- From: Nick Doty <npdoty@w3.org>
- Date: Fri, 6 Nov 2015 00:46:20 -0800
- To: "public-tracking@w3.org" <public-tracking@w3.org>
- Message-Id: <6600FEF1-AEA6-4B13-928C-A1D63584BBE9@w3.org>
The Compliance document already has a section explaining requirements for consent (which might be registered in-band or out-of-band). See Section 4: > A party MAY engage in practices otherwise proscribed by this specification when the user has given explicit and informed consent. That already provides the conditions of explicit and informed for consent. As noted in Section 3.1, consent may be limited based on statements to the user in obtaining consent. Those statements might include particular purposes, but they might include any other number of restrictions, which we don't need to enumerate in the specification. Proposal: no change. —npd > On Nov 5, 2015, at 10:35 PM, Tracking Protection Working Group Issue Tracker <sysbot+tracker@w3.org> wrote: > > tracking-ISSUE-271: out of band consent and specified purpose [TCS Last Call] > > http://www.w3.org/2011/tracking-protection/track/issues/271 > > Raised by: Rob van Eijk > On product: TCS Last Call > > https://lists.w3.org/Archives/Public/public-tracking-comments/2015Oct/att-0003/20151001_Ares_2015_4048580_W3C_compliance.pdf > > The Working Party suggests including the following normative language: ‘Out of band consent MUST be obtained in an unambiguous manner and specific to the intended purpose. Data collected with out of band consent MUST only be used for that specified purpose.’
Received on Friday, 6 November 2015 08:46:22 UTC