- From: David Singer <singer@apple.com>
- Date: Wed, 04 Jun 2014 09:04:31 -0700
- To: "Matthias Schunter (Intel Corporation)" <mts-std@schunter.org>
- Cc: public-tracking@w3.org
On Jun 4, 2014, at 5:19 , Matthias Schunter (Intel Corporation) <mts-std@schunter.org> wrote: > Hi Mike, > > > I believe Jack has a valid point: > - If a site receives "DNT;0", then determining whether this was > triggered by a UGE or set as a general preference is difficult (or even > impossible in general). > > To mitigate this concern, one option would be to outline an _efficient_ > way how a site can decide whether DNT;0 was UGE or general preference. > An alternative would be to relax your requirement and say >> If a 1st Party receives a request with DNT:1 set then data regarding or identifying the user initiating the request MUST NOT be shared between Parties outside the context of the request, other than between the 1st Party and its service providers or for permitted uses as defined within this recommendation. A 1st Party MAY elect further restrictions on the collection or use of such data. >> >> If a 1st Party receives a request with DNT:0 set then data regarding the user MAY be used or shared but only for the purposes that were clearly and comprehensively explained when the exception was granted. > (The only change I made is the removal of the constraint "If, as a > result of an explicitly-granted exception, ".) > > > Opinions? This needs simply “If a 1st Party receives a request with DNT:0 that was the result of a user-granted exception…”; yes, IF the DNT:0 was the result of an exception, THEN you can’t do more than you claimed when you asked for the exception. Mind you, I expect that the request will be for tracking in general, so I don’t expect this clause to have any effect in the majority of cases. > > > matthias > > Am 04.06.2014 13:43, schrieb Mike O'Neill: >> Hi Jack, >> >> Your are right a DNT:0 could be set as a general preference but the >> proposal as it stands is silent on that. It only says a first party >> must not share if DNT:1 (though it may elect for further >> restrictions). If a DNT:0 is received which was not a result of a UGE >> then the default case would be the same if DNT was unset, unless >> overridden by local law or voluntary further restrictions but IMO we >> do not need to open that can. >> >> Mike >> >> >> > > David Singer Manager, Software Standards, Apple Inc.
Received on Wednesday, 4 June 2014 16:05:02 UTC