Presentation on theme: "Remember to forget me. HTTP Logs Keep DNT=1 in logs and when/if all exemption covered use has been made – de-identify (IP=0.0.0.0, UA=ZZZ) – erase the."— Presentation transcript:
Remember to forget me
HTTP Logs Keep DNT=1 in logs and when/if all exemption covered use has been made – de-identify (IP= , UA=ZZZ) – erase the data Remove referrer when de-identifying the data- When logs are aggregated, they do not contain information for record with DNT=1 – lines are literally skipped OR – anonymized beforehand (IP= , UA=ZZZ)
3rd parties Do not modify the client state (no cookie change) – the UA knows which domains it is accessing to but it may not send the cookie No personalization by third parties: - the third party should not read any cookie. - interaction with a browser sending DNT=1 should not be remembered at an application level.