W3C home > Mailing lists > Public > public-tracking-commit@w3.org > August 2012

WWW/2011/tracking-protection/drafts tracking-compliance.html,1.69,1.70

From: Nick Doty via cvs-syncmail <cvsmail@w3.org>
Date: Tue, 28 Aug 2012 21:01:10 +0000
To: public-tracking-commit@w3.org
Message-Id: <E1T6SuM-0007Oo-Dz@lionel-hutz.w3.org>
Update of /w3ccvs/WWW/2011/tracking-protection/drafts
In directory hutz:/tmp/cvs-serv28369

Modified Files:
Log Message:
re-adding justin's changes, inadvertently overwritten by heather

Index: tracking-compliance.html
RCS file: /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-compliance.html,v
retrieving revision 1.69
retrieving revision 1.70
diff -u -d -r1.69 -r1.70
--- tracking-compliance.html	28 Aug 2012 20:10:44 -0000	1.69
+++ tracking-compliance.html	28 Aug 2012 21:01:08 -0000	1.70
@@ -806,6 +806,27 @@
 <p>Outside of Security and Frequency Capping, data retained for Permitted Uses MUST NOT be used to alter a specific user's online experience based on multi-site activity.</p>
+<section id="no-persistent-identifiers">
+<h5>No Persistent Identifiers</h5>
+<p class="option">A third party may only collect, use, and retain for permitted uses
+information that a user agent necessarily shares with a web server when it communicates
+with the web server (e.g. IP address and User-Agent), and the URL of the top-level page,
+communicated via a Referer header or other means, unless the URL contains information
+that is not unlinkable (e.g. a username or user ID).</br></br>A third party may not
+collect, use, or retain information that a web server could cause to not be sent but
+still be able to communicate with the user agent (e.g. a cookie or a Request-URI
+parameter generated by the user agent), except the URL of the top-level page, or any data
+added by a network intermediary that the operator of a web server has actual knowledge of
+(e.g. a unique device identifier HTTP header).</p>
+<p class="note">The EFF/Mozilla/Stanford proposal is heavily dependent upon a requirement
+that permitted use data is not correlated to a unique cookie or other persistent
+identifier. This issue remains one of the biggest areas of dispute in the working group,
+as the industry proposal allows for the use of cookies and other unique identifiers by
+third parties despite a DNT:1 instruction.</p>
 <p class="issue" data-number="24" title="Possible permitted use for fraud detection and defense"></p>
 <p class="issue" data-number="25" title="Possible permitted use for research purposes"></p>
Received on Tuesday, 28 August 2012 21:01:11 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 19:48:55 UTC