diff --git a/index.html b/index.html
index 58cafe57..6dfd6928 100644
--- a/index.html
+++ b/index.html
@@ -864,7 +864,7 @@ <h1 id="title" class="title">Privacy Principles</h1>
   </p><p>
                   This document is governed by the
                   <a id="w3c_process_revision" href="https://www.w3.org/2023/Process-20230612/">12 June 2023 <abbr title="World Wide Web Consortium">W3C</abbr> Process Document</a>.
-                </p></section><nav id="toc"><h2 class="introductory" id="table-of-contents">Table of Contents</h2><ol class="toc"><li class="tocline"><a class="tocxref" href="#abstract">Abstract</a></li><li class="tocline"><a class="tocxref" href="#sotd">Status of This Document</a></li><li class="tocline"><a class="tocxref" href="#how-this-document-fits-in">How This Document Fits In</a></li><li class="tocline"><a class="tocxref" href="#audience">Audiences for this Document</a></li><li class="tocline"><a class="tocxref" href="#intro"><bdi class="secno">1. </bdi>An Introduction to Privacy on the Web</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#autonomy"><bdi class="secno">1.1 </bdi>Individual Autonomy</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#opt-in-out"><bdi class="secno">1.1.1 </bdi>Opt-in, Consent, Opt-out, Global Controls</a></li><li class="tocline"><a class="tocxref" href="#privacy-labour"><bdi class="secno">1.1.2 </bdi>Privacy Labour</a></li></ol></li><li class="tocline"><a class="tocxref" href="#collective"><bdi class="secno">1.2 </bdi>Collective Governance</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#group-privacy"><bdi class="secno">1.2.1 </bdi>Group Privacy</a></li><li class="tocline"><a class="tocxref" href="#transparency"><bdi class="secno">1.2.2 </bdi>Transparency and Research</a></li></ol></li><li class="tocline"><a class="tocxref" href="#user-agents"><bdi class="secno">1.3 </bdi>User Agents</a></li><li class="tocline"><a class="tocxref" href="#balancing"><bdi class="secno">1.4 </bdi>Incorporating Different Privacy Principles</a></li></ol></li><li class="tocline"><a class="tocxref" href="#principles-for-privacy-on-the-web"><bdi class="secno">2. </bdi>Principles for Privacy on the Web</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#identity"><bdi class="secno">2.1 </bdi>Identity on the Web</a></li><li class="tocline"><a class="tocxref" href="#data-minimization"><bdi class="secno">2.2 </bdi>Data Minimization</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#ancillary-uses"><bdi class="secno">2.2.1 </bdi>Ancillary uses</a></li></ol></li><li class="tocline"><a class="tocxref" href="#information"><bdi class="secno">2.3 </bdi>Information access</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#acceptable-information"><bdi class="secno">2.3.1 </bdi>Handling acceptable information</a></li><li class="tocline"><a class="tocxref" href="#unacceptable-information"><bdi class="secno">2.3.2 </bdi>Handling information that's being removed</a></li><li class="tocline"><a class="tocxref" href="#sketchy-information"><bdi class="secno">2.3.3 </bdi>Handling information we can't completely block</a></li></ol></li><li class="tocline"><a class="tocxref" href="#hl-sensitive-information"><bdi class="secno">2.4 </bdi>Sensitive Information</a></li><li class="tocline"><a class="tocxref" href="#data-rights"><bdi class="secno">2.5 </bdi>Data Rights</a></li><li class="tocline"><a class="tocxref" href="#deidentified-data"><bdi class="secno">2.6 </bdi>De-identified Data</a></li><li class="tocline"><a class="tocxref" href="#collective-privacy"><bdi class="secno">2.7 </bdi>Collective Privacy</a></li><li class="tocline"><a class="tocxref" href="#device-administrators"><bdi class="secno">2.8 </bdi>Device Owners and Administrators</a></li><li class="tocline"><a class="tocxref" href="#harassment"><bdi class="secno">2.9 </bdi>Harassment</a></li><li class="tocline"><a class="tocxref" href="#unwanted-information"><bdi class="secno">2.10 </bdi>Unwanted Information</a></li><li class="tocline"><a class="tocxref" href="#vulnerability"><bdi class="secno">2.11 </bdi>Vulnerability</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#guardians"><bdi class="secno">2.11.1 </bdi>Guardians</a></li></ol></li><li class="tocline"><a class="tocxref" href="#consent-principles"><bdi class="secno">2.12 </bdi>Consent, Withdrawal of Consent, Opt-Outs, and Objections</a></li><li class="tocline"><a class="tocxref" href="#interruptions"><bdi class="secno">2.13 </bdi>Notifications and Interruptions</a></li><li class="tocline"><a class="tocxref" href="#non-retaliation"><bdi class="secno">2.14 </bdi>Non-Retaliation</a></li><li class="tocline"><a class="tocxref" href="#support-choosing-info"><bdi class="secno">2.15 </bdi>Support Choosing Which Information to Present</a></li></ol></li><li class="tocline"><a class="tocxref" href="#boring-terminology"><bdi class="secno">A. </bdi>Common Concepts</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#people"><bdi class="secno">A.1 </bdi>People</a></li><li class="tocline"><a class="tocxref" href="#context"><bdi class="secno">A.2 </bdi>Contexts</a></li><li class="tocline"><a class="tocxref" href="#parties"><bdi class="secno">A.3 </bdi>Server-Side Actors</a></li><li class="tocline"><a class="tocxref" href="#acting-on-data"><bdi class="secno">A.4 </bdi>Acting on Data</a></li><li class="tocline"><a class="tocxref" href="#recognition"><bdi class="secno">A.5 </bdi>Recognition</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#recognition-types"><bdi class="secno">A.5.1 </bdi>Recognition Types</a></li><li class="tocline"><a class="tocxref" href="#user-agent-recognition"><bdi class="secno">A.5.2 </bdi>User agent awareness of recognition</a></li></ol></li></ol></li><li class="tocline"><a class="tocxref" href="#threats"><bdi class="secno">B. </bdi>High-Level Threats</a></li><li class="tocline"><a class="tocxref" href="#bp-summary"><bdi class="secno">C. </bdi>Principles Summary</a></li><li class="tocline"><a class="tocxref" href="#acknowledgements"><bdi class="secno">D. </bdi>Acknowledgements</a></li><li class="tocline"><a class="tocxref" href="#issue-summary"><bdi class="secno">E. </bdi>Issue summary</a></li><li class="tocline"><a class="tocxref" href="#references"><bdi class="secno">F. </bdi>References</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#informative-references"><bdi class="secno">F.1 </bdi>Informative references</a></li></ol></li></ol></nav>
+                </p></section><nav id="toc"><h2 class="introductory" id="table-of-contents">Table of Contents</h2><ol class="toc"><li class="tocline"><a class="tocxref" href="#abstract">Abstract</a></li><li class="tocline"><a class="tocxref" href="#sotd">Status of This Document</a></li><li class="tocline"><a class="tocxref" href="#how-this-document-fits-in">How This Document Fits In</a></li><li class="tocline"><a class="tocxref" href="#audience">Audiences for this Document</a></li><li class="tocline"><a class="tocxref" href="#intro"><bdi class="secno">1. </bdi>An Introduction to Privacy on the Web</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#autonomy"><bdi class="secno">1.1 </bdi>Individual Autonomy</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#opt-in-out"><bdi class="secno">1.1.1 </bdi>Opt-in, Consent, Opt-out, Global Controls</a></li><li class="tocline"><a class="tocxref" href="#privacy-labour"><bdi class="secno">1.1.2 </bdi>Privacy Labour</a></li></ol></li><li class="tocline"><a class="tocxref" href="#collective"><bdi class="secno">1.2 </bdi>Collective Governance</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#group-privacy"><bdi class="secno">1.2.1 </bdi>Group Privacy</a></li><li class="tocline"><a class="tocxref" href="#transparency"><bdi class="secno">1.2.2 </bdi>Transparency and Research</a></li></ol></li><li class="tocline"><a class="tocxref" href="#user-agents"><bdi class="secno">1.3 </bdi>User Agents</a></li><li class="tocline"><a class="tocxref" href="#balancing"><bdi class="secno">1.4 </bdi>Incorporating Different Privacy Principles</a></li></ol></li><li class="tocline"><a class="tocxref" href="#principles-for-privacy-on-the-web"><bdi class="secno">2. </bdi>Principles for Privacy on the Web</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#identity"><bdi class="secno">2.1 </bdi>Identity on the Web</a></li><li class="tocline"><a class="tocxref" href="#data-minimization"><bdi class="secno">2.2 </bdi>Data Minimization</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#ancillary-uses"><bdi class="secno">2.2.1 </bdi>Ancillary uses</a></li></ol></li><li class="tocline"><a class="tocxref" href="#information"><bdi class="secno">2.3 </bdi>Information access</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#acceptable-information"><bdi class="secno">2.3.1 </bdi>Handling acceptable information</a></li><li class="tocline"><a class="tocxref" href="#unacceptable-information"><bdi class="secno">2.3.2 </bdi>Handling information that's being removed</a></li><li class="tocline"><a class="tocxref" href="#sketchy-information"><bdi class="secno">2.3.3 </bdi>Handling information we can't completely block</a></li></ol></li><li class="tocline"><a class="tocxref" href="#hl-sensitive-information"><bdi class="secno">2.4 </bdi>Sensitive Information</a></li><li class="tocline"><a class="tocxref" href="#data-rights"><bdi class="secno">2.5 </bdi>Data Rights</a></li><li class="tocline"><a class="tocxref" href="#deidentified-data"><bdi class="secno">2.6 </bdi>De-identified Data</a></li><li class="tocline"><a class="tocxref" href="#collective-privacy"><bdi class="secno">2.7 </bdi>Collective Privacy</a></li><li class="tocline"><a class="tocxref" href="#device-administrators"><bdi class="secno">2.8 </bdi>Device Owners and Administrators</a></li><li class="tocline"><a class="tocxref" href="#protecting-web-users-from-abusive-behaviour"><bdi class="secno">2.9 </bdi>Protecting web users from abusive behaviour</a></li><li class="tocline"><a class="tocxref" href="#vulnerability"><bdi class="secno">2.10 </bdi>Vulnerability</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#guardians"><bdi class="secno">2.10.1 </bdi>Guardians</a></li></ol></li><li class="tocline"><a class="tocxref" href="#consent-principles"><bdi class="secno">2.11 </bdi>Consent, Withdrawal of Consent, Opt-Outs, and Objections</a></li><li class="tocline"><a class="tocxref" href="#interruptions"><bdi class="secno">2.12 </bdi>Notifications and Interruptions</a></li><li class="tocline"><a class="tocxref" href="#non-retaliation"><bdi class="secno">2.13 </bdi>Non-Retaliation</a></li><li class="tocline"><a class="tocxref" href="#support-choosing-info"><bdi class="secno">2.14 </bdi>Support Choosing Which Information to Present</a></li></ol></li><li class="tocline"><a class="tocxref" href="#boring-terminology"><bdi class="secno">A. </bdi>Common Concepts</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#people"><bdi class="secno">A.1 </bdi>People</a></li><li class="tocline"><a class="tocxref" href="#context"><bdi class="secno">A.2 </bdi>Contexts</a></li><li class="tocline"><a class="tocxref" href="#parties"><bdi class="secno">A.3 </bdi>Server-Side Actors</a></li><li class="tocline"><a class="tocxref" href="#acting-on-data"><bdi class="secno">A.4 </bdi>Acting on Data</a></li><li class="tocline"><a class="tocxref" href="#recognition"><bdi class="secno">A.5 </bdi>Recognition</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#recognition-types"><bdi class="secno">A.5.1 </bdi>Recognition Types</a></li><li class="tocline"><a class="tocxref" href="#user-agent-recognition"><bdi class="secno">A.5.2 </bdi>User agent awareness of recognition</a></li></ol></li></ol></li><li class="tocline"><a class="tocxref" href="#threats"><bdi class="secno">B. </bdi>High-Level Threats</a></li><li class="tocline"><a class="tocxref" href="#bp-summary"><bdi class="secno">C. </bdi>Principles Summary</a></li><li class="tocline"><a class="tocxref" href="#acknowledgements"><bdi class="secno">D. </bdi>Acknowledgements</a></li><li class="tocline"><a class="tocxref" href="#issue-summary"><bdi class="secno">E. </bdi>Issue summary</a></li><li class="tocline"><a class="tocxref" href="#references"><bdi class="secno">F. </bdi>References</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#informative-references"><bdi class="secno">F.1 </bdi>Informative references</a></li></ol></li></ol></nav>
 
 <section class="introductory" id="how-this-document-fits-in"><div class="header-wrapper"><h2 id="how-this-document-fits-in-0">How This Document Fits In</h2><a class="self-link" href="#how-this-document-fits-in" aria-label="Permalink for this Section"></a></div>
 
@@ -1800,7 +1800,7 @@ <h1 id="title" class="title">Privacy Principles</h1>
 <div class="note" role="note" id="issue-container-generatedID"><div role="heading" class="note-title marker" id="h-note" aria-level="2"><span>Note</span></div><div class="">
 
 
-<p>See <a href="#guardians" data-matched-text="[[[#guardians]]]" class="sec-ref"><bdi class="secno">2.11.1 </bdi>Guardians</a> for more detail on how this principle applies to vulnerable people with <a data-link-type="dfn|abstract-op" href="#dfn-guardian" class="internalDFN" id="ref-for-dfn-guardian-1">guardians</a>.</p>
+<p>See <a href="#guardians" data-matched-text="[[[#guardians]]]" class="sec-ref"><bdi class="secno">2.10.1 </bdi>Guardians</a> for more detail on how this principle applies to vulnerable people with <a data-link-type="dfn|abstract-op" href="#dfn-guardian" class="internalDFN" id="ref-for-dfn-guardian-1">guardians</a>.</p>
 </div></div>
 
 <p>Computing devices have <dfn data-lt="device owner|owners" data-plurals="device owners" id="dfn-device-owner" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">owners</dfn>, who have
@@ -1832,92 +1832,80 @@ <h1 id="title" class="title">Privacy Principles</h1>
 children, but not be reasonable for other sorts, like friends or intimate partners.
 The <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">user agent</a> should explain what the <a data-link-type="dfn|abstract-op" href="#dfn-administrator" class="internalDFN" id="ref-for-dfn-administrator-9">administrator</a> is going to learn in a way that
 helps different users to react appropriately.</p>
-</section><section id="harassment"><div class="header-wrapper"><h3 id="x2-9-harassment"><bdi class="secno">2.9 </bdi>Harassment</h3><a class="self-link" href="#harassment" aria-label="Permalink for Section 2.9"></a></div>
-<p>Online <dfn id="dfn-harassment" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">harassment</dfn> is the "pervasive or severe targeting of an individual or group online
-through harmful behavior" [<cite><a class="bibref" data-link-type="biblio" href="#bib-pen-harassment" title="Online Harassment Field Manual">PEN-Harassment</a></cite>]. Harassment is a prevalent problem on the Web,
-particularly via social media. While harassment may affect any person using the Web, it may be more
-severe and its consequences more impactful for LGBTQ people, women, people in racial or ethnic
-minorities, people with disabilities, <a data-link-type="dfn|abstract-op" href="#dfn-vulnerable" class="internalDFN" id="ref-for-dfn-vulnerable-2">vulnerable people</a> and other marginalized groups.</p>
-<div class="note" role="note" id="issue-container-generatedID-0"><div role="heading" class="note-title marker" id="h-note-0" aria-level="2"><span>Note</span></div><aside class="">
-
-
-<p>  Some useful research overviews of online harassment include: [<cite><a class="bibref" data-link-type="biblio" href="#bib-pew-harassment" title="The State of Online Harassment">PEW-Harassment</a></cite>],
-  [<cite><a class="bibref" data-link-type="biblio" href="#bib-addressing-cyber-harassment" title="Addressing cyber harassment: An overview of hate crimes in cyberspace">Addressing-Cyber-Harassment</a></cite>] and [<cite><a class="bibref" data-link-type="biblio" href="#bib-internet-of-garbage" title="The Internet of Garbage">Internet-of-Garbage</a></cite>].</p>
-</aside></div>
-
-<p><a data-link-type="dfn|abstract-op" href="#dfn-harassment" class="internalDFN" id="ref-for-dfn-harassment-1">Harassment</a> is both a violation of privacy itself and can be magnified or facilitated by other
-violations of privacy.</p>
-<p>Abusive online behavior may include: sending <a data-link-type="dfn|abstract-op" href="#dfn-unwanted-information" class="internalDFN" id="ref-for-dfn-unwanted-information-1">unwanted information</a>; directing others to contact
-or bother a person ("dogpiling"); disclosing sensitive information about a person; posting false
-information about a person; impersonating a person; insults; threats; and hateful or demeaning
-speech.</p>
-<p>Disclosure of identifying or contact information (including "doxxing") can be used, including by
-additional attackers, to send often persistent unwanted information that amounts to harassment.
-Disclosure of location information can be used, including by additional attackers, to intrude on a
-person's physical safety or space.</p>
-<p>Mitigations for harassment include but extend beyond mitigations for unwanted information and other
-privacy principles. Harassment can include harmful activity with a wider distribution than just the
-target of harassment.</p>
+</section><section id="protecting-web-users-from-abusive-behaviour"><div class="header-wrapper"><h3 id="x2-9-protecting-web-users-from-abusive-behaviour"><bdi class="secno">2.9 </bdi>Protecting web users from abusive behaviour</h3><a class="self-link" href="#protecting-web-users-from-abusive-behaviour" aria-label="Permalink for Section 2.9"></a></div>
 <div class="practice principle"><a class="marker self-link" href="#abuse-reporting"><bdi lang="en">Principle</bdi></a>: <span class="practicelab" id="abuse-reporting">
-      Systems that allow for communicating on the Web must provide an effective capability to report
-      abuse.
+      Systems that allow for communicating on the Web must provide an
+      effective capability to report abuse. 
+        </span>
+  
+</div>
+<div class="practice principle"><a class="marker self-link" href="#abuse-protection"><bdi lang="en">Principle</bdi></a>: <span class="practicelab" id="abuse-protection">
+      <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">User agents</a> and <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#site">sites</a> must
+      take steps to protect their users from abusive behaviour, and abuse
+      mitigation must be considered when designing web platform features.
     </span>
   
 </div>
 
+<p>Online <dfn id="dfn-harassment" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">harassment</dfn> is the "pervasive or severe targeting of an individual or group online
+through harmful behavior" [<cite><a class="bibref" data-link-type="biblio" href="#bib-pen-harassment" title="Online Harassment Field Manual">PEN-Harassment</a></cite>]. Harassment is a prevalent problem on the web,
+particularly via social media. While harassment may affect any person using the web, it may be more
+severe and its consequences more impactful for LGBTQ people, women, people in racial or ethnic
+minorities, people with disabilities, <a data-link-type="dfn|abstract-op" href="#dfn-vulnerable" class="internalDFN" id="ref-for-dfn-vulnerable-2">vulnerable people</a> and other marginalized groups.</p>
+<p><a data-link-type="dfn|abstract-op" href="#dfn-harassment" class="internalDFN" id="ref-for-dfn-harassment-1">Harassment</a> is both a violation of privacy itself and can be enabled or
+exacerbated by other violations of privacy.</p>
+<p>Harassment may include: sending <a data-link-type="dfn|abstract-op" href="#dfn-unwanted-information" class="internalDFN" id="ref-for-dfn-unwanted-information-1">unwanted information</a>; directing others to contact
+or bother a person ("dogpiling"); disclosing <a href="#sensitive-information">sensitive information</a> about a person; posting false information about a person; impersonating a person; insults; threats; and hateful or demeaning speech.</p>
+<p>Disclosure of identifying or contact information (including "doxxing") can often be used to cause additional attackers to send persistent <a data-link-type="dfn|abstract-op" href="#dfn-unwanted-information" class="internalDFN" id="ref-for-dfn-unwanted-information-2">unwanted information</a> that amounts to harassment.
+Disclosure of location information can be used to intrude on a
+person's physical safety or space.</p>
 <p>Reporting mechanisms are mitigations, but may not prevent harassment, particularly in cases where
-hosts or intermediaries are supportive of or complicit in the abuse.</p>
-<div class="note" role="note" id="issue-container-generatedID-1"><div role="heading" class="note-title marker" id="h-note-1" aria-level="2"><span>Note</span></div><div class="">
-
-
-<p>  Effective reporting is likely to require:</p>
+hosts, moderators, or other intermediaries are supportive of or complicit in the abuse.</p>
+<p>Effective reporting is likely to require:</p>
 <ul>
-<li>standardized mechanisms to identify abuse reporting contacts</li>
-<li>visible, usable ways provided by sites and user agents to report abuse</li>
-<li>identifiers to refer to senders and content</li>
-<li>the ability to provide context and explanation of harms</li>
-<li>people responsible for promptly responding to reports</li>
-<li>tools for pooling mitigation information (see Unwanted information, below)</li>
+<li>standardized mechanisms to identify abuse reporting contacts;</li>
+<li>sites and user agents to provide visible and usable ways to report abuse;</li>
+<li>identifiers to refer to senders and content;</li>
+<li>the ability to provide context and explanation of harms;</li>
+<li>people responsible for promptly responding to reports;</li>
+<li>tools for pooling mitigation information (see <a href="#example-reducing-unwanted-information" data-matched-text="[[[#example-reducing-unwanted-information]]]" class="box-ref">Example<bdi> 10</bdi></a>).</li>
 </ul>
-</div></div>
-
-</section><section id="unwanted-information-0"><div class="header-wrapper"><h3 id="unwanted-information"><bdi class="secno">2.10 </bdi>Unwanted Information</h3><a class="self-link" href="#unwanted-information" aria-label="Permalink for Section 2.10"></a></div><p>Receiving unsolicited information that either may cause distress or waste the recipient's
-time or resources is a violation of privacy.</p>
-<div class="practice principle"><a class="marker self-link" href="#principle-protect-unwanted-information"><bdi lang="en">Principle</bdi></a>: <span class="practicelab" id="principle-protect-unwanted-information">
-    <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">User agents</a> and other <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-30">actors</a> should take
-    steps to ensure that their <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-80">user</a> is not exposed to unwanted information. Technical standards
-    must consider the delivery of unwanted information as part of their architecture and must
-    mitigate it accordingly.
-  </span>
+<div class="note" role="note" id="issue-container-generatedID-0"><div role="heading" class="note-title marker" id="h-note-0" aria-level="2"><span>Note</span></div><aside class="">
 
 
-</div>
+<p>  Some useful research overviews of online harassment include: [<cite><a class="bibref" data-link-type="biblio" href="#bib-pew-harassment" title="The State of Online Harassment">PEW-Harassment</a></cite>],
+  [<cite><a class="bibref" data-link-type="biblio" href="#bib-addressing-cyber-harassment" title="Addressing cyber harassment: An overview of hate crimes in cyberspace">Addressing-Cyber-Harassment</a></cite>] and [<cite><a class="bibref" data-link-type="biblio" href="#bib-internet-of-garbage" title="The Internet of Garbage">Internet-of-Garbage</a></cite>].</p>
+</aside></div>
 
 <p><dfn id="dfn-unwanted-information" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">Unwanted information</dfn> covers a broad range of unsolicited communication, from messages
 that are typically harmless individually but that become a nuisance in aggregate (spam) to the
-sending of images that will cause shock or disgust due to their graphic, violent, or explicit nature
-(e.g. pictures of one's genitals). While it is impossible, in a communication system involving many
-<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-81">people</a>, to offer perfect protection against all kinds of unwanted information, steps can be
-taken to make the sending of such messages more difficult or more costly, and to make the senders
-more accountable. Examples of mitigations include:</p>
+sending of explicit, graphic, or violent images.</p>
+<p>System designers should take steps to make the sending of unwanted information more difficult
+or more costly, and to make the senders more accountable.</p>
+<aside class="example" id="example-reducing-unwanted-information"><div class="marker">
+    <a class="self-link" href="#example-reducing-unwanted-information">Example<bdi> 10</bdi></a>
+  </div>
+
+
+<p>Examples of mitigations include:</p>
 <ul>
-<li>Restricting what new users of a service can post, notably limiting links and media until they have
+<li>Restricting what new users of a service can post, e.g. limiting links and media until a user has
 interacted a sufficient number of times over a given period with a larger group. This helps to
-raise the cost of producing sockpuppet accounts and gives new users the occasion to understand
-local norms before posting.</li>
-<li>Only accepting communication between <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-82">people</a> who have an established relationship of some kind,
+raise the cost of producing <a href="https://en.wikipedia.org/wiki/Sock_puppet_account">sock puppet accounts</a> and gives new users time to understand local norms before posting.</li>
+<li>Only accepting communication between <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-80">people</a> who have an established relationship of some kind,
 such as being part of a shared group. Protocols should consider requiring a handshake between
-<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-83">people</a> prior to enabling communication.</li>
+<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-81">people</a> prior to enabling communication.</li>
 <li>Requiring a deliberate action from the recipient before rendering media coming from an
 untrusted source.</li>
-<li>Supporting the ability for <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-84">people</a> to block another <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-31">actor</a> such that they cannot send information
+<li>Supporting the ability for <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-82">people</a> to block another <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-30">actor</a> such that they cannot send information
 again.</li>
 <li>Pooling mitigation information, for instance shared block lists, shared spam-detection
-information, or public information about misbehaving <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-32">actors</a>. As always, the collection and
-sharing of <a data-link-type="dfn|abstract-op" href="#dfn-information" class="internalDFN" id="ref-for-dfn-information-9">information</a> for safety purposes should be limited and placed under collective
-governance.</li>
+information, or public information about misbehaving <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-31">actors</a>.</li>
+<li>Enabling users to filter out or hide information or media based on tags or content warnings.</li>
 </ul>
-</section><section id="vulnerability-0"><div class="header-wrapper"><h3 id="vulnerability"><bdi class="secno">2.11 </bdi>Vulnerability</h3><a class="self-link" href="#vulnerability" aria-label="Permalink for Section 2.11"></a></div><div class="issue" id="issue-container-number-1"><div role="heading" class="issue-title marker" id="h-issue" aria-level="2"><span>Issue 1</span></div><div class="">
+</aside>
+
+</section><section id="vulnerability-0"><div class="header-wrapper"><h3 id="vulnerability"><bdi class="secno">2.10 </bdi>Vulnerability</h3><a class="self-link" href="#vulnerability" aria-label="Permalink for Section 2.10"></a></div><div class="issue" id="issue-container-number-1"><div role="heading" class="issue-title marker" id="h-issue" aria-level="2"><span>Issue 1</span></div><div class="">
 
 <p>This section is still being refined. We expect additional principles to be added.</p>
 </div></div>
@@ -1955,7 +1943,7 @@ <h1 id="title" class="title">Privacy Principles</h1>
 
 </div>
 
-<section id="guardians-0"><div class="header-wrapper"><h4 id="guardians"><bdi class="secno">2.11.1 </bdi>Guardians</h4><a class="self-link" href="#guardians" aria-label="Permalink for Section 2.11.1"></a></div><div class="practice principle"><a class="marker self-link" href="#principle-guardians-have-responsibilities"><bdi lang="en">Principle</bdi></a>: <span class="practicelab" id="principle-guardians-have-responsibilities">
+<section id="guardians-0"><div class="header-wrapper"><h4 id="guardians"><bdi class="secno">2.10.1 </bdi>Guardians</h4><a class="self-link" href="#guardians" aria-label="Permalink for Section 2.10.1"></a></div><div class="practice principle"><a class="marker self-link" href="#principle-guardians-have-responsibilities"><bdi lang="en">Principle</bdi></a>: <span class="practicelab" id="principle-guardians-have-responsibilities">
 A <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">user agent</a> may only provide information about a <a data-link-type="dfn|abstract-op" href="#dfn-ward" class="internalDFN" id="ref-for-dfn-ward-1">ward</a> to a <a data-link-type="dfn|abstract-op" href="#dfn-guardian" class="internalDFN" id="ref-for-dfn-guardian-2">guardian</a> for the purpose of
 helping that <a data-link-type="dfn|abstract-op" href="#dfn-guardian" class="internalDFN" id="ref-for-dfn-guardian-3">guardian</a> uphold their responsibilities to their <a data-link-type="dfn|abstract-op" href="#dfn-ward" class="internalDFN" id="ref-for-dfn-ward-2">ward</a>. This system must include
 measures to help <a data-link-type="dfn|abstract-op" href="#dfn-ward" class="internalDFN" id="ref-for-dfn-ward-3">wards</a> who realize that their <a data-link-type="dfn|abstract-op" href="#dfn-guardian" class="internalDFN" id="ref-for-dfn-guardian-4">guardian</a> isn't acting in the <a data-link-type="dfn|abstract-op" href="#dfn-ward" class="internalDFN" id="ref-for-dfn-ward-4">ward</a>'s
@@ -1979,7 +1967,7 @@ <h1 id="title" class="title">Privacy Principles</h1>
 that feature by correctly balancing a benevolent <a data-link-type="dfn|abstract-op" href="#dfn-guardian" class="internalDFN" id="ref-for-dfn-guardian-11">guardian</a>'s need to protect their <a data-link-type="dfn|abstract-op" href="#dfn-ward" class="internalDFN" id="ref-for-dfn-ward-11">ward</a> from
 dangers against other <a data-link-type="dfn|abstract-op" href="#dfn-ward" class="internalDFN" id="ref-for-dfn-ward-12">wards</a>' need to protect themselves from their misbehaving <a data-link-type="dfn|abstract-op" href="#dfn-guardian" class="internalDFN" id="ref-for-dfn-guardian-12">guardians</a>.</p>
 <aside class="example" id="example-protective-parent"><div class="marker">
-    <a class="self-link" href="#example-protective-parent">Example<bdi> 10</bdi></a><span class="example-title">: Protective parents</span>
+    <a class="self-link" href="#example-protective-parent">Example<bdi> 11</bdi></a><span class="example-title">: Protective parents</span>
   </div>
 
 <p>A parent might configure a small child's <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">user agent</a> to block access to violent content until the
@@ -1987,7 +1975,7 @@ <h1 id="title" class="title">Privacy Principles</h1>
 </aside>
 
 <aside class="example" id="example-lgbt-kid"><div class="marker">
-    <a class="self-link" href="#example-lgbt-kid">Example<bdi> 11</bdi></a><span class="example-title">: An LGBT child</span>
+    <a class="self-link" href="#example-lgbt-kid">Example<bdi> 12</bdi></a><span class="example-title">: An LGBT child</span>
   </div>
 
 <p>A child may discover that they're LGBT and need to find supportive resources online. If they have a
@@ -2001,8 +1989,8 @@ <h1 id="title" class="title">Privacy Principles</h1>
 <p>Add crosslinks to <a href="#device-administrators" data-matched-text="[[[#device-administrators]]]" class="sec-ref"><bdi class="secno">2.8 </bdi>Device Owners and Administrators</a>.</p>
 </aside></div>
 
-</section></section><section id="consent-withdrawal-of-consent-opt-outs-and-objections"><div class="header-wrapper"><h3 id="consent-principles"><bdi class="secno">2.12 </bdi>Consent, Withdrawal of Consent, Opt-Outs, and Objections</h3><a class="self-link" href="#consent-principles" aria-label="Permalink for Section 2.12"></a></div><div class="practice principle"><a class="marker self-link" href="#principle-consent-user-preference"><bdi lang="en">Principle</bdi></a>: <span class="practicelab" id="principle-consent-user-preference">
-    When any <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-33">actor</a> obtains <a data-link-type="dfn|abstract-op" href="#dfn-opt-in" class="internalDFN" id="ref-for-dfn-opt-in-10">consent</a> for processing from a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-85">person</a>, the
+</section></section><section id="consent-withdrawal-of-consent-opt-outs-and-objections"><div class="header-wrapper"><h3 id="consent-principles"><bdi class="secno">2.11 </bdi>Consent, Withdrawal of Consent, Opt-Outs, and Objections</h3><a class="self-link" href="#consent-principles" aria-label="Permalink for Section 2.11"></a></div><div class="practice principle"><a class="marker self-link" href="#principle-consent-user-preference"><bdi lang="en">Principle</bdi></a>: <span class="practicelab" id="principle-consent-user-preference">
+    When any <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-32">actor</a> obtains <a data-link-type="dfn|abstract-op" href="#dfn-opt-in" class="internalDFN" id="ref-for-dfn-opt-in-10">consent</a> for processing from a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-83">person</a>, the
     actor should design the consent request so as to learn the person's true
     intent to consent or not, and not to maximize the processing consented to.
   </span>
@@ -2012,14 +2000,14 @@ <h1 id="title" class="title">Privacy Principles</h1>
 <p>Attempts to obtain consent to <a data-link-type="dfn|abstract-op" href="#dfn-process" class="internalDFN" id="ref-for-dfn-process-31">processing</a> that is not in accordance with the person's
 true preferences result in imposing unwanted <a data-link-type="dfn|abstract-op" href="#dfn-privacy-labor" class="internalDFN" id="ref-for-dfn-privacy-labor-7">privacy labour</a> on the person, and may
 result in people erroneously giving consent that they regret later.</p>
-<p>An <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-34">actor</a> should not prompt a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-86">person</a> for consent if the
+<p>An <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-33">actor</a> should not prompt a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-84">person</a> for consent if the
 person is unlikely to have sufficient information to make an informed decision to consent or not.
 In considering whether or not a person is sufficiently informed to be asked for consent,
 actors should be realistic in assessing how much time and effort would be required to understand the
 processing for which they are asking for consent.
 Simply providing a link to a complex policy is unlikely to mean that the person is informed.</p>
 <div class="practice principle"><a class="marker self-link" href="#principle-minimize-consent-requests"><bdi lang="en">Principle</bdi></a>: <span class="practicelab" id="principle-minimize-consent-requests">
-    An <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-35">actor</a> should avoid interrupting a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-87">person</a>'s use of a site for
+    An <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-34">actor</a> should avoid interrupting a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-85">person</a>'s use of a site for
     consent requests when an alternative is available.
   </span>
 
@@ -2036,33 +2024,33 @@ <h1 id="title" class="title">Privacy Principles</h1>
 </li>
 <li><p>Relying on a <a data-link-type="dfn|abstract-op" href="#dfn-global-opt-out" class="internalDFN" id="ref-for-dfn-global-opt-out-6">global opt-out</a> signal from the <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">user agent</a>.</p>
 </li>
-<li><p>Delaying a prompt for consent until a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-88">user</a> does something that puts the request in context,
+<li><p>Delaying a prompt for consent until a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-86">user</a> does something that puts the request in context,
  which will also help them give an informed response.</p>
 </li>
 </ul>
 <div class="practice principle"><a class="marker self-link" href="#principle-consent-withdraw"><bdi lang="en">Principle</bdi></a>: <span class="practicelab" id="principle-consent-withdraw">
-  It should be as easy for a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-89">person</a> to check what consent they have given, to withdraw consent,
+  It should be as easy for a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-87">person</a> to check what consent they have given, to withdraw consent,
   or to opt out or object, as to give consent.
   </span>
 
 </div>
 
-<p>A <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-90">person</a> may share data about other <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-91">people</a> (e.g. a picture with both that person and others). If that person consents to the processing of that data, this does not imply that those other people have consented as well.</p>
+<p>A <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-88">person</a> may share data about other <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-89">people</a> (e.g. a picture with both that person and others). If that person consents to the processing of that data, this does not imply that those other people have consented as well.</p>
 <div class="practice principle"><a class="marker self-link" href="#principle-consent-otherpeople"><bdi lang="en">Principle</bdi></a>: <span class="practicelab" id="principle-consent-otherpeople">
-      <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-36">Actors</a> should provide functionality to access, correct, and remove data about
-      <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-92">people</a> to those <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-93">people</a> when that data has been provided by someone else.
+      <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-35">Actors</a> should provide functionality to access, correct, and remove data about
+      <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-90">people</a> to those <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-91">people</a> when that data has been provided by someone else.
     </span>
   
 </div>
 
-<div class="note" role="note" id="issue-container-generatedID-2"><div role="heading" class="note-title marker" id="h-note-2" aria-level="2"><span>Note</span></div><div class="">
+<div class="note" role="note" id="issue-container-generatedID-1"><div role="heading" class="note-title marker" id="h-note-1" aria-level="2"><span>Note</span></div><div class="">
 
 
 <p>  See <a href="#group-privacy">Group Privacy</a> and <a href="#data-rights">Data Rights</a> for
   further discussion of privacy of people other than the user.</p>
 </div></div>
 
-</section><section id="notifications-and-interruptions"><div class="header-wrapper"><h3 id="interruptions"><bdi class="secno">2.13 </bdi>Notifications and Interruptions</h3><a class="self-link" href="#interruptions" aria-label="Permalink for Section 2.13"></a></div><div class="issue" id="issue-container-number-3"><div role="heading" class="issue-title marker" id="h-issue-1" aria-level="2"><span>Issue 3</span></div><aside class="">
+</section><section id="notifications-and-interruptions"><div class="header-wrapper"><h3 id="interruptions"><bdi class="secno">2.12 </bdi>Notifications and Interruptions</h3><a class="self-link" href="#interruptions" aria-label="Permalink for Section 2.12"></a></div><div class="issue" id="issue-container-number-3"><div role="heading" class="issue-title marker" id="h-issue-1" aria-level="2"><span>Issue 3</span></div><aside class="">
 
 <p>This is related to <a data-link-type="dfn|abstract-op" href="#dfn-autonomous" class="internalDFN" id="ref-for-dfn-autonomous-14">autonomy</a>.</p>
 </aside></div>
@@ -2098,43 +2086,43 @@ <h1 id="title" class="title">Privacy Principles</h1>
   Permissions should be requested in context.</p>
 </div>
 
-</section><section id="non-retaliation-0"><div class="header-wrapper"><h3 id="non-retaliation"><bdi class="secno">2.14 </bdi>Non-Retaliation</h3><a class="self-link" href="#non-retaliation" aria-label="Permalink for Section 2.14"></a></div><div class="practice principle"><a class="marker self-link" href="#principle-do-not-retaliate"><bdi lang="en">Principle</bdi></a>: <span class="practicelab" id="principle-do-not-retaliate">
-    <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-37">Actors</a> must not retaliate against <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-94">people</a> who protect their <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-37">data</a> against
+</section><section id="non-retaliation-0"><div class="header-wrapper"><h3 id="non-retaliation"><bdi class="secno">2.13 </bdi>Non-Retaliation</h3><a class="self-link" href="#non-retaliation" aria-label="Permalink for Section 2.13"></a></div><div class="practice principle"><a class="marker self-link" href="#principle-do-not-retaliate"><bdi lang="en">Principle</bdi></a>: <span class="practicelab" id="principle-do-not-retaliate">
+    <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-36">Actors</a> must not retaliate against <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-92">people</a> who protect their <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-37">data</a> against
     non-essential <a data-link-type="dfn|abstract-op" href="#dfn-process" class="internalDFN" id="ref-for-dfn-process-32">processing</a> or exercise rights over their <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-38">data</a>.
   </span>
   
 </div>
 
-<p>Whenever people have the ability to cause an <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-38">actor</a> to process less of their <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-39">data</a> or to stop
+<p>Whenever people have the ability to cause an <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-37">actor</a> to process less of their <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-39">data</a> or to stop
 carrying out some given set of data processing that is not essential to the service, they must be
-allowed to do so without the <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-39">actor</a> retaliating, for instance by artificially removing an
+allowed to do so without the <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-38">actor</a> retaliating, for instance by artificially removing an
 unrelated feature, by decreasing the quality of the service, or by trying to cajole, badger, or
-trick the <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-95">person</a> into opting back into the <a data-link-type="dfn|abstract-op" href="#dfn-process" class="internalDFN" id="ref-for-dfn-process-33">processing</a>.</p>
+trick the <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-93">person</a> into opting back into the <a data-link-type="dfn|abstract-op" href="#dfn-process" class="internalDFN" id="ref-for-dfn-process-33">processing</a>.</p>
 <div class="issue" id="issue-container-number-4"><div role="heading" class="issue-title marker" id="h-issue-2" aria-level="2"><span>Issue 4</span></div><aside class="">
 
 <p>Some services have the user pay for their use in data. These services aren't necessarily retaliating by denying their services to users who refuse to pay with data, but the details are more complex than we've had time to write.</p>
 </aside></div>
 
-</section><section id="support-choosing-which-information-to-present"><div class="header-wrapper"><h3 id="support-choosing-info"><bdi class="secno">2.15 </bdi>Support Choosing Which Information to Present</h3><a class="self-link" href="#support-choosing-info" aria-label="Permalink for Section 2.15"></a></div><div class="practice principle"><a class="marker self-link" href="#principle-support-choosing-info"><bdi lang="en">Principle</bdi></a>: <span class="practicelab" id="principle-support-choosing-info">
-    <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">User agents</a> should support <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-96">people</a> in choosing which information they provide to <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-40">actors</a> that
+</section><section id="support-choosing-which-information-to-present"><div class="header-wrapper"><h3 id="support-choosing-info"><bdi class="secno">2.14 </bdi>Support Choosing Which Information to Present</h3><a class="self-link" href="#support-choosing-info" aria-label="Permalink for Section 2.14"></a></div><div class="practice principle"><a class="marker self-link" href="#principle-support-choosing-info"><bdi lang="en">Principle</bdi></a>: <span class="practicelab" id="principle-support-choosing-info">
+    <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">User agents</a> should support <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-94">people</a> in choosing which information they provide to <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-39">actors</a> that
     request it, up to and including allowing users to provide arbitrary information.
   </span>
   
 </div>
 
-<p><a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-41">Actors</a> can invest time and energy into automating ways of gathering <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-40">data</a> from <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-97">people</a> and can
-design their products in ways that make it a lot easier for <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-98">people</a> to disclose information than not, whereas
-<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-99">people</a> typically have to manually wade through options, repeated prompts, and <a data-link-type="dfn|abstract-op" href="#dfn-dark-pattern" class="internalDFN" id="ref-for-dfn-dark-pattern-3">deceptive patterns</a>. In many
-cases, the absence of data — when a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-100">person</a> refuses to provide some information — can also be identifying
+<p><a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-40">Actors</a> can invest time and energy into automating ways of gathering <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-40">data</a> from <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-95">people</a> and can
+design their products in ways that make it a lot easier for <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-96">people</a> to disclose information than not, whereas
+<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-97">people</a> typically have to manually wade through options, repeated prompts, and <a data-link-type="dfn|abstract-op" href="#dfn-dark-pattern" class="internalDFN" id="ref-for-dfn-dark-pattern-3">deceptive patterns</a>. In many
+cases, the absence of data — when a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-98">person</a> refuses to provide some information — can also be identifying
 or revealing. Additionally, APIs can be defined or implemented in rigid ways that can prevent people from
 accessing useful functionality. For example, I might want to look for restaurants in a city I will be visiting
 this weekend, but if my geolocation is forcefully set to match my GPS, a restaurant-finding
 site might only allow searches in my current location. In other cases, sites do not abide by data
 minimisation principles and request more information than they require. This principle supports
-<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-101">people</a> in minimising their own data.</p>
-<p><a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">User agents</a> should make it simple for <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-102">people</a> to <a href="#principle-identity-per-context">present the identity they wish
+<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-99">people</a> in minimising their own data.</p>
+<p><a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">User agents</a> should make it simple for <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-100">people</a> to <a href="#principle-identity-per-context">present the identity they wish
 to</a> and to provide information about themselves or their devices in
-ways that they control. This helps <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-103">people</a> to live in obscurity ([<cite><a class="bibref" data-link-type="biblio" href="#bib-lost-in-crowd" title="Why You Can No Longer Get Lost in the Crowd">Lost-In-Crowd</a></cite>],
+ways that they control. This helps <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-101">people</a> to live in obscurity ([<cite><a class="bibref" data-link-type="biblio" href="#bib-lost-in-crowd" title="Why You Can No Longer Get Lost in the Crowd">Lost-In-Crowd</a></cite>],
 [<cite><a class="bibref" data-link-type="biblio" href="#bib-obscurity-by-design" title="Obscurity by Design">Obscurity-By-Design</a></cite>]), including by obfuscating information about themselves ([<cite><a class="bibref" data-link-type="biblio" href="#bib-obfuscation" title="Obfuscation: A User's Guide for Privacy and Protest">Obfuscation</a></cite>]).</p>
 <div class="practice principle"><a class="marker self-link" href="#principle-no-facts-or-promises"><bdi lang="en">Principle</bdi></a>: <span class="practicelab" id="principle-no-facts-or-promises">
     APIs should be designed such that data returned through an API does not assert a fact or make a
@@ -2143,17 +2131,17 @@ <h1 id="title" class="title">Privacy Principles</h1>
   
 </div>
 
-<p>Instead, the API could indicate a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-104">person</a>'s preference, a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-105">person</a>'s chosen identity, a
-<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-106">person</a>'s query or interest, or a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-107">person</a>'s selected communication style.</p>
+<p>Instead, the API could indicate a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-102">person</a>'s preference, a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-103">person</a>'s chosen identity, a
+<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-104">person</a>'s query or interest, or a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-105">person</a>'s selected communication style.</p>
 <div class="example">
 
 
 <p>For example, a <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">user agent</a> might support this principle by:</p>
 <ul>
-<li>Generating domain-specific email addresses or other directed identifiers so that <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-108">people</a> can
+<li>Generating domain-specific email addresses or other directed identifiers so that <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-106">people</a> can
 log into the site without becoming recognisable across contexts.</li>
 <li>Offering the option to generate geolocation and accelerometry data with parameters specified by
-the <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-109">user</a>.</li>
+the <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-107">user</a>.</li>
 <li>Uploading a stored video stream in response to a camera prompt.</li>
 <li>Automatically granting or denying permission prompts based on user configuration.</li>
 </ul>
@@ -2169,11 +2157,11 @@ <h1 id="title" class="title">Privacy Principles</h1>
 mitigating forms of data collection, including <a data-type="dfn" href="https://www.w3.org/TR/fingerprinting-guidance/#dfn-browser-fingerprinting">browser fingerprinting</a>.</p>
 </section></section><section class="appendix" id="common-concepts"><div class="header-wrapper"><h2 id="boring-terminology"><bdi class="secno">A. </bdi>Common Concepts</h2><a class="self-link" href="#boring-terminology" aria-label="Permalink for Appendix A."></a></div>
 
-<section id="people-0"><div class="header-wrapper"><h3 id="people"><bdi class="secno">A.1 </bdi>People</h3><a class="self-link" href="#people" aria-label="Permalink for Appendix A.1"></a></div><p>A <dfn data-lt="individual|people|user|data subject|person" data-plurals="individuals|users" id="dfn-individual" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">person</dfn> (also <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-110">user</a> or
-<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-111">data subject</a>) is any natural person. Throughout this document, we primarily use <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-112">person</a> or
-<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-113">people</a> to refer to human beings, as a reminder of their humanity. When we use the term <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-114">user</a>,
-it is to talk about the specific <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-115">person</a> who happens to be using a given system at that time.</p>
-<p>A <dfn data-lt="vulnerable|vulnerable person" data-plurals="vulnerable people" id="dfn-vulnerable" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">vulnerable person</dfn> is a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-116">person</a> who may be unable to
+<section id="people-0"><div class="header-wrapper"><h3 id="people"><bdi class="secno">A.1 </bdi>People</h3><a class="self-link" href="#people" aria-label="Permalink for Appendix A.1"></a></div><p>A <dfn data-lt="individual|people|user|data subject|person" data-plurals="individuals|users" id="dfn-individual" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">person</dfn> (also <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-108">user</a> or
+<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-109">data subject</a>) is any natural person. Throughout this document, we primarily use <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-110">person</a> or
+<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-111">people</a> to refer to human beings, as a reminder of their humanity. When we use the term <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-112">user</a>,
+it is to talk about the specific <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-113">person</a> who happens to be using a given system at that time.</p>
+<p>A <dfn data-lt="vulnerable|vulnerable person" data-plurals="vulnerable people" id="dfn-vulnerable" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">vulnerable person</dfn> is a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-114">person</a> who may be unable to
 exercise sufficient self-determination in a <a data-link-type="dfn|abstract-op" href="#dfn-context" class="internalDFN" id="ref-for-dfn-context-11">context</a>. Amongst other things, they should
 be treated with greater default privacy protections and may be considered unable to
 <a data-link-type="dfn|abstract-op" href="#dfn-opt-in" class="internalDFN" id="ref-for-dfn-opt-in-11">consent</a> to various interactions with a system.
@@ -2181,25 +2169,25 @@ <h1 id="title" class="title">Privacy Principles</h1>
 are employees with respect to their employers, are facing a steep asymmetry of power,
 are people in some situations of intellectual or psychological impairment, are
 refugees, etc.</p>
-</section><section id="contexts"><div class="header-wrapper"><h3 id="context"><bdi class="secno">A.2 </bdi>Contexts</h3><a class="self-link" href="#context" aria-label="Permalink for Appendix A.2"></a></div><p>A <dfn data-plurals="contexts" id="dfn-context" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">context</dfn> is a physical or digital environment in which <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-117">people</a> interact with other
-<a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-42">actors</a>, and which the <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-118">people</a> understand as distinct from other <a data-link-type="dfn|abstract-op" href="#dfn-context" class="internalDFN" id="ref-for-dfn-context-12">contexts</a>.</p>
+</section><section id="contexts"><div class="header-wrapper"><h3 id="context"><bdi class="secno">A.2 </bdi>Contexts</h3><a class="self-link" href="#context" aria-label="Permalink for Appendix A.2"></a></div><p>A <dfn data-plurals="contexts" id="dfn-context" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">context</dfn> is a physical or digital environment in which <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-115">people</a> interact with other
+<a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-41">actors</a>, and which the <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-116">people</a> understand as distinct from other <a data-link-type="dfn|abstract-op" href="#dfn-context" class="internalDFN" id="ref-for-dfn-context-12">contexts</a>.</p>
 <p>A <a data-link-type="dfn|abstract-op" href="#dfn-context" class="internalDFN" id="ref-for-dfn-context-13">context</a> is not defined in terms of who owns or controls it. Sharing
 <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-41">data</a> between different <a data-link-type="dfn|abstract-op" href="#dfn-context" class="internalDFN" id="ref-for-dfn-context-14">contexts</a> of a single company is
-a <a data-link-type="dfn|abstract-op" href="#dfn-privacy-violation" class="internalDFN" id="ref-for-dfn-privacy-violation-2">privacy violation</a>, just as if the same data were shared between unrelated <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-43">actors</a>.</p>
-</section><section id="server-side-actors"><div class="header-wrapper"><h3 id="parties"><bdi class="secno">A.3 </bdi>Server-Side Actors</h3><a class="self-link" href="#parties" aria-label="Permalink for Appendix A.3"></a></div><p>An <dfn data-plurals="actors" id="dfn-actor" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">actor</dfn> is an entity that a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-119">person</a> can reasonably understand as a single "thing"
-they're interacting with. <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-44">Actors</a> can be <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-120">people</a> or collective entities like companies,
+a <a data-link-type="dfn|abstract-op" href="#dfn-privacy-violation" class="internalDFN" id="ref-for-dfn-privacy-violation-2">privacy violation</a>, just as if the same data were shared between unrelated <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-42">actors</a>.</p>
+</section><section id="server-side-actors"><div class="header-wrapper"><h3 id="parties"><bdi class="secno">A.3 </bdi>Server-Side Actors</h3><a class="self-link" href="#parties" aria-label="Permalink for Appendix A.3"></a></div><p>An <dfn data-plurals="actors" id="dfn-actor" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">actor</dfn> is an entity that a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-117">person</a> can reasonably understand as a single "thing"
+they're interacting with. <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-43">Actors</a> can be <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-118">people</a> or collective entities like companies,
 associations, or governmental bodies. Uses of this document in a particular domain are expected to
-describe how the core concepts of that domain combine into a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-121">user</a>-comprehensible <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-45">actor</a>, and
+describe how the core concepts of that domain combine into a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-119">user</a>-comprehensible <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-44">actor</a>, and
 those refined definitions are likely to differ between domains.</p>
-<p><a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">User agents</a> tend to explain to <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-122">people</a> which <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#concept-origin">origin</a> or <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#site">site</a> provided the
-web page they're looking at. The <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-46">actor</a> that controls this <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#concept-origin">origin</a> or <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#site">site</a> is
-known as the web page's <dfn data-dfn-for="page" data-plurals="first parties" id="dfn-first-party" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">first party</dfn>. When a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-123">person</a>
+<p><a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">User agents</a> tend to explain to <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-120">people</a> which <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#concept-origin">origin</a> or <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#site">site</a> provided the
+web page they're looking at. The <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-45">actor</a> that controls this <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#concept-origin">origin</a> or <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#site">site</a> is
+known as the web page's <dfn data-dfn-for="page" data-plurals="first parties" id="dfn-first-party" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">first party</dfn>. When a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-121">person</a>
 interacts with a UI element on a web page, the <dfn data-plurals="first parties" id="dfn-first-party-0" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">first party</dfn> of that interaction
-is usually the web page's <a data-link-type="dfn|abstract-op" href="#dfn-first-party" class="internalDFN" id="ref-for-dfn-first-party-1">first party</a>. However, if a different <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-47">actor</a> controls
+is usually the web page's <a data-link-type="dfn|abstract-op" href="#dfn-first-party" class="internalDFN" id="ref-for-dfn-first-party-1">first party</a>. However, if a different <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-46">actor</a> controls
 how data collected with
 the UI element is used, and a reasonable person with a realistic cognitive budget would realize
-that this other <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-48">actor</a> has this control, this other
-<a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-49">actor</a> is the <a data-link-type="dfn|abstract-op" href="#dfn-first-party-0" class="internalDFN" id="ref-for-dfn-first-party-0-5">first party</a> for the interaction instead.</p>
+that this other <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-47">actor</a> has this control, this other
+<a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-48">actor</a> is the <a data-link-type="dfn|abstract-op" href="#dfn-first-party-0" class="internalDFN" id="ref-for-dfn-first-party-0-5">first party</a> for the interaction instead.</p>
 <div class="issue" id="issue-container-number-5"><div role="heading" class="issue-title marker" id="h-issue-3" aria-level="3"><span>Issue 5</span></div><aside class="">
 
 
@@ -2210,8 +2198,8 @@ <h1 id="title" class="title">Privacy Principles</h1>
 
 <p>The <a data-link-type="dfn|abstract-op" href="#dfn-first-party-0" class="internalDFN" id="ref-for-dfn-first-party-0-7">first party</a> to an interaction is accountable for the processing of data produced
 by that interaction, even if another actor does the processing.</p>
-<p>A <dfn data-lt="third parties|third party" id="dfn-third-parties" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">third party</dfn> is any <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-50">actor</a> other than the
-<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-124">person</a> visiting the website or the <a data-link-type="dfn|abstract-op" href="#dfn-first-party-0" class="internalDFN" id="ref-for-dfn-first-party-0-8">first parties</a> they expect to be interacting
+<p>A <dfn data-lt="third parties|third party" id="dfn-third-parties" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">third party</dfn> is any <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-49">actor</a> other than the
+<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-122">person</a> visiting the website or the <a data-link-type="dfn|abstract-op" href="#dfn-first-party-0" class="internalDFN" id="ref-for-dfn-first-party-0-8">first parties</a> they expect to be interacting
 with.</p>
 <p>The <dfn id="dfn-vegas-rule" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">Vegas Rule</dfn> is a simple implementation of privacy in which "<i>what happens with the
 <a data-link-type="dfn|abstract-op" href="#dfn-first-party-0" class="internalDFN" id="ref-for-dfn-first-party-0-9">first party</a> stays with the <a data-link-type="dfn|abstract-op" href="#dfn-first-party-0" class="internalDFN" id="ref-for-dfn-first-party-0-10">first party</a></i>." Put differently, the <a data-link-type="dfn|abstract-op" href="#dfn-vegas-rule" class="internalDFN" id="ref-for-dfn-vegas-rule-1">Vegas Rule</a> is followed
@@ -2220,16 +2208,16 @@ <h1 id="title" class="title">Privacy Principles</h1>
 <a data-link-type="dfn|abstract-op" href="#dfn-inappropriately" class="internalDFN" id="ref-for-dfn-inappropriately-4">inappropriately</a>, and there are cases where a third party can learn information about a person
 but still treat it <a data-link-type="dfn|abstract-op" href="#dfn-appropriately" class="internalDFN" id="ref-for-dfn-appropriately-10">appropriately</a>.</p>
 </section><section id="acting-on-data-0"><div class="header-wrapper"><h3 id="acting-on-data"><bdi class="secno">A.4 </bdi>Acting on Data</h3><a class="self-link" href="#acting-on-data" aria-label="Permalink for Appendix A.4"></a></div><p>We define <dfn data-lt="data|personal data" id="dfn-data" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">personal data</dfn> as any information that is directly or
-indirectly related to an identified or identifiable <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-125">person</a>, such as by reference to an
+indirectly related to an identified or identifiable <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-123">person</a>, such as by reference to an
 <a data-link-type="dfn|abstract-op" href="#dfn-identifier" class="internalDFN" id="ref-for-dfn-identifier-9">identifier</a> ([<cite><a class="bibref" data-link-type="biblio" href="#bib-gdpr" title="General Data Protection Regulations (GDPR) / Regulation (EU) 2016/679">GDPR</a></cite>], [<cite><a class="bibref" data-link-type="biblio" href="#bib-oecd-guidelines" title="OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data">OECD-Guidelines</a></cite>], [<cite><a class="bibref" data-link-type="biblio" href="#bib-convention-108" title="Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data">Convention-108</a></cite>]).</p>
 <p>On the web, an <dfn data-plurals="identifiers" id="dfn-identifier" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">identifier</dfn> of some type is typically assigned for an
 <a data-link-type="dfn|abstract-op" href="#dfn-identity" class="internalDFN" id="ref-for-dfn-identity-5">identity</a> as seen by a website, which makes it easier for an automated
-system to store data about that <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-126">person</a>.</p>
-<p>Examples of <a data-link-type="dfn|abstract-op" href="#dfn-identifier" class="internalDFN" id="ref-for-dfn-identifier-10">identifiers</a> for a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-127">person</a> can be:</p>
+system to store data about that <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-124">person</a>.</p>
+<p>Examples of <a data-link-type="dfn|abstract-op" href="#dfn-identifier" class="internalDFN" id="ref-for-dfn-identifier-10">identifiers</a> for a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-125">person</a> can be:</p>
 <ul>
 <li>their name,</li>
 <li>an identification number including those mapping to a device that this
-<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-128">person</a> may be using,</li>
+<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-126">person</a> may be using,</li>
 <li>their phone number,</li>
 <li>their location data,</li>
 <li>an online identifier such as email or IP addresses,</li>
@@ -2240,24 +2228,24 @@ <h1 id="title" class="title">Privacy Principles</h1>
 cultural, social, or behavioral <a data-link-type="dfn|abstract-op" href="#dfn-identity" class="internalDFN" id="ref-for-dfn-identity-6">identity</a>,</li>
 <li>strings derived from other <a data-link-type="dfn|abstract-op" href="#dfn-identifier" class="internalDFN" id="ref-for-dfn-identifier-11">identifiers</a>, for instance through hashing.</li>
 </ul>
-<p>If a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-129">person</a> could reasonably be identified or re-identified through the combination of <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-42">data</a> with other
+<p>If a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-127">person</a> could reasonably be identified or re-identified through the combination of <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-42">data</a> with other
 <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-43">data</a>, then that <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-44">data</a> is <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-45">personal data</a>.</p>
 <p><dfn id="dfn-privacy" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">Privacy</dfn> is achieved in a given <a data-link-type="dfn|abstract-op" href="#dfn-context" class="internalDFN" id="ref-for-dfn-context-15">context</a> that either involves <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-46">personal data</a> or
-involves information being presented to <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-130">people</a> when the principles of that <a data-link-type="dfn|abstract-op" href="#dfn-context" class="internalDFN" id="ref-for-dfn-context-16">context</a> are
+involves information being presented to <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-128">people</a> when the principles of that <a data-link-type="dfn|abstract-op" href="#dfn-context" class="internalDFN" id="ref-for-dfn-context-16">context</a> are
 followed appropriately. When the principles for that <a data-link-type="dfn|abstract-op" href="#dfn-context" class="internalDFN" id="ref-for-dfn-context-17">context</a> are not followed, there is a
 <dfn id="dfn-privacy-violation" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">privacy violation</dfn>. Similarly, we say that a particular interaction is
 <dfn data-lt="appropriately|appropriate" id="dfn-appropriately" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">appropriate</dfn> when the principles are adhered
 to) or <dfn data-lt="inappropriately|inappropriate" id="dfn-inappropriately" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">inappropriate</dfn> otherwise.</p>
-<p>An <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-51">actor</a> <dfn data-lt="process|processing|processed|data processing|processes" id="dfn-process" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">processes</dfn> data if it
+<p>An <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-50">actor</a> <dfn data-lt="process|processing|processed|data processing|processes" id="dfn-process" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">processes</dfn> data if it
 carries out operations on <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-47">personal data</a>, whether or not by automated means, such as
 collection, recording, organisation, structuring, storage, adaptation or alteration,
 retrieval, consultation, use, disclosure by transmission, <a data-link-type="dfn|abstract-op" href="#dfn-share" class="internalDFN" id="ref-for-dfn-share-1">sharing</a>, dissemination or
 otherwise making available, <a data-link-type="dfn|abstract-op" href="#dfn-sell" class="internalDFN" id="ref-for-dfn-sell-1">selling</a>, alignment or combination, restriction, erasure or
 destruction.</p>
-<p>An <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-52">actor</a> <dfn data-lt="share|sharing|shares" id="dfn-share" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">shares</dfn> data if it provides it to any other
-<a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-53">actor</a>. Note that, under this definition, an <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-54">actor</a> that provides data to its own
+<p>An <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-51">actor</a> <dfn data-lt="share|sharing|shares" id="dfn-share" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">shares</dfn> data if it provides it to any other
+<a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-52">actor</a>. Note that, under this definition, an <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-53">actor</a> that provides data to its own
 <a data-link-type="dfn|abstract-op" href="#dfn-data-processor" class="internalDFN" id="ref-for-dfn-data-processor-1">service providers</a> is not <a data-link-type="dfn|abstract-op" href="#dfn-share" class="internalDFN" id="ref-for-dfn-share-2">sharing</a> it.</p>
-<p>An <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-55">actor</a> <dfn data-lt="sell|selling|sells" id="dfn-sell" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">sells</dfn> data when it <a data-link-type="dfn|abstract-op" href="#dfn-share" class="internalDFN" id="ref-for-dfn-share-3">shares</a> it in exchange
+<p>An <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-54">actor</a> <dfn data-lt="sell|selling|sells" id="dfn-sell" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">sells</dfn> data when it <a data-link-type="dfn|abstract-op" href="#dfn-share" class="internalDFN" id="ref-for-dfn-share-3">shares</a> it in exchange
 for consideration, monetary or otherwise.</p>
 <p>The <dfn data-plurals="purposes" id="dfn-purpose" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">purpose</dfn> of a given <a data-link-type="dfn|abstract-op" href="#dfn-process" class="internalDFN" id="ref-for-dfn-process-36">processing</a> of data is an anticipated, intended, or
 planned outcome of this <a data-link-type="dfn|abstract-op" href="#dfn-process" class="internalDFN" id="ref-for-dfn-process-37">processing</a> which is achieved or aimed for within a given
@@ -2269,30 +2257,30 @@ <h1 id="title" class="title">Privacy Principles</h1>
 level and not necessarily all the way down to implementation details. Example:
 <em>a person will have their preferences restored (purpose) by looking up their identifier
 in a preferences store (means)</em>.</p>
-<p>A <dfn id="dfn-data-controller" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">data controller</dfn> is an <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-56">actor</a> that determines the <a data-link-type="dfn|abstract-op" href="#dfn-means" class="internalDFN" id="ref-for-dfn-means-2">means</a> and <a data-link-type="dfn|abstract-op" href="#dfn-purpose" class="internalDFN" id="ref-for-dfn-purpose-11">purposes</a>
-of data processing. Any <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-57">actor</a> that is not a <a data-link-type="dfn|abstract-op" href="#dfn-data-processor" class="internalDFN" id="ref-for-dfn-data-processor-2">service provider</a> is a <a data-link-type="dfn|abstract-op" href="#dfn-data-controller" class="internalDFN" id="ref-for-dfn-data-controller-2">data controller</a>.</p>
+<p>A <dfn id="dfn-data-controller" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">data controller</dfn> is an <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-55">actor</a> that determines the <a data-link-type="dfn|abstract-op" href="#dfn-means" class="internalDFN" id="ref-for-dfn-means-2">means</a> and <a data-link-type="dfn|abstract-op" href="#dfn-purpose" class="internalDFN" id="ref-for-dfn-purpose-11">purposes</a>
+of data processing. Any <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-56">actor</a> that is not a <a data-link-type="dfn|abstract-op" href="#dfn-data-processor" class="internalDFN" id="ref-for-dfn-data-processor-2">service provider</a> is a <a data-link-type="dfn|abstract-op" href="#dfn-data-controller" class="internalDFN" id="ref-for-dfn-data-controller-2">data controller</a>.</p>
 <p>A <dfn data-lt="data processor|service provider" data-plurals="service providers" id="dfn-data-processor" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">service provider</dfn> or <a data-link-type="dfn|abstract-op" href="#dfn-data-processor" class="internalDFN" id="ref-for-dfn-data-processor-3">data processor</a> is considered to be in
-the same category of <a data-link-type="dfn|abstract-op" href="#dfn-first-party-0" class="internalDFN" id="ref-for-dfn-first-party-0-13">first party</a> or <a data-link-type="dfn|abstract-op" href="#dfn-third-parties" class="internalDFN" id="ref-for-dfn-third-parties-7">third party</a> as the <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-58">actor</a> contracting it to
+the same category of <a data-link-type="dfn|abstract-op" href="#dfn-first-party-0" class="internalDFN" id="ref-for-dfn-first-party-0-13">first party</a> or <a data-link-type="dfn|abstract-op" href="#dfn-third-parties" class="internalDFN" id="ref-for-dfn-third-parties-7">third party</a> as the <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-57">actor</a> contracting it to
 perform the relevant <a data-link-type="dfn|abstract-op" href="#dfn-process" class="internalDFN" id="ref-for-dfn-process-39">processing</a> if it:</p>
 <ul>
-<li>is processing the data on behalf of that <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-59">actor</a>;</li>
+<li>is processing the data on behalf of that <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-58">actor</a>;</li>
 <li>ensures that the data is only retained, accessed, and used as directed by that
-<a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-60">actor</a> and solely for the list of explicitly-specified <a data-link-type="dfn|abstract-op" href="#dfn-purpose" class="internalDFN" id="ref-for-dfn-purpose-12">purposes</a>
-detailed by the directing <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-61">actor</a> or <a data-link-type="dfn|abstract-op" href="#dfn-data-controller" class="internalDFN" id="ref-for-dfn-data-controller-3">data controller</a>;</li>
+<a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-59">actor</a> and solely for the list of explicitly-specified <a data-link-type="dfn|abstract-op" href="#dfn-purpose" class="internalDFN" id="ref-for-dfn-purpose-12">purposes</a>
+detailed by the directing <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-60">actor</a> or <a data-link-type="dfn|abstract-op" href="#dfn-data-controller" class="internalDFN" id="ref-for-dfn-data-controller-3">data controller</a>;</li>
 <li>may determine implementation details of the data processing in question but
 does not determine the <a data-link-type="dfn|abstract-op" href="#dfn-purpose" class="internalDFN" id="ref-for-dfn-purpose-13">purpose</a> for which the data is being <a data-link-type="dfn|abstract-op" href="#dfn-process" class="internalDFN" id="ref-for-dfn-process-40">processed</a>
 nor the overarching <a data-link-type="dfn|abstract-op" href="#dfn-means" class="internalDFN" id="ref-for-dfn-means-3">means</a> through which the <a data-link-type="dfn|abstract-op" href="#dfn-purpose" class="internalDFN" id="ref-for-dfn-purpose-14">purpose</a> is carried out;</li>
 <li>has no independent right to use the data other than in a <a data-link-type="dfn|abstract-op" href="#dfn-de-identified" class="internalDFN" id="ref-for-dfn-de-identified-5">de-identified</a> form (e.g., for
 monitoring service integrity, load balancing, capacity planning, or billing); and,</li>
-<li>has a contract in place with the <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-62">actor</a> which is consistent with the above limitations.</li>
+<li>has a contract in place with the <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-61">actor</a> which is consistent with the above limitations.</li>
 </ul>
 </section><section id="recognition-0"><div class="header-wrapper"><h3 id="recognition"><bdi class="secno">A.5 </bdi>Recognition</h3><a class="self-link" href="#recognition" aria-label="Permalink for Appendix A.5"></a></div><p><dfn data-lt="recognize|recognized|Recognition" data-plurals="recognizes" id="dfn-recognize" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">Recognition</dfn> is the act of realising that a given <a data-link-type="dfn|abstract-op" href="#dfn-identity" class="internalDFN" id="ref-for-dfn-identity-7">identity</a>
-corresponds to the same <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-131">person</a> as another <a data-link-type="dfn|abstract-op" href="#dfn-identity" class="internalDFN" id="ref-for-dfn-identity-8">identity</a> which may have been
+corresponds to the same <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-129">person</a> as another <a data-link-type="dfn|abstract-op" href="#dfn-identity" class="internalDFN" id="ref-for-dfn-identity-8">identity</a> which may have been
 observed either in another <a data-link-type="dfn|abstract-op" href="#dfn-context" class="internalDFN" id="ref-for-dfn-context-21">context</a>, or in the same <a data-link-type="dfn|abstract-op" href="#dfn-context" class="internalDFN" id="ref-for-dfn-context-22">context</a> but at a
 different time. <a data-link-type="dfn|abstract-op" href="#dfn-recognize" class="internalDFN" id="ref-for-dfn-recognize-7">Recognition</a> can be probabilistic, if someone realises there's
-a high probability that two <a data-link-type="dfn|abstract-op" href="#dfn-identity" class="internalDFN" id="ref-for-dfn-identity-9">identities</a> correspond to the same <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-132">person</a>,
+a high probability that two <a data-link-type="dfn|abstract-op" href="#dfn-identity" class="internalDFN" id="ref-for-dfn-identity-9">identities</a> correspond to the same <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-130">person</a>,
 even if they aren't certain.</p>
-<p>A <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-133">person</a> can be <a data-link-type="dfn|abstract-op" href="#dfn-recognize" class="internalDFN" id="ref-for-dfn-recognize-8">recognized</a> whether or not their legal identity or
+<p>A <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-131">person</a> can be <a data-link-type="dfn|abstract-op" href="#dfn-recognize" class="internalDFN" id="ref-for-dfn-recognize-8">recognized</a> whether or not their legal identity or
 characteristics of their legal identity are included in the recognition.</p>
 <section id="recognition-types-0"><div class="header-wrapper"><h4 id="recognition-types"><bdi class="secno">A.5.1 </bdi>Recognition Types</h4><a class="self-link" href="#recognition-types" aria-label="Permalink for Appendix A.5.1"></a></div><p>There are several types of <a data-link-type="dfn|abstract-op" href="#dfn-recognize" class="internalDFN" id="ref-for-dfn-recognize-9">recognition</a> that may take place.</p>
 <p><dfn id="dfn-cross-context-recognition" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">Cross-context recognition</dfn> is <a data-link-type="dfn|abstract-op" href="#dfn-recognize" class="internalDFN" id="ref-for-dfn-recognize-10">recognition</a> between different
@@ -2319,8 +2307,8 @@ <h1 id="title" class="title">Privacy Principles</h1>
 different <a data-link-type="dfn|abstract-op" href="#dfn-context" class="internalDFN" id="ref-for-dfn-context-28">contexts</a>,
 <a data-link-type="dfn|abstract-op" href="#dfn-cross-site-recognition" class="internalDFN" id="ref-for-dfn-cross-site-recognition-1">cross-site recognition</a> is a privacy harm in the same cases as <a data-link-type="dfn|abstract-op" href="#dfn-cross-context-recognition" class="internalDFN" id="ref-for-dfn-cross-context-recognition-2">cross-context recognition</a>.</p>
 <p><dfn id="dfn-same-site-recognition" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">Same-site recognition</dfn> is when a single <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#site">site</a> <a data-link-type="dfn|abstract-op" href="#dfn-recognize" class="internalDFN" id="ref-for-dfn-recognize-15">recognizes</a> a
-<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-134">person</a> across two or more visits.</p>
-<p>A privacy harm occurs if a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-135">person</a> reasonably expects that they'll be using
+<a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-132">person</a> across two or more visits.</p>
+<p>A privacy harm occurs if a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-133">person</a> reasonably expects that they'll be using
 a different <a data-link-type="dfn|abstract-op" href="#dfn-identity" class="internalDFN" id="ref-for-dfn-identity-10">identity</a> for different visits to a single site, but the site
 <a data-link-type="dfn|abstract-op" href="#dfn-recognize" class="internalDFN" id="ref-for-dfn-recognize-16">recognizes</a> them anyway.</p>
 <p>Note that these categories overlap: <a data-link-type="dfn|abstract-op" href="#dfn-cross-site-recognition" class="internalDFN" id="ref-for-dfn-cross-site-recognition-2">cross-site recognition</a> is usually
@@ -2450,8 +2438,8 @@ <h1 id="title" class="title">Privacy Principles</h1>
   information acceptable.</span></li><li><a class="marker self-link" href="#bp-new-apis-that-provide-access-to-undesirable-information-should-not-make-that-information-easier-to-access-unless-they-add-access-guards-that-make-the-information-acceptable"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">New APIs that provide access to undesirable information should
   not make that information easier to access, unless they add <a data-link-type="dfn|abstract-op" href="#dfn-access-guard" class="internalDFN" id="ref-for-dfn-access-guard-5">access guards</a> that make the
   information acceptable.</span></li><li><a class="marker self-link" href="#respect-data-rights"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">
-    <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-136">People</a> have certain rights over <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-50">data</a> that is about themselves, and these rights should
-    be facilitated by their <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">user agent</a> and the <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-63">actors</a> that are <a data-link-type="dfn|abstract-op" href="#dfn-process" class="internalDFN" id="ref-for-dfn-process-41">processing</a> their
+    <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-134">People</a> have certain rights over <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-50">data</a> that is about themselves, and these rights should
+    be facilitated by their <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">user agent</a> and the <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-62">actors</a> that are <a data-link-type="dfn|abstract-op" href="#dfn-process" class="internalDFN" id="ref-for-dfn-process-41">processing</a> their
     <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-51">data</a>.
   </span></li><li><a class="marker self-link" href="#de-identify-data"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">
     Whenever possible, processors should work with <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-52">data</a> that has been <a data-link-type="dfn|abstract-op" href="#dfn-de-identified" class="internalDFN" id="ref-for-dfn-de-identified-6">de-identified</a>.
@@ -2465,14 +2453,13 @@ <h1 id="title" class="title">Privacy Principles</h1>
 when that disclosure is necessary to enforce reasonable constraints on use of
 the device.
 </span></li><li><a class="marker self-link" href="#abuse-reporting"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">
-      Systems that allow for communicating on the Web must provide an effective capability to report
-      abuse.
-    </span></li><li><a class="marker self-link" href="#principle-protect-unwanted-information"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">
-    <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">User agents</a> and other <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-64">actors</a> should take
-    steps to ensure that their <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-137">user</a> is not exposed to unwanted information. Technical standards
-    must consider the delivery of unwanted information as part of their architecture and must
-    mitigate it accordingly.
-  </span></li><li><a class="marker self-link" href="#principle-vulnerability"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">
+      Systems that allow for communicating on the Web must provide an
+      effective capability to report abuse. 
+        </span></li><li><a class="marker self-link" href="#abuse-protection"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">
+      <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">User agents</a> and <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#site">sites</a> must
+      take steps to protect their users from abusive behaviour, and abuse
+      mitigation must be considered when designing web platform features.
+    </span></li><li><a class="marker self-link" href="#principle-vulnerability"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">
 <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">User agents</a> and <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#site">sites</a> should allow for gracefully degraded
 user experience where some features or functionality may not be
 available because users have chosen stronger privacy protections
@@ -2483,26 +2470,26 @@ <h1 id="title" class="title">Privacy Principles</h1>
 helping that <a data-link-type="dfn|abstract-op" href="#dfn-guardian" class="internalDFN" id="ref-for-dfn-guardian-15">guardian</a> uphold their responsibilities to their <a data-link-type="dfn|abstract-op" href="#dfn-ward" class="internalDFN" id="ref-for-dfn-ward-14">ward</a>. This system must include
 measures to help <a data-link-type="dfn|abstract-op" href="#dfn-ward" class="internalDFN" id="ref-for-dfn-ward-15">wards</a> who realize that their <a data-link-type="dfn|abstract-op" href="#dfn-guardian" class="internalDFN" id="ref-for-dfn-guardian-16">guardian</a> isn't acting in the <a data-link-type="dfn|abstract-op" href="#dfn-ward" class="internalDFN" id="ref-for-dfn-ward-16">ward</a>'s
 interest.</span></li><li><a class="marker self-link" href="#principle-consent-user-preference"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">
-    When any <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-65">actor</a> obtains <a data-link-type="dfn|abstract-op" href="#dfn-opt-in" class="internalDFN" id="ref-for-dfn-opt-in-12">consent</a> for processing from a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-138">person</a>, the
+    When any <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-63">actor</a> obtains <a data-link-type="dfn|abstract-op" href="#dfn-opt-in" class="internalDFN" id="ref-for-dfn-opt-in-12">consent</a> for processing from a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-135">person</a>, the
     actor should design the consent request so as to learn the person's true
     intent to consent or not, and not to maximize the processing consented to.
   </span></li><li><a class="marker self-link" href="#principle-minimize-consent-requests"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">
-    An <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-66">actor</a> should avoid interrupting a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-139">person</a>'s use of a site for
+    An <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-64">actor</a> should avoid interrupting a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-136">person</a>'s use of a site for
     consent requests when an alternative is available.
   </span></li><li><a class="marker self-link" href="#principle-consent-withdraw"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">
-  It should be as easy for a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-140">person</a> to check what consent they have given, to withdraw consent,
+  It should be as easy for a <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-137">person</a> to check what consent they have given, to withdraw consent,
   or to opt out or object, as to give consent.
   </span></li><li><a class="marker self-link" href="#principle-consent-otherpeople"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">
-      <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-67">Actors</a> should provide functionality to access, correct, and remove data about
-      <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-141">people</a> to those <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-142">people</a> when that data has been provided by someone else.
+      <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-65">Actors</a> should provide functionality to access, correct, and remove data about
+      <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-138">people</a> to those <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-139">people</a> when that data has been provided by someone else.
     </span></li><li><a class="marker self-link" href="#principle-notifications-control"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">A <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">user agent</a> should help
     users control notifications and other interruptive UI that can be used to manipulate behavior.</span></li><li><a class="marker self-link" href="#principle-notifications-context"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">Web <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#site">sites</a> should use notifications
     only for information that their users have specifically requested.
   </span></li><li><a class="marker self-link" href="#principle-do-not-retaliate"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">
-    <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-68">Actors</a> must not retaliate against <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-143">people</a> who protect their <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-53">data</a> against
+    <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-66">Actors</a> must not retaliate against <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-140">people</a> who protect their <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-53">data</a> against
     non-essential <a data-link-type="dfn|abstract-op" href="#dfn-process" class="internalDFN" id="ref-for-dfn-process-42">processing</a> or exercise rights over their <a data-link-type="dfn|abstract-op" href="#dfn-data" class="internalDFN" id="ref-for-dfn-data-54">data</a>.
   </span></li><li><a class="marker self-link" href="#principle-support-choosing-info"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">
-    <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">User agents</a> should support <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-144">people</a> in choosing which information they provide to <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-69">actors</a> that
+    <a data-link-type="dfn|abstract-op" data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">User agents</a> should support <a data-link-type="dfn|abstract-op" href="#dfn-individual" class="internalDFN" id="ref-for-dfn-individual-141">people</a> in choosing which information they provide to <a data-link-type="dfn|abstract-op" href="#dfn-actor" class="internalDFN" id="ref-for-dfn-actor-67">actors</a> that
     request it, up to and including allowing users to provide arbitrary information.
   </span></li><li><a class="marker self-link" href="#principle-no-facts-or-promises"><bdi lang="en">Principle</bdi></a>: <span class="practicelab">
     APIs should be designed such that data returned through an API does not assert a fact or make a
@@ -2683,8 +2670,6 @@ <h1 id="title" class="title">Privacy Principles</h1>
       <a href="#ref-for-dfn-information-1" title="§ 1. An Introduction to Privacy on the Web">§ 1. An Introduction to Privacy on the Web</a> <a href="#ref-for-dfn-information-2" title="Reference 2">(2)</a> <a href="#ref-for-dfn-information-3" title="Reference 3">(3)</a> <a href="#ref-for-dfn-information-4" title="Reference 4">(4)</a> <a href="#ref-for-dfn-information-5" title="Reference 5">(5)</a> <a href="#ref-for-dfn-information-6" title="Reference 6">(6)</a> <a href="#ref-for-dfn-information-7" title="Reference 7">(7)</a> 
     </li><li>
       <a href="#ref-for-dfn-information-8" title="§ 1.2.2 Transparency and Research">§ 1.2.2 Transparency and Research</a> 
-    </li><li>
-      <a href="#ref-for-dfn-information-9" title="§ 2.10 Unwanted Information">§ 2.10 Unwanted Information</a> 
     </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-autonomous" aria-label="Links in this document to definition: autonomy">
@@ -2706,7 +2691,7 @@ <h1 id="title" class="title">Privacy Principles</h1>
     </li><li>
       <a href="#ref-for-dfn-autonomous-11" title="§ 2.7 Collective Privacy">§ 2.7 Collective Privacy</a> <a href="#ref-for-dfn-autonomous-12" title="Reference 2">(2)</a> <a href="#ref-for-dfn-autonomous-13" title="Reference 3">(3)</a> 
     </li><li>
-      <a href="#ref-for-dfn-autonomous-14" title="§ 2.13 Notifications and Interruptions">§ 2.13 Notifications and Interruptions</a> <a href="#ref-for-dfn-autonomous-15" title="Reference 2">(2)</a> 
+      <a href="#ref-for-dfn-autonomous-14" title="§ 2.12 Notifications and Interruptions">§ 2.12 Notifications and Interruptions</a> <a href="#ref-for-dfn-autonomous-15" title="Reference 2">(2)</a> 
     </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-dark-pattern" aria-label="Links in this document to definition: deceptive patterns">
@@ -2720,9 +2705,9 @@ <h1 id="title" class="title">Privacy Principles</h1>
     <li>
       <a href="#ref-for-dfn-dark-pattern-1" title="§ 1.1 Individual Autonomy">§ 1.1 Individual Autonomy</a> 
     </li><li>
-      <a href="#ref-for-dfn-dark-pattern-2" title="§ 2.11 Vulnerability">§ 2.11 Vulnerability</a> 
+      <a href="#ref-for-dfn-dark-pattern-2" title="§ 2.10 Vulnerability">§ 2.10 Vulnerability</a> 
     </li><li>
-      <a href="#ref-for-dfn-dark-pattern-3" title="§ 2.15 Support Choosing Which Information to Present">§ 2.15 Support Choosing Which Information to Present</a> 
+      <a href="#ref-for-dfn-dark-pattern-3" title="§ 2.14 Support Choosing Which Information to Present">§ 2.14 Support Choosing Which Information to Present</a> 
     </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-opt-in" aria-label="Links in this document to definition: consent">
@@ -2742,7 +2727,7 @@ <h1 id="title" class="title">Privacy Principles</h1>
     </li><li>
       <a href="#ref-for-dfn-opt-in-9" title="§ 1.3 User Agents">§ 1.3 User Agents</a> 
     </li><li>
-      <a href="#ref-for-dfn-opt-in-10" title="§ 2.12 Consent, Withdrawal of Consent, Opt-Outs, and Objections">§ 2.12 Consent, Withdrawal of Consent, Opt-Outs, and Objections</a> 
+      <a href="#ref-for-dfn-opt-in-10" title="§ 2.11 Consent, Withdrawal of Consent, Opt-Outs, and Objections">§ 2.11 Consent, Withdrawal of Consent, Opt-Outs, and Objections</a> 
     </li><li>
       <a href="#ref-for-dfn-opt-in-11" title="§ A.1 People">§ A.1 People</a> 
     </li><li>
@@ -2774,7 +2759,7 @@ <h1 id="title" class="title">Privacy Principles</h1>
     </li><li>
       <a href="#ref-for-dfn-global-opt-out-5" title="§ 2.2.1 Ancillary uses">§ 2.2.1 Ancillary uses</a> 
     </li><li>
-      <a href="#ref-for-dfn-global-opt-out-6" title="§ 2.12 Consent, Withdrawal of Consent, Opt-Outs, and Objections">§ 2.12 Consent, Withdrawal of Consent, Opt-Outs, and Objections</a> 
+      <a href="#ref-for-dfn-global-opt-out-6" title="§ 2.11 Consent, Withdrawal of Consent, Opt-Outs, and Objections">§ 2.11 Consent, Withdrawal of Consent, Opt-Outs, and Objections</a> 
     </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-automation-asymmetry" aria-label="Links in this document to definition: automation asymmetry">
@@ -2808,7 +2793,7 @@ <h1 id="title" class="title">Privacy Principles</h1>
     </li><li>
       <a href="#ref-for-dfn-privacy-labor-6" title="§ 2.7 Collective Privacy">§ 2.7 Collective Privacy</a> 
     </li><li>
-      <a href="#ref-for-dfn-privacy-labor-7" title="§ 2.12 Consent, Withdrawal of Consent, Opt-Outs, and Objections">§ 2.12 Consent, Withdrawal of Consent, Opt-Outs, and Objections</a> 
+      <a href="#ref-for-dfn-privacy-labor-7" title="§ 2.11 Consent, Withdrawal of Consent, Opt-Outs, and Objections">§ 2.11 Consent, Withdrawal of Consent, Opt-Outs, and Objections</a> 
     </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-fips" aria-label="Links in this document to definition: Fair Information Practices">
@@ -3106,7 +3091,7 @@ <h1 id="title" class="title">Privacy Principles</h1>
       <p><b>Referenced in:</b></p>
       <ul>
     <li>
-      <a href="#ref-for-dfn-harassment-1" title="§ 2.9 Harassment">§ 2.9 Harassment</a> 
+      <a href="#ref-for-dfn-harassment-1" title="§ 2.9 Protecting web users from abusive behaviour">§ 2.9 Protecting web users from abusive behaviour</a> 
     </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-unwanted-information" aria-label="Links in this document to definition: Unwanted information">
@@ -3118,7 +3103,7 @@ <h1 id="title" class="title">Privacy Principles</h1>
       <p><b>Referenced in:</b></p>
       <ul>
     <li>
-      <a href="#ref-for-dfn-unwanted-information-1" title="§ 2.9 Harassment">§ 2.9 Harassment</a> 
+      <a href="#ref-for-dfn-unwanted-information-1" title="§ 2.9 Protecting web users from abusive behaviour">§ 2.9 Protecting web users from abusive behaviour</a> <a href="#ref-for-dfn-unwanted-information-2" title="Reference 2">(2)</a> 
     </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-guardian" aria-label="Links in this document to definition: guardian">
@@ -3132,7 +3117,7 @@ <h1 id="title" class="title">Privacy Principles</h1>
     <li>
       <a href="#ref-for-dfn-guardian-1" title="§ 2.8 Device Owners and Administrators">§ 2.8 Device Owners and Administrators</a> 
     </li><li>
-      <a href="#ref-for-dfn-guardian-2" title="§ 2.11.1 Guardians">§ 2.11.1 Guardians</a> <a href="#ref-for-dfn-guardian-3" title="Reference 2">(2)</a> <a href="#ref-for-dfn-guardian-4" title="Reference 3">(3)</a> <a href="#ref-for-dfn-guardian-5" title="Reference 4">(4)</a> <a href="#ref-for-dfn-guardian-6" title="Reference 5">(5)</a> <a href="#ref-for-dfn-guardian-7" title="Reference 6">(6)</a> <a href="#ref-for-dfn-guardian-8" title="Reference 7">(7)</a> <a href="#ref-for-dfn-guardian-9" title="Reference 8">(8)</a> <a href="#ref-for-dfn-guardian-10" title="Reference 9">(9)</a> <a href="#ref-for-dfn-guardian-11" title="Reference 10">(10)</a> <a href="#ref-for-dfn-guardian-12" title="Reference 11">(11)</a> <a href="#ref-for-dfn-guardian-13" title="Reference 12">(12)</a> 
+      <a href="#ref-for-dfn-guardian-2" title="§ 2.10.1 Guardians">§ 2.10.1 Guardians</a> <a href="#ref-for-dfn-guardian-3" title="Reference 2">(2)</a> <a href="#ref-for-dfn-guardian-4" title="Reference 3">(3)</a> <a href="#ref-for-dfn-guardian-5" title="Reference 4">(4)</a> <a href="#ref-for-dfn-guardian-6" title="Reference 5">(5)</a> <a href="#ref-for-dfn-guardian-7" title="Reference 6">(6)</a> <a href="#ref-for-dfn-guardian-8" title="Reference 7">(7)</a> <a href="#ref-for-dfn-guardian-9" title="Reference 8">(8)</a> <a href="#ref-for-dfn-guardian-10" title="Reference 9">(9)</a> <a href="#ref-for-dfn-guardian-11" title="Reference 10">(10)</a> <a href="#ref-for-dfn-guardian-12" title="Reference 11">(11)</a> <a href="#ref-for-dfn-guardian-13" title="Reference 12">(12)</a> 
     </li><li>
       <a href="#ref-for-dfn-guardian-14" title="§ C. Best Practices Summary">§ C. Best Practices Summary</a> <a href="#ref-for-dfn-guardian-15" title="Reference 2">(2)</a> <a href="#ref-for-dfn-guardian-16" title="Reference 3">(3)</a> 
     </li>
@@ -3146,7 +3131,7 @@ <h1 id="title" class="title">Privacy Principles</h1>
       <p><b>Referenced in:</b></p>
       <ul>
     <li>
-      <a href="#ref-for-dfn-ward-1" title="§ 2.11.1 Guardians">§ 2.11.1 Guardians</a> <a href="#ref-for-dfn-ward-2" title="Reference 2">(2)</a> <a href="#ref-for-dfn-ward-3" title="Reference 3">(3)</a> <a href="#ref-for-dfn-ward-4" title="Reference 4">(4)</a> <a href="#ref-for-dfn-ward-5" title="Reference 5">(5)</a> <a href="#ref-for-dfn-ward-6" title="Reference 6">(6)</a> <a href="#ref-for-dfn-ward-7" title="Reference 7">(7)</a> <a href="#ref-for-dfn-ward-8" title="Reference 8">(8)</a> <a href="#ref-for-dfn-ward-9" title="Reference 9">(9)</a> <a href="#ref-for-dfn-ward-10" title="Reference 10">(10)</a> <a href="#ref-for-dfn-ward-11" title="Reference 11">(11)</a> <a href="#ref-for-dfn-ward-12" title="Reference 12">(12)</a> 
+      <a href="#ref-for-dfn-ward-1" title="§ 2.10.1 Guardians">§ 2.10.1 Guardians</a> <a href="#ref-for-dfn-ward-2" title="Reference 2">(2)</a> <a href="#ref-for-dfn-ward-3" title="Reference 3">(3)</a> <a href="#ref-for-dfn-ward-4" title="Reference 4">(4)</a> <a href="#ref-for-dfn-ward-5" title="Reference 5">(5)</a> <a href="#ref-for-dfn-ward-6" title="Reference 6">(6)</a> <a href="#ref-for-dfn-ward-7" title="Reference 7">(7)</a> <a href="#ref-for-dfn-ward-8" title="Reference 8">(8)</a> <a href="#ref-for-dfn-ward-9" title="Reference 9">(9)</a> <a href="#ref-for-dfn-ward-10" title="Reference 10">(10)</a> <a href="#ref-for-dfn-ward-11" title="Reference 11">(11)</a> <a href="#ref-for-dfn-ward-12" title="Reference 12">(12)</a> 
     </li><li>
       <a href="#ref-for-dfn-ward-13" title="§ C. Best Practices Summary">§ C. Best Practices Summary</a> <a href="#ref-for-dfn-ward-14" title="Reference 2">(2)</a> <a href="#ref-for-dfn-ward-15" title="Reference 3">(3)</a> <a href="#ref-for-dfn-ward-16" title="Reference 4">(4)</a> 
     </li>
@@ -3188,27 +3173,27 @@ <h1 id="title" class="title">Privacy Principles</h1>
     </li><li>
       <a href="#ref-for-dfn-individual-77" title="§ 2.8 Device Owners and Administrators">§ 2.8 Device Owners and Administrators</a> <a href="#ref-for-dfn-individual-78" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-79" title="Reference 3">(3)</a> 
     </li><li>
-      <a href="#ref-for-dfn-individual-80" title="§ 2.10 Unwanted Information">§ 2.10 Unwanted Information</a> <a href="#ref-for-dfn-individual-81" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-82" title="Reference 3">(3)</a> <a href="#ref-for-dfn-individual-83" title="Reference 4">(4)</a> <a href="#ref-for-dfn-individual-84" title="Reference 5">(5)</a> 
+      <a href="#ref-for-dfn-individual-80" title="§ 2.9 Protecting web users from abusive behaviour">§ 2.9 Protecting web users from abusive behaviour</a> <a href="#ref-for-dfn-individual-81" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-82" title="Reference 3">(3)</a> 
     </li><li>
-      <a href="#ref-for-dfn-individual-85" title="§ 2.12 Consent, Withdrawal of Consent, Opt-Outs, and Objections">§ 2.12 Consent, Withdrawal of Consent, Opt-Outs, and Objections</a> <a href="#ref-for-dfn-individual-86" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-87" title="Reference 3">(3)</a> <a href="#ref-for-dfn-individual-88" title="Reference 4">(4)</a> <a href="#ref-for-dfn-individual-89" title="Reference 5">(5)</a> <a href="#ref-for-dfn-individual-90" title="Reference 6">(6)</a> <a href="#ref-for-dfn-individual-91" title="Reference 7">(7)</a> <a href="#ref-for-dfn-individual-92" title="Reference 8">(8)</a> <a href="#ref-for-dfn-individual-93" title="Reference 9">(9)</a> 
+      <a href="#ref-for-dfn-individual-83" title="§ 2.11 Consent, Withdrawal of Consent, Opt-Outs, and Objections">§ 2.11 Consent, Withdrawal of Consent, Opt-Outs, and Objections</a> <a href="#ref-for-dfn-individual-84" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-85" title="Reference 3">(3)</a> <a href="#ref-for-dfn-individual-86" title="Reference 4">(4)</a> <a href="#ref-for-dfn-individual-87" title="Reference 5">(5)</a> <a href="#ref-for-dfn-individual-88" title="Reference 6">(6)</a> <a href="#ref-for-dfn-individual-89" title="Reference 7">(7)</a> <a href="#ref-for-dfn-individual-90" title="Reference 8">(8)</a> <a href="#ref-for-dfn-individual-91" title="Reference 9">(9)</a> 
     </li><li>
-      <a href="#ref-for-dfn-individual-94" title="§ 2.14 Non-Retaliation">§ 2.14 Non-Retaliation</a> <a href="#ref-for-dfn-individual-95" title="Reference 2">(2)</a> 
+      <a href="#ref-for-dfn-individual-92" title="§ 2.13 Non-Retaliation">§ 2.13 Non-Retaliation</a> <a href="#ref-for-dfn-individual-93" title="Reference 2">(2)</a> 
     </li><li>
-      <a href="#ref-for-dfn-individual-96" title="§ 2.15 Support Choosing Which Information to Present">§ 2.15 Support Choosing Which Information to Present</a> <a href="#ref-for-dfn-individual-97" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-98" title="Reference 3">(3)</a> <a href="#ref-for-dfn-individual-99" title="Reference 4">(4)</a> <a href="#ref-for-dfn-individual-100" title="Reference 5">(5)</a> <a href="#ref-for-dfn-individual-101" title="Reference 6">(6)</a> <a href="#ref-for-dfn-individual-102" title="Reference 7">(7)</a> <a href="#ref-for-dfn-individual-103" title="Reference 8">(8)</a> <a href="#ref-for-dfn-individual-104" title="Reference 9">(9)</a> <a href="#ref-for-dfn-individual-105" title="Reference 10">(10)</a> <a href="#ref-for-dfn-individual-106" title="Reference 11">(11)</a> <a href="#ref-for-dfn-individual-107" title="Reference 12">(12)</a> <a href="#ref-for-dfn-individual-108" title="Reference 13">(13)</a> <a href="#ref-for-dfn-individual-109" title="Reference 14">(14)</a> 
+      <a href="#ref-for-dfn-individual-94" title="§ 2.14 Support Choosing Which Information to Present">§ 2.14 Support Choosing Which Information to Present</a> <a href="#ref-for-dfn-individual-95" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-96" title="Reference 3">(3)</a> <a href="#ref-for-dfn-individual-97" title="Reference 4">(4)</a> <a href="#ref-for-dfn-individual-98" title="Reference 5">(5)</a> <a href="#ref-for-dfn-individual-99" title="Reference 6">(6)</a> <a href="#ref-for-dfn-individual-100" title="Reference 7">(7)</a> <a href="#ref-for-dfn-individual-101" title="Reference 8">(8)</a> <a href="#ref-for-dfn-individual-102" title="Reference 9">(9)</a> <a href="#ref-for-dfn-individual-103" title="Reference 10">(10)</a> <a href="#ref-for-dfn-individual-104" title="Reference 11">(11)</a> <a href="#ref-for-dfn-individual-105" title="Reference 12">(12)</a> <a href="#ref-for-dfn-individual-106" title="Reference 13">(13)</a> <a href="#ref-for-dfn-individual-107" title="Reference 14">(14)</a> 
     </li><li>
-      <a href="#ref-for-dfn-individual-110" title="§ A.1 People">§ A.1 People</a> <a href="#ref-for-dfn-individual-111" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-112" title="Reference 3">(3)</a> <a href="#ref-for-dfn-individual-113" title="Reference 4">(4)</a> <a href="#ref-for-dfn-individual-114" title="Reference 5">(5)</a> <a href="#ref-for-dfn-individual-115" title="Reference 6">(6)</a> <a href="#ref-for-dfn-individual-116" title="Reference 7">(7)</a> 
+      <a href="#ref-for-dfn-individual-108" title="§ A.1 People">§ A.1 People</a> <a href="#ref-for-dfn-individual-109" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-110" title="Reference 3">(3)</a> <a href="#ref-for-dfn-individual-111" title="Reference 4">(4)</a> <a href="#ref-for-dfn-individual-112" title="Reference 5">(5)</a> <a href="#ref-for-dfn-individual-113" title="Reference 6">(6)</a> <a href="#ref-for-dfn-individual-114" title="Reference 7">(7)</a> 
     </li><li>
-      <a href="#ref-for-dfn-individual-117" title="§ A.2 Contexts">§ A.2 Contexts</a> <a href="#ref-for-dfn-individual-118" title="Reference 2">(2)</a> 
+      <a href="#ref-for-dfn-individual-115" title="§ A.2 Contexts">§ A.2 Contexts</a> <a href="#ref-for-dfn-individual-116" title="Reference 2">(2)</a> 
     </li><li>
-      <a href="#ref-for-dfn-individual-119" title="§ A.3 Server-Side Actors">§ A.3 Server-Side Actors</a> <a href="#ref-for-dfn-individual-120" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-121" title="Reference 3">(3)</a> <a href="#ref-for-dfn-individual-122" title="Reference 4">(4)</a> <a href="#ref-for-dfn-individual-123" title="Reference 5">(5)</a> <a href="#ref-for-dfn-individual-124" title="Reference 6">(6)</a> 
+      <a href="#ref-for-dfn-individual-117" title="§ A.3 Server-Side Actors">§ A.3 Server-Side Actors</a> <a href="#ref-for-dfn-individual-118" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-119" title="Reference 3">(3)</a> <a href="#ref-for-dfn-individual-120" title="Reference 4">(4)</a> <a href="#ref-for-dfn-individual-121" title="Reference 5">(5)</a> <a href="#ref-for-dfn-individual-122" title="Reference 6">(6)</a> 
     </li><li>
-      <a href="#ref-for-dfn-individual-125" title="§ A.4 Acting on Data">§ A.4 Acting on Data</a> <a href="#ref-for-dfn-individual-126" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-127" title="Reference 3">(3)</a> <a href="#ref-for-dfn-individual-128" title="Reference 4">(4)</a> <a href="#ref-for-dfn-individual-129" title="Reference 5">(5)</a> <a href="#ref-for-dfn-individual-130" title="Reference 6">(6)</a> 
+      <a href="#ref-for-dfn-individual-123" title="§ A.4 Acting on Data">§ A.4 Acting on Data</a> <a href="#ref-for-dfn-individual-124" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-125" title="Reference 3">(3)</a> <a href="#ref-for-dfn-individual-126" title="Reference 4">(4)</a> <a href="#ref-for-dfn-individual-127" title="Reference 5">(5)</a> <a href="#ref-for-dfn-individual-128" title="Reference 6">(6)</a> 
     </li><li>
-      <a href="#ref-for-dfn-individual-131" title="§ A.5 Recognition">§ A.5 Recognition</a> <a href="#ref-for-dfn-individual-132" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-133" title="Reference 3">(3)</a> 
+      <a href="#ref-for-dfn-individual-129" title="§ A.5 Recognition">§ A.5 Recognition</a> <a href="#ref-for-dfn-individual-130" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-131" title="Reference 3">(3)</a> 
     </li><li>
-      <a href="#ref-for-dfn-individual-134" title="§ A.5.1 Recognition Types">§ A.5.1 Recognition Types</a> <a href="#ref-for-dfn-individual-135" title="Reference 2">(2)</a> 
+      <a href="#ref-for-dfn-individual-132" title="§ A.5.1 Recognition Types">§ A.5.1 Recognition Types</a> <a href="#ref-for-dfn-individual-133" title="Reference 2">(2)</a> 
     </li><li>
-      <a href="#ref-for-dfn-individual-136" title="§ C. Best Practices Summary">§ C. Best Practices Summary</a> <a href="#ref-for-dfn-individual-137" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-138" title="Reference 3">(3)</a> <a href="#ref-for-dfn-individual-139" title="Reference 4">(4)</a> <a href="#ref-for-dfn-individual-140" title="Reference 5">(5)</a> <a href="#ref-for-dfn-individual-141" title="Reference 6">(6)</a> <a href="#ref-for-dfn-individual-142" title="Reference 7">(7)</a> <a href="#ref-for-dfn-individual-143" title="Reference 8">(8)</a> <a href="#ref-for-dfn-individual-144" title="Reference 9">(9)</a> 
+      <a href="#ref-for-dfn-individual-134" title="§ C. Best Practices Summary">§ C. Best Practices Summary</a> <a href="#ref-for-dfn-individual-135" title="Reference 2">(2)</a> <a href="#ref-for-dfn-individual-136" title="Reference 3">(3)</a> <a href="#ref-for-dfn-individual-137" title="Reference 4">(4)</a> <a href="#ref-for-dfn-individual-138" title="Reference 5">(5)</a> <a href="#ref-for-dfn-individual-139" title="Reference 6">(6)</a> <a href="#ref-for-dfn-individual-140" title="Reference 7">(7)</a> <a href="#ref-for-dfn-individual-141" title="Reference 8">(8)</a> 
     </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-vulnerable" aria-label="Links in this document to definition: vulnerable person">
@@ -3222,7 +3207,7 @@ <h1 id="title" class="title">Privacy Principles</h1>
     <li>
       <a href="#ref-for-dfn-vulnerable-1" title="§ 1. An Introduction to Privacy on the Web">§ 1. An Introduction to Privacy on the Web</a> 
     </li><li>
-      <a href="#ref-for-dfn-vulnerable-2" title="§ 2.9 Harassment">§ 2.9 Harassment</a> 
+      <a href="#ref-for-dfn-vulnerable-2" title="§ 2.9 Protecting web users from abusive behaviour">§ 2.9 Protecting web users from abusive behaviour</a> 
     </li><li>
       <a href="#ref-for-dfn-vulnerable-3" title="§ A.5.1 Recognition Types">§ A.5.1 Recognition Types</a> 
     </li>
@@ -3286,21 +3271,21 @@ <h1 id="title" class="title">Privacy Principles</h1>
     </li><li>
       <a href="#ref-for-dfn-actor-26" title="§ 2.6 De-identified Data">§ 2.6 De-identified Data</a> <a href="#ref-for-dfn-actor-27" title="Reference 2">(2)</a> <a href="#ref-for-dfn-actor-28" title="Reference 3">(3)</a> <a href="#ref-for-dfn-actor-29" title="Reference 4">(4)</a> 
     </li><li>
-      <a href="#ref-for-dfn-actor-30" title="§ 2.10 Unwanted Information">§ 2.10 Unwanted Information</a> <a href="#ref-for-dfn-actor-31" title="Reference 2">(2)</a> <a href="#ref-for-dfn-actor-32" title="Reference 3">(3)</a> 
+      <a href="#ref-for-dfn-actor-30" title="§ 2.9 Protecting web users from abusive behaviour">§ 2.9 Protecting web users from abusive behaviour</a> <a href="#ref-for-dfn-actor-31" title="Reference 2">(2)</a> 
     </li><li>
-      <a href="#ref-for-dfn-actor-33" title="§ 2.12 Consent, Withdrawal of Consent, Opt-Outs, and Objections">§ 2.12 Consent, Withdrawal of Consent, Opt-Outs, and Objections</a> <a href="#ref-for-dfn-actor-34" title="Reference 2">(2)</a> <a href="#ref-for-dfn-actor-35" title="Reference 3">(3)</a> <a href="#ref-for-dfn-actor-36" title="Reference 4">(4)</a> 
+      <a href="#ref-for-dfn-actor-32" title="§ 2.11 Consent, Withdrawal of Consent, Opt-Outs, and Objections">§ 2.11 Consent, Withdrawal of Consent, Opt-Outs, and Objections</a> <a href="#ref-for-dfn-actor-33" title="Reference 2">(2)</a> <a href="#ref-for-dfn-actor-34" title="Reference 3">(3)</a> <a href="#ref-for-dfn-actor-35" title="Reference 4">(4)</a> 
     </li><li>
-      <a href="#ref-for-dfn-actor-37" title="§ 2.14 Non-Retaliation">§ 2.14 Non-Retaliation</a> <a href="#ref-for-dfn-actor-38" title="Reference 2">(2)</a> <a href="#ref-for-dfn-actor-39" title="Reference 3">(3)</a> 
+      <a href="#ref-for-dfn-actor-36" title="§ 2.13 Non-Retaliation">§ 2.13 Non-Retaliation</a> <a href="#ref-for-dfn-actor-37" title="Reference 2">(2)</a> <a href="#ref-for-dfn-actor-38" title="Reference 3">(3)</a> 
     </li><li>
-      <a href="#ref-for-dfn-actor-40" title="§ 2.15 Support Choosing Which Information to Present">§ 2.15 Support Choosing Which Information to Present</a> <a href="#ref-for-dfn-actor-41" title="Reference 2">(2)</a> 
+      <a href="#ref-for-dfn-actor-39" title="§ 2.14 Support Choosing Which Information to Present">§ 2.14 Support Choosing Which Information to Present</a> <a href="#ref-for-dfn-actor-40" title="Reference 2">(2)</a> 
     </li><li>
-      <a href="#ref-for-dfn-actor-42" title="§ A.2 Contexts">§ A.2 Contexts</a> <a href="#ref-for-dfn-actor-43" title="Reference 2">(2)</a> 
+      <a href="#ref-for-dfn-actor-41" title="§ A.2 Contexts">§ A.2 Contexts</a> <a href="#ref-for-dfn-actor-42" title="Reference 2">(2)</a> 
     </li><li>
-      <a href="#ref-for-dfn-actor-44" title="§ A.3 Server-Side Actors">§ A.3 Server-Side Actors</a> <a href="#ref-for-dfn-actor-45" title="Reference 2">(2)</a> <a href="#ref-for-dfn-actor-46" title="Reference 3">(3)</a> <a href="#ref-for-dfn-actor-47" title="Reference 4">(4)</a> <a href="#ref-for-dfn-actor-48" title="Reference 5">(5)</a> <a href="#ref-for-dfn-actor-49" title="Reference 6">(6)</a> <a href="#ref-for-dfn-actor-50" title="Reference 7">(7)</a> 
+      <a href="#ref-for-dfn-actor-43" title="§ A.3 Server-Side Actors">§ A.3 Server-Side Actors</a> <a href="#ref-for-dfn-actor-44" title="Reference 2">(2)</a> <a href="#ref-for-dfn-actor-45" title="Reference 3">(3)</a> <a href="#ref-for-dfn-actor-46" title="Reference 4">(4)</a> <a href="#ref-for-dfn-actor-47" title="Reference 5">(5)</a> <a href="#ref-for-dfn-actor-48" title="Reference 6">(6)</a> <a href="#ref-for-dfn-actor-49" title="Reference 7">(7)</a> 
     </li><li>
-      <a href="#ref-for-dfn-actor-51" title="§ A.4 Acting on Data">§ A.4 Acting on Data</a> <a href="#ref-for-dfn-actor-52" title="Reference 2">(2)</a> <a href="#ref-for-dfn-actor-53" title="Reference 3">(3)</a> <a href="#ref-for-dfn-actor-54" title="Reference 4">(4)</a> <a href="#ref-for-dfn-actor-55" title="Reference 5">(5)</a> <a href="#ref-for-dfn-actor-56" title="Reference 6">(6)</a> <a href="#ref-for-dfn-actor-57" title="Reference 7">(7)</a> <a href="#ref-for-dfn-actor-58" title="Reference 8">(8)</a> <a href="#ref-for-dfn-actor-59" title="Reference 9">(9)</a> <a href="#ref-for-dfn-actor-60" title="Reference 10">(10)</a> <a href="#ref-for-dfn-actor-61" title="Reference 11">(11)</a> <a href="#ref-for-dfn-actor-62" title="Reference 12">(12)</a> 
+      <a href="#ref-for-dfn-actor-50" title="§ A.4 Acting on Data">§ A.4 Acting on Data</a> <a href="#ref-for-dfn-actor-51" title="Reference 2">(2)</a> <a href="#ref-for-dfn-actor-52" title="Reference 3">(3)</a> <a href="#ref-for-dfn-actor-53" title="Reference 4">(4)</a> <a href="#ref-for-dfn-actor-54" title="Reference 5">(5)</a> <a href="#ref-for-dfn-actor-55" title="Reference 6">(6)</a> <a href="#ref-for-dfn-actor-56" title="Reference 7">(7)</a> <a href="#ref-for-dfn-actor-57" title="Reference 8">(8)</a> <a href="#ref-for-dfn-actor-58" title="Reference 9">(9)</a> <a href="#ref-for-dfn-actor-59" title="Reference 10">(10)</a> <a href="#ref-for-dfn-actor-60" title="Reference 11">(11)</a> <a href="#ref-for-dfn-actor-61" title="Reference 12">(12)</a> 
     </li><li>
-      <a href="#ref-for-dfn-actor-63" title="§ C. Best Practices Summary">§ C. Best Practices Summary</a> <a href="#ref-for-dfn-actor-64" title="Reference 2">(2)</a> <a href="#ref-for-dfn-actor-65" title="Reference 3">(3)</a> <a href="#ref-for-dfn-actor-66" title="Reference 4">(4)</a> <a href="#ref-for-dfn-actor-67" title="Reference 5">(5)</a> <a href="#ref-for-dfn-actor-68" title="Reference 6">(6)</a> <a href="#ref-for-dfn-actor-69" title="Reference 7">(7)</a> 
+      <a href="#ref-for-dfn-actor-62" title="§ C. Best Practices Summary">§ C. Best Practices Summary</a> <a href="#ref-for-dfn-actor-63" title="Reference 2">(2)</a> <a href="#ref-for-dfn-actor-64" title="Reference 3">(3)</a> <a href="#ref-for-dfn-actor-65" title="Reference 4">(4)</a> <a href="#ref-for-dfn-actor-66" title="Reference 5">(5)</a> <a href="#ref-for-dfn-actor-67" title="Reference 6">(6)</a> 
     </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-first-party" aria-label="Links in this document to definition: first party">
@@ -3388,9 +3373,9 @@ <h1 id="title" class="title">Privacy Principles</h1>
     </li><li>
       <a href="#ref-for-dfn-data-34" title="§ 2.7 Collective Privacy">§ 2.7 Collective Privacy</a> <a href="#ref-for-dfn-data-35" title="Reference 2">(2)</a> <a href="#ref-for-dfn-data-36" title="Reference 3">(3)</a> 
     </li><li>
-      <a href="#ref-for-dfn-data-37" title="§ 2.14 Non-Retaliation">§ 2.14 Non-Retaliation</a> <a href="#ref-for-dfn-data-38" title="Reference 2">(2)</a> <a href="#ref-for-dfn-data-39" title="Reference 3">(3)</a> 
+      <a href="#ref-for-dfn-data-37" title="§ 2.13 Non-Retaliation">§ 2.13 Non-Retaliation</a> <a href="#ref-for-dfn-data-38" title="Reference 2">(2)</a> <a href="#ref-for-dfn-data-39" title="Reference 3">(3)</a> 
     </li><li>
-      <a href="#ref-for-dfn-data-40" title="§ 2.15 Support Choosing Which Information to Present">§ 2.15 Support Choosing Which Information to Present</a> 
+      <a href="#ref-for-dfn-data-40" title="§ 2.14 Support Choosing Which Information to Present">§ 2.14 Support Choosing Which Information to Present</a> 
     </li><li>
       <a href="#ref-for-dfn-data-41" title="§ A.2 Contexts">§ A.2 Contexts</a> 
     </li><li>
@@ -3526,9 +3511,9 @@ <h1 id="title" class="title">Privacy Principles</h1>
     </li><li>
       <a href="#ref-for-dfn-process-25" title="§ 2.7 Collective Privacy">§ 2.7 Collective Privacy</a> <a href="#ref-for-dfn-process-26" title="Reference 2">(2)</a> <a href="#ref-for-dfn-process-27" title="Reference 3">(3)</a> <a href="#ref-for-dfn-process-28" title="Reference 4">(4)</a> <a href="#ref-for-dfn-process-29" title="Reference 5">(5)</a> <a href="#ref-for-dfn-process-30" title="Reference 6">(6)</a> 
     </li><li>
-      <a href="#ref-for-dfn-process-31" title="§ 2.12 Consent, Withdrawal of Consent, Opt-Outs, and Objections">§ 2.12 Consent, Withdrawal of Consent, Opt-Outs, and Objections</a> 
+      <a href="#ref-for-dfn-process-31" title="§ 2.11 Consent, Withdrawal of Consent, Opt-Outs, and Objections">§ 2.11 Consent, Withdrawal of Consent, Opt-Outs, and Objections</a> 
     </li><li>
-      <a href="#ref-for-dfn-process-32" title="§ 2.14 Non-Retaliation">§ 2.14 Non-Retaliation</a> <a href="#ref-for-dfn-process-33" title="Reference 2">(2)</a> 
+      <a href="#ref-for-dfn-process-32" title="§ 2.13 Non-Retaliation">§ 2.13 Non-Retaliation</a> <a href="#ref-for-dfn-process-33" title="Reference 2">(2)</a> 
     </li><li>
       <a href="#ref-for-dfn-process-34" title="§ A.3 Server-Side Actors">§ A.3 Server-Side Actors</a> <a href="#ref-for-dfn-process-35" title="Reference 2">(2)</a> 
     </li><li>