spec are approp. definitions that address device fingerprinting.   DNT should cover device fingerprinting and related device/cross platform identification technologies and practices.
> 
> Is it already incorporated in an existing issue or text?
> 
> Jeff
> 
> 
> 
> 
> Jeffrey Chester
> Center for Digital Democracy
> 1621 Connecticut Ave, NW, Suite 550
> Washington, DC 20009
> www.democraticmedia.org
> www.digitalads.org
> 202-986-2220
> 

Received on Tuesday, 1 October 2013 18:27:17 UTC