-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Here is my text for Issue-170.
I have (hopefully friendly) amended John Simpsons Proposal by referencing our definition of Tracking and taking out the restriction in later data use as 3rd Party, as this is covered by Walter’s Proposal for Issue-219 (which I support). I have also incorporated the gist of Rigo’s Proposal about the use of DNT:0 as an e-privacy consent mechanism, and the bit in Vinay’s proposal about service providers.
Proposal:
If a 1st Party receives a request with DNT:1 set then data regarding or identifying the user initiating the request MUST NOT be shared between Parties outside the context of the request, other than between the 1st Party and its service providers or for permitted uses as defined within this recommendation. A 1st Party MAY elect further restrictions on the collection or use of such data.
If, as a result of an explicitly-granted exception, a 1st Party receives a request with DNT:0 set then data regarding the user MAY be used or shared but only for the purposes that were clearly and comprehensively explained when the exception was granted.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (MingW32)
Comment: Using gpg4o v3.3.26.5094 - http://www.gpg4o.com/
Charset: utf-8
iQEcBAEBAgAGBQJTiINJAAoJEHMxUy4uXm2Jtt0H+gIwe89nW5akvK8M/WAU0hPx
Mhg07ZnsPgjyaLJO/gXrjO+V42K9sv2E3cteLz8aGqCNkxT2x+XXt9oXF+zA17gl
WCfIfrGQ6SE1Z6TJrAItgDYPhp19cnARRn1skQqd3xaZ/GPn3W7ayaMWc8wxm805
tth/kRaiCf+i73zrE8LuE63Y83M1MHqgAzolsAS0eeMVHKJH3FOYYd4StHQKqJeG
0k3HkagAkml9JAKDejz5opVJSbOAX07VWOWqSWSwUvHf5jGo5V9vMs6c/AgLaMru
AIY8Vq0oWatAzVZkGUFxAjXo4OTu0P3vxo9tIlFM1PJmOHihh1fmEeYG2hc/E+o=
=qa25
-----END PGP SIGNATURE-----