RE: Big PING Ideas

Stopping 3rd party cookies, e.g. ITP, mitigates much of the privacy threats from ping attributes, and script based link click reporting like beacons, xhr etc. 

It still leaves tracking based on 1st party UIDs (via 3rd party supplied script)  but letting responsible sites specify overall duration would help, especially if supported by browser implemented defaults.

Mike



-----Original Message-----
From: Rigo Wenning <rigo@w3.org> 
Sent: 30 April 2019 09:44
To: public-privacy@w3.org
Cc: David Singer <singer@apple.com>; Nick Doty <npdoty@ischool.berkeley.edu>; Pete Snyder <psnyder@brave.com>
Subject: Re: Big PING Ideas

On Montag, 15. April 2019 23:35:46 CEST David Singer wrote:
> > I think that’s exactly the right question to be thinking about: just 
> > mitigating against the problems introduced by new features is 
> > neither as satisfying nor as productive as exploring how we can 
> > improve user privacy on the platform generally.

> Yes.  This is my plea:  Design or Re-design for privacy.  It’s not a 
> back-end check by a few PING people.

Privacywise, DNT wasn't a big deal. So far, even that was rejected by the major players as it would have some tiny impact on the ad goldrush. And now it's legal value is caught in a deadlock between the publishing industry and IT corps dominating the current state of play on the Web. 
Most of the industry players do not understand privacy - by - design at all and confuse it with fundamentalist data minimization.

Concerning privacy by design, for the moment, I see the clear opposite
happening: 
https://html.spec.whatwg.org/multipage/links.html#hyperlink-auditing

What else would you need for perfect monitoring? Why would I do complex fingerprinting if a get all I want on a silver tablet?

Note that this is NOT a W3C specification. 

 --Rigo

Received on Tuesday, 30 April 2019 16:39:47 UTC