Hi Ronan, If you said that the collected data would be de-identified and also made unlinkable i.e. the identifiers were transparently deleted immediately after collection (or maybe after a short time to filter out multiple visits and detect unique visitors), then that would work in my opinion (if you cannot get explicit consent). But the unlinkability is important because that goes to the essence of Do Not Track. Mike From: Ronan Heffernan [mailto:ronansan@gmail.com] Sent: 23 March 2013 15:22 To: Mike O'Neill Cc: Rob van Eijk; Roy T. Fielding; Justin Brookman; public-tracking@w3.org Subject: Re: TPE Handling Out-of-Band Consent (including ISSUE-152) We are not talking about connecting people's web history with long-duration persistent identifiers, for any person who has not consented. We are talking about boiling any non-consented data down to the usual, acceptable, level of de-identification for all non-consented users within, say, 48-hours (we could live with less; I don't know if every research company can). --ronan On Sat, Mar 23, 2013 at 11:09 AM, Mike O'Neill <michael.oneill@baycloud.com> wrote: Hi Ronan, I meant that you do not need to use OOBC, the DNT:0 in-band consent would work fine if you had JS tags or not. You just need to let your panel-members easily give your domain(s) web wide tracking consent and you are done. Connecting people's web history with long duration persistent identifiers is tracking in my book, and this standard is about giving people the ability to refuse it. Mike
Received on Saturday, 23 March 2013 15:42:43 UTC