ISSUE-200 |
OPEN |
Transitive exceptions |
2013-06-04 |
Compliance Next |
0 |
ISSUE-3 |
CLOSED |
What is the granularity of the choice we expect users to make? |
2011-09-21 |
Compliance Next |
0 |
ISSUE-6 |
CLOSED |
What are the underlying concerns? Why are we doing this / what are people afraid of? |
2011-09-21 |
Compliance Next |
0 |
ISSUE-7 |
CLOSED |
What types of tracking exist, and what are the use cases for these types of tracking? |
2011-09-21 |
Compliance Next |
0 |
ISSUE-8 |
CLOSED |
How do we enhance transparency and consumer awareness? |
2011-09-21 |
Compliance Next |
0 |
ISSUE-9 |
CLOSED |
Understand all the different first- and third-party cases. |
2011-09-21 |
Compliance Next |
0 |
ISSUE-11 |
CLOSED |
Document a longer list of use cases -- what's going on today |
2011-09-21 |
Compliance Next |
0 |
ISSUE-12 |
CLOSED |
How does tracking require relation to unique identities, pseudonyms, etc.? |
2011-09-21 |
Compliance Next |
0 |
ISSUE-15 |
CLOSED |
What special treatment should there be for children's data? |
2011-09-21 |
Compliance Next |
0 |
ISSUE-17 |
CLOSED |
Data use by 1st Party |
2011-09-21 |
Compliance Next |
0 |
ISSUE-18 |
CLOSED |
Collection definition (not sure I said the prefix before?) |
2011-09-21 |
Compliance Next |
0 |
ISSUE-19 |
CLOSED |
Data collection / Data use (3rd party) |
2011-09-21 |
Compliance Next |
0 |
ISSUE-20 |
CLOSED |
Different types of data, what counts as PII, and what definition of PII |
2011-09-21 |
Compliance Next |
0 |
ISSUE-23 |
CLOSED |
Possible exemption for analytics |
2011-09-21 |
Compliance Next |
0 |
ISSUE-26 |
CLOSED |
Providing data to 3rd-party widgets -- does that imply consent? |
2011-09-21 |
Compliance Next |
0 |
ISSUE-28 |
CLOSED |
Exception for mandatory legal process |
2011-09-21 |
Compliance Next |
0 |
ISSUE-29 |
CLOSED |
Tracking that may be required by law enforcement |
2011-09-21 |
Compliance Next |
0 |
ISSUE-30 |
CLOSED |
Will Do Not Track apply to offline aggregating or selling of data? |
2011-09-21 |
Compliance Next |
0 |
ISSUE-33 |
CLOSED |
Complexity of user choice (are exemptions exposed to users?) |
2011-09-21 |
Compliance Next |
0 |
ISSUE-34 |
CLOSED |
Possible exemption for aggregate analytics |
2011-09-21 |
Compliance Next |
0 |
ISSUE-35 |
CLOSED |
How will DNT interact with existing opt-out programs (industry self-reg, other)? |
2011-09-21 |
Compliance Next |
0 |
ISSUE-36 |
CLOSED |
Should DNT opt-outs distinguish between behavioral targeting and other personalization? |
2011-09-21 |
Compliance Next |
0 |
ISSUE-37 |
CLOSED |
Granularity based on business types and uses |
2011-09-21 |
Compliance Next |
0 |
ISSUE-38 |
CLOSED |
Granularity for different people who share a device or browser |
2011-09-21 |
Compliance Next |
0 |
ISSUE-39 |
CLOSED |
Tracking of geographic data (however it's determined, or used) |
2011-09-21 |
Compliance Next |
0 |
ISSUE-41 |
CLOSED |
Consistent way to discuss tracking with users (terminology matters!) |
2011-09-21 |
Compliance Next |
0 |
ISSUE-45 |
CLOSED |
Companies making public commitments with a "regulatory hook" for US legal purposes |
2011-09-21 |
Compliance Next |
0 |
ISSUE-52 |
CLOSED |
What if conflict between opt-out cookie and DNT? |
2011-09-22 |
Compliance Next |
0 |
ISSUE-53 |
CLOSED |
How should opt-out cookie and DNT signal interact? |
2011-09-22 |
Compliance Next |
0 |
ISSUE-54 |
CLOSED |
can first parties use declared data while in a 3rd party context? |
2011-09-22 |
Compliance Next |
0 |
ISSUE-55 |
CLOSED |
What is relationship between behavioral advertising and tracking, subset, different items? |
2011-09-22 |
Compliance Next |
0 |
ISSUE-56 |
CLOSED |
What if DNT is unspecified and an opt-out cookie is present? |
2011-09-22 |
Compliance Next |
0 |
ISSUE-57 |
CLOSED |
What if an opt-out cookie exists but an "opt back in" out-of-band is present? |
2011-09-22 |
Compliance Next |
0 |
ISSUE-58 |
CLOSED |
What if DNT is explicitly set to 0 and an opt-out cookie is present? |
2011-09-22 |
Compliance Next |
0 |
ISSUE-60 |
CLOSED |
Will a recipient know if it itself is a 1st or 3rd party? |
2011-09-22 |
Compliance Next |
0 |
ISSUE-64 |
CLOSED |
How do we describe non-identifiable data |
2011-09-22 |
Compliance Next |
0 |
ISSUE-65 |
CLOSED |
How does logged in and logged out state work |
2011-09-22 |
Compliance Next |
0 |
ISSUE-66 |
CLOSED |
Can user be allowed to consent to both third party and first party to override general DNT? |
2011-09-22 |
Compliance Next |
0 |
ISSUE-69 |
CLOSED |
Should the spec say anything about minimal notice? (ie. don't bury in a privacy policy) |
2011-09-22 |
Compliance Next |
0 |
ISSUE-71 |
CLOSED |
Does DNT require purging or modifying data collected in the past (not under DNT)? |
2011-09-22 |
Compliance Next |
0 |
ISSUE-72 |
CLOSED |
Basic principle: independent use as an agent of a first party |
2011-09-22 |
Compliance Next |
0 |
ISSUE-73 |
CLOSED |
In order for analytics or other contracting to count as first-party: by contract, by technical silo, both silo and contract |
2011-09-22 |
Compliance Next |
0 |
ISSUE-74 |
CLOSED |
Are surveys out of scope? |
2011-09-22 |
Compliance Next |
0 |
ISSUE-75 |
CLOSED |
How do companies claim exemptions and is that technical or not? |
2011-09-22 |
Compliance Next |
0 |
ISSUE-88 |
CLOSED |
different rules for impression of and interaction with 3rd-party ads/content |
2011-09-23 |
Compliance Next |
0 |
ISSUE-89 |
CLOSED |
Does DNT mean at a high level: (a) no customization, users are seen for the first time, every time. (b) DNT is about data moving between sites. |
2011-10-05 |
Compliance Next |
0 |
ISSUE-91 |
CLOSED |
Might want prohibitions on first parties re-selling data to get around the intent of DNT |
2011-10-12 |
Compliance Next |
0 |
ISSUE-92 |
CLOSED |
If data collection (even very specific with IP address, user agent, referrer) is time-limited, with very limited retention, is that still tracking? |
2011-10-19 |
Compliance Next |
0 |
ISSUE-93 |
CLOSED |
Should 1st parties be able to degrade a user experience or charge money for content based on DNT? |
2011-10-19 |
Compliance Next |
0 |
ISSUE-94 |
CLOSED |
Is "Do Not Track" the right name to use? |
2011-10-24 |
Compliance Next |
0 |
ISSUE-100 |
CLOSED |
What is a user? |
2011-11-09 |
Compliance Next |
0 |
ISSUE-101 |
CLOSED |
What is a user? add to defns |
2011-11-09 |
Compliance Next |
0 |
ISSUE-102 |
CLOSED |
Short names & titles of specifications |
2011-11-13 |
Compliance Next |
0 |
ISSUE-103 |
CLOSED |
We're not sure where the exceptions should be and ensure they are categorically captured in the base 3rd party prohibition statement. |
2011-11-23 |
Compliance Next |
0 |
ISSUE-104 |
CLOSED |
Could use a better defn of user agent, rather than browser |
2011-11-28 |
Compliance Next |
0 |
ISSUE-117 |
CLOSED |
Terms: tracking v. cross-site tracking |
2012-01-13 |
Compliance Next |
0 |
ISSUE-122 |
CLOSED |
Should we have use limitations on referrer data? |
2012-02-01 |
Compliance Next |
0 |
ISSUE-132 |
CLOSED |
Should the spec speak to intermediaries or hosting providers to modify any responses/statements about DNT compliance? |
2012-04-10 |
Compliance Next |
0 |
ISSUE-133 |
CLOSED |
What effect does legal liability or consistent data practices between affiliates have on the definition of breadth of a party? |
2012-04-10 |
Compliance Next |
0 |
ISSUE-142 |
CLOSED |
How should protocol data be allowed to be used in the first N weeks? |
2012-04-25 |
Compliance Next |
0 |
ISSUE-149 |
CLOSED |
Compliance section for user agents |
2012-05-30 |
Compliance Next |
0 |
ISSUE-154 |
CLOSED |
Are First parties allowed to use data (either offline or online) from third parties |
2012-06-20 |
Compliance Next |
0 |
ISSUE-163 |
CLOSED |
How in the spec should we ensure user agents don't twist a user preference one way or another? |
2012-09-19 |
Compliance Next |
0 |
ISSUE-169 |
CLOSED |
What do we mean by tracking? |
2012-10-03 |
Compliance Next |
0 |
ISSUE-174 |
CLOSED |
How do we create straightforward compliance for implementers retaining data for N weeks or less? |
2012-10-04 |
Compliance Next |
0 |
ISSUE-177 |
CLOSED |
Should we specify compliance requirements for software and hardware other than user agents? For example, is a web server package compliant if it tweaks DNT headers? |
2012-10-04 |
Compliance Next |
0 |
ISSUE-178 marketing-permitted |
CLOSED |
Add "Marketing" to list of permitted uses in Compliance document |
2012-10-04 |
Compliance Next |
0 |
ISSUE-179 |
CLOSED |
Make sure in the spec that we clarify information provided explicitly by a user (e.g. data typed into a form on a site with a clear privacy policy) is not subject to DNT. |
2012-10-04 |
Compliance Next |
0 |
ISSUE-180 advertising-permitted |
CLOSED |
Add "advertising" as a Permitted Use in the Compliance Document |
2012-10-04 |
Compliance Next |
0 |
ISSUE-181 |
CLOSED |
Finalize language regarding multiple first parties |
2012-10-08 |
Compliance Next |
0 |
ISSUE-186 Chapell |
CLOSED |
Ensure that browsers communicae DNT functionality accurately |
2012-11-05 |
Compliance Next |
0 |
ISSUE-191 Descriptive DeID |
CLOSED |
Non-normative Discussion of De-Identification |
2013-01-15 |
Compliance Next |
0 |
ISSUE-22 |
PENDING REVIEW |
Still have "operational use" of data (auditing of where ads are shown, impression tracking, etc.) |
2011-09-21 |
Compliance Next |
0 |
ISSUE-31 |
PENDING REVIEW |
Minimization -- to what extent will minimization be required for use of a particular exemption? (conditional exemptions) |
2011-09-21 |
Compliance Next |
0 |
ISSUE-32 |
PENDING REVIEW |
Sharing of data between entities via cookie syncing / identity brokering |
2011-09-21 |
Compliance Next |
0 |
ISSUE-49 service provider |
PENDING REVIEW |
Third party as first party - is a third party that collects data on behalf of the first party treated the same way as the first party? |
2011-09-22 |
Compliance Next |
0 |
ISSUE-97 |
PENDING REVIEW |
Re-direction, shortened URLs, click analytics -- what kind of tracking is this? |
2011-10-31 |
Compliance Next |
0 |
ISSUE-99 |
PENDING REVIEW |
How does DNT work with identity providers? |
2011-11-05 |
Compliance Next |
0 |
ISSUE-172 user-education |
PENDING REVIEW |
How should user agents be required to provide information about DNT? |
2012-10-03 |
Compliance Next |
0 |
ISSUE-175 |
PENDING REVIEW |
Have an appendix of best practices? |
2012-10-04 |
Compliance Next |
0 |
ISSUE-194 user-consent |
PENDING REVIEW |
How should we ensure consent of users for DNT inputs? |
2013-04-10 |
Compliance Next |
0 |
ISSUE-196 |
PENDING REVIEW |
What compliance requirements apply when a signal has been disregarded? |
2013-05-07 |
Compliance Next |
0 |
ISSUE-201 |
PENDING REVIEW |
Interplay between UGE and out of band consent |
2013-06-12 |
Compliance Next |
0 |
ISSUE-150 |
RAISED |
DNT conflicts from multiple user agents |
2012-05-30 |
Compliance Next |
0 |
ISSUE-184 |
RAISED |
3rd party dependencies in 1st party content |
2012-10-24 |
Compliance Next |
1 |
ISSUE-123 |
POSTPONED |
Third parties should be prohibited from acting or representing themselves as first parties. |
2012-02-01 |
Compliance Next |
0 |
ISSUE-131 |
POSTPONED |
What should implementations look like to satisfy our exit criteria for CR? |
2012-04-10 |
Compliance Next |
0 |