EFForg
No data retention of any kind as much as is technically/legally possible.
If a user sends a DNT header there should be no data retention of any kind as much as is technically/legally possible. Log files deleted regularly, no other tracking unless required by law or the information being stored is provided by the user. If the information is provided accidentally or if they are forced to do so it should be deleted as soon as possible on request of the user. Even if the user provides information, only the willingly submitted information should be kept. Tracking shouldn't resume as normal without a DNT header just because the user submitted un-related information. No "anonymized" data that can be linked to a user with information from another source. This is essentially what you are shooting for, am I correct? I am concerned that if this is not stated extremely clearly someone will find a loophole.
Josh
