Open matt-martin opened 1 year ago
Similarly confusing to me is the fact that the KnownChildSensitiveDataConsents field in the usnat
section defines two flags:
(1) Consent to Process the Consumer’s Personal Data or Sensitive Data for Consumers from Age 13 to 16. ... (2) Consent to Process the Consumer’s Personal Data or Sensitive Data for Consumers Younger Than 13 Years of Age.
Whereas the field with the same name in the usca
section defines two totally different flags:
(1) Consent to Sell the Personal Information of Consumers Less Than 16 years of Age ... (2) Consent to Share the Personal Information of Consumers Less Than 16 years of Age
It's entirely possible that I'm missing some obvious explanation for why these should be different, but at first glance these seem so different that I don't immediately know how to make sense of it. And more to the point, it makes me wonder if one (or both) are "incorrect" in some way I don't understand.
@matt-martin for SensitiveDataProcessing:
Similar application for the questions on known child sensitive data with the state vs. national section applicability.
@lamrowena Perhaps something for your GPP working group to review.
In the spec for the US National section, the SensitiveDataProcessing field has separate flags for:
But in the spec for the California section, the SensitiveDataProcessing field combines all three of these into one:
It's not an issue for me personally (and maybe it isn't an issue for anybody else either), but I'm wondering why these are represented as three separate choices in
usnat
, but lumped together as one choice in theusca
section?