You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
(C) A business’ collection, use, retention, and sharing of a consumer’s personal information shall be reasonably necessary and proportionate to achieve the purposes for which the personal information was collected or processed, or for another disclosed purpose that is compatible with the context in which the personal information was collected, and not further processed in a manner that is incompatible with those purposes.
However, field PersonalDataConsents of the usnat string seems to imply a user can consent to purposes they were not notified of or that are incompatible with the collection.
<td>Consent to Collection, Use, Retention, Sale, and/or Sharing of the Consumer’s Personal Data that Is Unrelated to or Incompatible with the Purpose(s) for which the Consumer’s Personal Data Was Collected or Processed <p><p>References:
This seems to be a logical impossibility; how can a user consent to something they were not notified of? Either the section does not apply or the user did not consent. As soon as notice occurs, the consent is no longer covered under this section, or the use of the data remains illegal as it is not compatible with the purpose it was collected for. Under this section of law, there does not seem to be the possibility of opting into incompatible purposes.
Under what scenario might someone populate '01' in this field of the usnat string? It doesn't appear to ever be legal by my reading. The law says data shall not be used in this manner, regardless of consent.
The text was updated successfully, but these errors were encountered:
Under the referenced California legislation:
(C) A business’ collection, use, retention, and sharing of a consumer’s personal information shall be reasonably necessary and proportionate to achieve the purposes for which the personal information was collected or processed, or for another disclosed purpose that is compatible with the context in which the personal information was collected, and not further processed in a manner that is incompatible with those purposes.However, field PersonalDataConsents of the usnat string seems to imply a user can consent to purposes they were not notified of or that are incompatible with the collection.
Global-Privacy-Platform/Sections/US-National/IAB Privacy’s National Privacy Technical Specification.md
Line 274 in 259d5d4
This seems to be a logical impossibility; how can a user consent to something they were not notified of? Either the section does not apply or the user did not consent. As soon as notice occurs, the consent is no longer covered under this section, or the use of the data remains illegal as it is not compatible with the purpose it was collected for. Under this section of law, there does not seem to be the possibility of opting into incompatible purposes.
Under what scenario might someone populate '01' in this field of the usnat string? It doesn't appear to ever be legal by my reading. The law says data
shallnot be used in this manner, regardless of consent.The text was updated successfully, but these errors were encountered: