Rob, The "secure delete" (or otherwise sufficiently de-identify/make-unlinkable) is exactly the same as a normal DNT:1 user (which is MUST, right?), after the allowed OOBC-determination window closes except for the raw data that is allowed to be kept under other provisions of the spec (and limited to those specified uses). I am not suggesting any new permitted use for raw (non-de-identified/linkable) data, as long as OOBC means that there are no restrictions on using the raw data of those users who have consented via an out-of-band mechanism. I am also not suggesting getting rid of any permitted uses, such as security, fraud detection, or data needed for operating the service. --ronan On Sat, Mar 23, 2013 at 1:06 PM, Rob van Eijk <rob@blaeu.com> wrote: > > Ronan, > > WIll the secure delete requirement be a MUST in normative text in the > compliance document?? ie how strong is your compare and forget proposal? > Does it prevent processing under the exceptions that currently exist under > DNT:1 text eg security? > > Rob > >
Received on Sunday, 24 March 2013 22:46:00 UTC