- From: Mike O'Neill <michael.oneill@baycloud.com>
- Date: Mon, 19 Dec 2016 11:08:43 -0000
- To: <public-tracking@w3.org>, "'Jeff Jaffe'" <jeff@w3.org>, "'Walter van Holst'" <walter@vanholst.com>, "'Aleecia M. McDonald'" <aleecia@aleecia.com>
Any useful Compliance spec could help clarify by laying down the specific
things that web applications should do and not do, while not contradicting
existing law.
The "compliance" property makes this configurable so that job could be left
to others, i.e. it does not need to be W3C responsibility, but it is hard to
see any other body taking it on.
Maybe we can pick this up again after the TPE is put to bed.
-----Original Message-----
From: Walter van Holst [mailto:walter@vanholst.com]
Sent: 16 December 2016 15:56
To: public-tracking@w3.org
Subject: Re: ePrivacy & DNT
On 2016-12-16 13:45, Jeff Jaffe wrote:
> Mike,
>
> Thanks for the pointer.
>
> I didn't see where this pointed to any W3C Standard for Do Not Track,
> or any compliance regime. Is it correct that any utilization of any
> (non-standard) browser setting and any compliance definition would
> satisfy these regs?
No, I would not say so. The leaked e-Privacy Regulation refers in
article 8(2) sub b to article 21 of the GDPR ("When such data is used
for direct marketing or profiling, the end-user shall have the right to
object as provided for in Article 21 of the GDPR;")
Article 21(5) GDPR says:
" In the context of the use of information society services, and
notwithstanding Directive 2002/58/EC, the data subject may exercise his
or her right to object by automated means using technical
specifications."
That part was put in for the purpose to allow DNT-like mechanisms to be
established. I'm grateful it doesn't say "standard" because in European
legislative lingo that would mean a standard set by a traditional
standardisation body such as ISO.
This was included via an amendment proposed by Jean-Philipp Albrecht, of
whom you have seen an e-mail earlier.
Regards,
Walter
Received on Monday, 19 December 2016 11:09:49 UTC