- From: Rigo Wenning <rigo@w3.org>
- Date: Thu, 08 Mar 2012 21:26:08 +0100
- To: public-tracking@w3.org
- Cc: "Roy T. Fielding" <fielding@gbiv.com>, Jonathan Mayer <jmayer@stanford.edu>
Jonathan, Roy, On Wednesday 07 March 2012 12:16:50 Roy T. Fielding wrote: > > I (and, as I understand it, quite a few others in the group) favor a > > blanket third-party collection/retention/use limitation, with an > > exception for information that could not be used to correlate browsing > > activity and an exception for protocol information. (There are, of > > course, some fine details we might not agree on. For example: What > > does a server have to do if the client sends an old ID cookie? A "hi, > > here's my SSN" cookie? What does a server have to do over time with > > protocol information?) > Please understand that those aren't exceptions. They are contradictions. > We cannot protect against fraud and simultaneously blanket-prohibit > collection. We can prohibit use for tracking and retention beyond what > is necessary for the fraud/legal/security exemptions. IMHO, your dispute here is a red herring. If even the ePrivacy Directive allows for protocol chatter for security and normal interactions, we shouldn't go beyond that here. See Article 6 Jonathan: http://eur- lex.europa.eu/LexUriServ/LexUriServ.do?uri=CONSLEG:2002L0058:20091219:EN:HTML So the best is the enemy of the good here. I still think we can reach consensus on a definition. Rigo
Received on Thursday, 8 March 2012 20:26:38 UTC