ISSUE-189: Explicit informed consent mechanism needed

EUConsent

Explicit informed consent mechanism needed

State:
RAISED
Product:
Global Considerations
Raised by:
Mike O'Neill
Opened on:
2012-11-22
Description:
There is a fundamental inconsistency between the current understanding of the DNT signal and a consent signal that would meet the European legal requirement for explicit informed consent (EIC). EIC must have been given before action is taken to identify users so if DNT is unset European servers would either need another mechanism or assume consent was absent, which does not correspond to the current TPC. It is also unlikely that the interpretation of DNT by receiving servers as specified in the TPC will be the same as the interpretation required for receiving Data Controllers & Processors for presence or absence of an EIC signal.
The Working Group is the natural place to design an EIC mechanism as all the expertise and focus on the issue is already here.
It would be very useful to have a technical mechanism for signalling EIC. The advantage the DNT mechanism had in this context was that the header is also sent to third-parties (in the HTTP sense), and the UGE API gives first-party sites the ability to control it for third-parties. It should also be possible to also do this for an EIC signal.
The GC group should define what an EIC should mean (e.g. “action can be taken to identify this user for legal purposes”) and suggest a technical way it could be set and signalled. We should then ask the Working Group to ensure that normative text to describe the mechanism is put into the TPE alongside the DNT UGE mechanism.

Mike
Related Actions Items:
Related emails:
  1. Re: Batch closing of old issues (from fielding@gbiv.com on 2015-03-25)
  2. Batch closing of old issues (from jbrookman@cdt.org on 2015-03-24)
  3. RE: Reminder: Deadline for raising issues is October 02 (this Wednesday) issue-205, issue-189 (from michael.oneill@baycloud.com on 2013-10-01)
  4. RE: issue-189 (from michael.oneill@baycloud.com on 2013-05-16)
  5. Re: issue-189 (from fielding@gbiv.com on 2013-05-15)
  6. issue-189 (from michael.oneill@baycloud.com on 2013-05-15)
  7. Re: Doodle poll for meeting, please respond ASAP & DNT:0 action-346 issue-189 (from walter.van.holst@xs4all.nl on 2013-01-13)
  8. Re: Doodle poll for meeting, please respond ASAP & DNT:0 action-346 issue-189 (from peter.cranstone@3pmobile.com on 2013-01-13)
  9. RE: Doodle poll for meeting, please respond ASAP & DNT:0 action-346 issue-189 (from michael.oneill@baycloud.com on 2013-01-13)
  10. Re: Doodle poll for meeting, please respond ASAP & DNT:0 action-346 issue-189 (from peter.cranstone@3pmobile.com on 2013-01-13)
  11. Re: Doodle poll for meeting, please respond ASAP & DNT:0 action-346 issue-189 (from vp@iabeurope.eu on 2013-01-12)
  12. RE: Doodle poll for meeting, please respond ASAP & DNT:0 action-346 issue-189 (from wileys@yahoo-inc.com on 2013-01-12)
  13. RE: Doodle poll for meeting, please respond ASAP & DNT:0 action-346 issue-189 (from michael.oneill@baycloud.com on 2013-01-12)
  14. action-346 issue-189 A new API linking EU consent and DNT. (from michael.oneill@baycloud.com on 2012-12-29)
  15. tracking-ISSUE-189 (EUConsent): Explicit informed consent mechanism needed [Global Considerations] (from sysbot+tracker@w3.org on 2012-11-22)

Related notes:

No additional notes.

Display change log ATOM feed


Matthias Schunter <matthias.schunter@intel.com>, Chair, Bert Bos <bert@w3.org>, Staff Contact
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: index.php,v 1.325 2014-09-10 21:42:02 ted Exp $