W3C home > Mailing lists > Public > public-privacy@w3.org > October to December 2010

Re: do not track list?

From: Rigo Wenning <rigo@w3.org>
Date: Thu, 18 Nov 2010 12:07:08 +0100
To: Karl Dubost <karld@opera.com>
Cc: "Chappelle, Kasey, VF-Group" <Kasey.Chappelle@vodafone.com>, "Thomas Roessler" <tlr@w3.org>, public-privacy@w3.org
Message-Id: <201011181207.15482.rigo@w3.org>
Karl, 

On Wednesday 17 November 2010 15:22:02 Karl Dubost wrote:
> Usually, site owners who have a commercial interests want to know, number
>  of visits, from where, rebound ratio, frequency etc. If we are millions of
>  visitors of this Web site, and they are aggregating the raw numbers of
>  hits during the day. Our own individual data is drowned into the mass. Now
>  if you visit a Web site which has only a few visitor a day. Your own data
>  becomes a source of identification.
> 
 
Concerning the context: 
1/ You're right
2/ You're not right anymore at the very moment, an ID is or can be acquired 
with the data. Because from there on, the ID allows you to put a magnifying 
glass on this one user in the middle of the crowd whatever the context is. And 
our computers are powerful enough to keep the focus on that one individual. An 
ID can be as simple as an IPv6 address. That's why the germans clearly say 
you're identifiable as long as such an ID can be found and tied to a trail. 

One of the bigger issues is whether users trust those services doing the stuff 
that they claim to do. E.g. not tracking if the "notracking" bit is set. "We 
are aggregating" is one assertion. "We are aggregating and we throw all the 
raw logs away" is another. The counts that Lorrie Cranor found were not really 
comforting as an average of 60% of P3P policies contradicted the legal privacy 
policies (aka make IE happy cookies). 
Telling things via a tool is the same then telling things via a web page. So 
IMHO making false statements in P3P policies or web pages may both be seen as 
deception and trigger damages. But privacy enforcement is an issue around the 
global because of the grey area fields in data protection.
And here the "no tracking" does something very intelligent. It is a message 
from the user to the service. "Do not track me". And the service can honor the 
request from the user.. or not. There is no legal means to force the service 
to honor a bit sent from the user. 

And there goes your difference. From a legal point of view donottrack is even 
weaker than P3P that was already accused of not doing much (but I still 
maintain that it did matter and changed much). 

So there is a combination of how a protocol is designed and what legal 
consequences can be derived from a protocol. 

And that's why I think W3C Members may reach out to the folks and invite them 
to have real interdisciplinary discussions starting. This is at the same time 
a good test whether the http://donottrack.us/ is just a nice marketing stunt 
to impress the US regulator. 

What do you think?

Rigo


Received on Thursday, 18 November 2010 11:07:59 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 18 November 2010 11:08:00 GMT