Re: Issues for Monday Call

I would recommend this conversation be reserved for a v2 discussion.  This isn't required for legal compliance under GDPR or the draft ePR.  We can learn from real world implementations how beneficial (or not) these concepts could assist controllers in meeting their legal obligations.
- Shane

Sent from mobile phone so please excuse brevity and typos.  
 
  On Mon, Apr 3, 2017 at 11:42 AM, Walter van Holst<walter@vanholst.com> wrote:   On 2017-04-01 17:09, Matthias Schunter (Intel Corporation) wrote:

> What we need to clarify further is:
> - Why is the data required to be machine readable?

It allows for a much better user experience through extensions that can 
apply rules/webs-of-trust etc.

> - What actions will the browser take once it has read and parsed this 
> data?
> - What bad things would happen if the data continues to be available in
> human-readable form only?

We're missing an opportunity.

> - Why couldnt the fields be defined in a "EU compliance" note (since
> they seem to be specific to the EU)?
> 
> If the browser will only store this data, then a consent-metadata blob
> (JSON or so) would be sufficient. Further notes and best practices can
> then structure this object further.

Sounds like a worthwhile avenue to explore.

> Just my 2cents. Let us discuss this further on monday.

With regrets, I am down with a bit of a cold, so can't join. Which is 
really a pity given the importance of this issue.

  

Received on Monday, 3 April 2017 16:37:59 UTC