I believe this treads on ISSUE-5 and is now out of scope. Namely, this reintroduces the notion that data collected within a single context (as would be understood by a user and described as such during our debate on the tracking definition) is subject to being tracking just because some time has passed. ....Roy On Jan 22, 2014, at 10:43 AM, Mike O'Neill wrote: > This was next I discussed with Rob but we agreed to leave it out for sake of clarity about a context being single responsible data controller with multiple domains declared in same-party. I agree with Matthias that the time-limited aspect will be important to users so we could have a (brief) discussion about it next week. > > Mike > > > For the purpose of this definition, a context is a time limited network interaction with resources controlled by a small set of user discernable data controllers, sharing the same privacy policy, and a common branding. > > To ensure transparency the responsible data controllers, other than the data controller of the host server identified in the user-agent's location-bar, MUST be listed in the same-party member of the Tracking Resource. > > Non-normative: > > Within any particular network interaction a user can expect that session states and other data necessary to support the activity will be preserved or shared between the identifiable data controllers and their contracted service providers, but that , without explicit consent being given, no personally identifiable record will be retained beyond a short period after the last user initiated network transaction.
Received on Wednesday, 22 January 2014 20:12:51 UTC