- From: Dobbs, Brooks <bdobbs@doubleclick.net>
- Date: Mon, 19 May 2003 14:25:42 -0400
- To: "'Humphrey, Jack'" <JHumphrey@coremetrics.com>, public-p3p-spec@w3.org
I think the example Jack raises is exactly what I am trying to get at. If a cookie value is set to a consumer loyalty card # for company XYZ and company XYZ has a CRM database with name, address, phone and email tied to the loyalty number, the correct disclosure (IMHO) is NOT UNI but rather PHY, UNI and ONL (so far as categories are concerned). Again if we are talking about "linked to" - isn't a loyalty card # almost by definition the linking element within a CRM? What this all boils down to is, if the data collector declares a purpose that requires identity, then they obviously HAVE the identity. If you claim that you are going to telemarket to me, you have my phone number. I think that it is now generally understood that the actual phone number won't be stored as the clear text value within the cookie but rather referenced through a UNI value of the cookie. To the data subject it doesn't matter if you reference using phone #, loyalty #, credit card # or a SSN so long as the intent or the data construct is to use the value to reference other data (though clearly for some these you may need to go past simply UNI even for the reference string itself). The purpose of the analysis is to propose possible guidelines on UAs to take some form of action on impossible or incorrect policies (likely treatment as though there were no policy). -Brooks Brooks Dobbs Director of Privacy Technology DoubleClick, Inc. office: 404.836.0525 fax: 404.836.0521 email: bdobbs@doubleclick.net -----Original Message----- From: Humphrey, Jack [mailto:JHumphrey@coremetrics.com] Sent: Monday, May 19, 2003 1:22 PM To: 'Dobbs, Brooks'; public-p3p-spec@w3.org Subject: RE: potenial requirement/guidelines on acceptable Purpose / Categ ory combinations Brooks, FWIW, I can think of counter-examples for IVA/IVD. On a retail site, you might enter a customer loyalty ID from a card given to you at a physical store, which would then be stored in or linked to a cookie. I don't think that ID belongs to any of the categories you listed, but it could be used on the back-end for IVA/IVD purposes. I wasn't on the UA call, so I'm curious -- what's the purpose of this analysis? Jack Humphrey Development Manager, Coremetrics -----Original Message----- From: Dobbs, Brooks [mailto:bdobbs@doubleclick.net] Sent: Friday, May 16, 2003 12:52 PM To: public-p3p-spec@w3.org Subject: UA: potenial requirement/guidelines on acceptable Purpose / Categ ory combinations For once I am actually did something sooner rather than later. I am attaching a useful quote from the spec and then some thoughts on categories that should IMHO be required given certain declared purposes. The thought being, to achieve X purpose, at least Y data is required. P3P Spec 1.0 2.3.2.7 The COOKIE-INCLUDE and COOKIE-EXCLUDE elements A cookie policy MUST cover any data (within the scope of P3P) that is stored in that cookie or linked via that cookie. It MUST also reference all purposes associated with data stored in that cookie or enabled by that cookie. In addition, any data/purpose stored or linked via a cookie MUST also be put in the cookie policy. It therefore follows that if you declare any of the following purposes that deal in identified individuals you would need to have (either directly or linked via that cookie) one of the listed categories: Individual-Analysis, IVA: Information may be used to determine the habits, interests, or other characteristics of individuals and combine it with identified data for the purpose of research, analysis and reporting. For example, an online Web site for a physical store may wish to analyze how online shoppers make offline purchases. * Physical * Online * Financial * Purchase * Government RATIONAL: This purpose requires "identified data". While it is possible to have other categories associated with an identified subject, the actual identification is impossible without a data element associated with one or more of the above categories. Individual-Decision, IVD: Information may be used to determine the habits, interests, or other characteristics of individuals and combine it with identified data to make a decision that directly affects that individual. For example, an online store suggests items a visitor may wish to purchase based on items he has purchased during previous visits to the Web site. * Physical * Online * Financial * Purchase * Government RATIONAL: This purpose requires "identified data". While it is possible to have other categories associated with an identified subject, the actual identification is impossible without a data element associated with one or more of the above categories. Contact, CON: Contacting Visitors for Marketing of Services or Products: Information may be used to contact the individual, through a communications channel other than voice telephone, for the promotion of a product or service. This includes notifying visitors about updates to the Web site. This does not include a direct reply to a question or comment or customer service for a single transaction -- in those cases, would be used. In addition, this does not include marketing via customized Web content or banner advertisements embedded in sites the user is visiting -- these cases would be covered by the , and , or and purposes. * Physical * Online RATIONAL: Logic dictates that to contact an individual the initiator of the contact would possess a data element identifying the individual in a place where he or she would be contacted - either the online or offline worlds. This would presuppose elements contained by one of the above categories. Telemarketing, TEL: Contacting Visitors for Marketing of Services or Products Via Telephone: Information may be used to contact the individual via a voice telephone call for promotion of a product or service. This does not include a direct reply to a question or comment or customer service for a single transaction -- in those cases, would be used. * Physical RATIONAL: Again logic dictates that if you are going to contact someone via telephone, you at least have a data element that contains phone numbers. These data elements should all be within the Physical category Thoughts? Brooks Dobbs Director of Privacy Technology DoubleClick, Inc. office: 404.836.0525 fax: 404.836.0521 email: bdobbs@doubleclick.net
Received on Monday, 19 May 2003 14:25:50 UTC