I believe that digital fingerprinting is implicitly addressed in the standard, though not directly called our. Third parties that receive a DNT:1 signal may only collect data elements that are reasonably necessary for the enumerated permitted uses. That includes data elements that could be used to fingerprint a device. Some companies may believe that they need to use fingerprinting-type techniques for fraud and security purposes even for DNT:1 users (though they would have to justify that under the standard). But also keep in mind that much fingerprinting, as I understand it, is heavily dependent upon IP addresses, the use of which was envisioned for permitted uses even under the EFF/Moz/Stanford proposal. However, if DNT is set at 0 or unset, the standard does not limit the use of fingerprinting, HTML5 cookies, drone surveillance, or anything else. If I got any of this wrong, anyone, please feel free to correct me. On Oct 1, 2013, at 1:49 PM, Jeffrey Chester <jeff@democraticmedia.org> wrote: > I want to clarify that included in the spec are approp. definitions that address device fingerprinting. DNT should cover device fingerprinting and related device/cross platform identification technologies and practices. > > Is it already incorporated in an existing issue or text? > > Jeff > > > > > Jeffrey Chester > Center for Digital Democracy > 1621 Connecticut Ave, NW, Suite 550 > Washington, DC 20009 > www.democraticmedia.org > www.digitalads.org > 202-986-2220 >
Received on Tuesday, 1 October 2013 18:27:17 UTC