Re: What additional optional information is ESSENTIAL in Europe to document a informed that has been given?

Matthias,
I'm not here next week (regrets) but I'd like to ask that we maintain a "loosely-structured" approach for the TSO as we had originally agreed.  There is no need for the user agent to interrogate the contents of the TSO outside of mandatory elements as the information is there for the user to consume (human readable vs. machine readable).  I believe we have the correct mandatory fields at this point from an accountability perspective - all others can be added optionally as desired by implementers (on their individual views of what is legally necessary).  Adding additional structure (P3P complexity) to our current approach is not required by GDPR so let's not attempt to do that at this late stage.  
- Shane Shane Wiley
VP, Privacy
Yahoo

      From: Matthias Schunter (Intel Corporation) <mts-std@schunter.org>
 To: "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org> 
 Sent: Monday, March 27, 2017 10:08 AM
 Subject: What additional optional information is ESSENTIAL in Europe to document a informed that has been given?
   
Hi Folks,

today, we discussed what additional information may be required (in the
TSR or elsewhere)
to provide context for a user-granted exception that has been registered.

Fields we have already:
- Compliance URL: A pointer to a compliance regime
- Same Party
- Controller

My questions is:
- What additional fields would be required?
- Why are they essential and cannot be defined elsewhere (e.g. in a EU
specific compliance document or a subsection of the compliance-page)?
- Why does the browser need to parse this information? What does the
browser need to do with it? (if it just stores it, it could be part of a
larger JSON object that is left undefined).

Next week we can then discuss whether any raises above our threshold of
"Essential for EU".


Regards,
matthias