- From: Mike O'Neill <michael.oneill@baycloud.com>
- Date: Wed, 4 Jun 2014 10:49:26 +0100
- To: "'John Simpson'" <john@consumerwatchdog.org>, "'Ninja Marnau'" <ninja@w3.org>
- Cc: <public-tracking@w3.org>
Thanks John, my amendment indeed assumes that there should be no "data append", and that we agree to Walter's proposal for issue-219. A party should not combine data received as a third-party in one context with data it collected when it was a first-party in another context, and vice versa. mike > -----Original Message----- > From: John Simpson [mailto:john@consumerwatchdog.org] > Sent: 03 June 2014 19:40 > To: Ninja Marnau > Cc: public-tracking@w3.org; Mike O'Neill > Subject: Re: Issue-170 > > Hi Ninja, > > As I understand Mike's amendment it would preclude the practice known "data > append", i.e., combing data from outside the context of the request with data > obtained by the first party in the context of the request. If I'm understanding the > proposal correctly, I'm comfortable with Mike's amendment. > > Regards, > John > > > > On Jun 3, 2014, at 8:41 AM, Ninja Marnau <ninja@w3.org> wrote: > > > Hi John, > > > > Mike amended your proposal on first party restrictions. > > Could you take a look at the wiki whether Mike's text proposal does reflect > what you had in mind? > > > https://www.w3.org/wiki/Privacy/TPWG/Change_Proposal_First_Party_Compli > ance#Proposals_regarding_Data_Append > > > > Thanks, > > Ninja > > > > Am 30.05.14 15:10, schrieb Mike O'Neill: > >> -----BEGIN PGP SIGNED MESSAGE----- > >> Hash: SHA1 > >> > >> Here is my text for Issue-170. > >> > >> I have (hopefully friendly) amended John Simpsons Proposal by referencing > our definition of Tracking and taking out the restriction in later data use as 3rd > Party, as this is covered by Walter’s Proposal for Issue-219 (which I support). I > have also incorporated the gist of Rigo’s Proposal about the use of DNT:0 as an > e-privacy consent mechanism, and the bit in Vinay’s proposal about service > providers. > >> > >> Proposal: > >> > >> If a 1st Party receives a request with DNT:1 set then data regarding or > identifying the user initiating the request MUST NOT be shared between Parties > outside the context of the request, other than between the 1st Party and its > service providers or for permitted uses as defined within this recommendation. A > 1st Party MAY elect further restrictions on the collection or use of such data. > >> > >> If, as a result of an explicitly-granted exception, a 1st Party receives a request > with DNT:0 set then data regarding the user MAY be used or shared but only for > the purposes that were clearly and comprehensively explained when the > exception was granted. > >> > >> > >> -----BEGIN PGP SIGNATURE----- > >> Version: GnuPG v1.4.13 (MingW32) > >> Comment: Using gpg4o v3.3.26.5094 - http://www.gpg4o.com/ > >> Charset: utf-8 > >> > >> > iQEcBAEBAgAGBQJTiINJAAoJEHMxUy4uXm2Jtt0H+gIwe89nW5akvK8M/WAU0h > Px > >> Mhg07ZnsPgjyaLJO/gXrjO+V42K9sv2E3cteLz8aGqCNkxT2x+XXt9oXF+zA17gl > >> > WCfIfrGQ6SE1Z6TJrAItgDYPhp19cnARRn1skQqd3xaZ/GPn3W7ayaMWc8wxm80 > 5 > >> > tth/kRaiCf+i73zrE8LuE63Y83M1MHqgAzolsAS0eeMVHKJH3FOYYd4StHQKqJeG > >> > 0k3HkagAkml9JAKDejz5opVJSbOAX07VWOWqSWSwUvHf5jGo5V9vMs6c/AgLaM > ru > >> > AIY8Vq0oWatAzVZkGUFxAjXo4OTu0P3vxo9tIlFM1PJmOHihh1fmEeYG2hc/E+o= > >> =qa25 > >> -----END PGP SIGNATURE----- > > >
Received on Wednesday, 4 June 2014 09:50:13 UTC