- From: CVS User npdoty <cvsmail@w3.org>
- Date: Wed, 06 Mar 2013 23:31:50 +0000
- To: public-tracking-commit@w3.org
Update of /w3ccvs/WWW/2011/tracking-protection/drafts
In directory gil:/tmp/cvs-serv20607
Modified Files:
tracking-compliance.html
Log Message:
moving latest Strawman to editors' draft position; fixed commenting and other minor bugs; noted former editors
--- /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-compliance.html 2012/10/30 23:39:24 1.86
+++ /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-compliance.html 2013/03/06 23:31:50 1.87
@@ -8,19 +8,21 @@
var respecConfig = {
specStatus: "ED",
shortName: "tracking-compliance",
- previousPublishDate: "2012-05-23",
+ previousPublishDate: "2012-10-30",
previousMaturity: "ED",
- previousURI: "http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance-20120523.html",
+ previousURI: "http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance-20121030.html",
edDraftURI: "http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance.html",
editors: [
{ name: "Justin Brookman", url: "http://cdt.org/",
company: "CDT", companyURL: "http://cdt.org/" },
- { name: "Sean Harvey", url: "http://google.com/",
- company: "Google", companyURL: "http://google.com/" },
- { name: "Erica Newland", url: "http://cdt.org/",
- company: "CDT", companyURL: "http://cdt.org/" },
{ name: "Heather West", url: "http://Google.com/",
company: "Google", companyURL: "http://google.com/" },
+ { name: "Sean Harvey", url: "http://google.com/",
+ company: "Google", companyURL: "http://google.com/",
+ note: "until June 2012" },
+ { name: "Erica Newland", url: "http://cdt.org/",
+ company: "CDT", companyURL: "http://cdt.org/",
+ note: "until May 2012" },
],
wg: "Tracking Protection Working Group",
wgURI: "http://www.w3.org/2011/tracking-protection/",
@@ -43,16 +45,12 @@
<section id="sotd">
<p>
- This document is an editors' strawman reflecting a snapshot of live
- discussions within the
+ This document is a significantly streamlined version of the compliance
+ spec that was discussed at the Cambridge face-to-face meeting of the
<a href="http://www.w3.org/2011/tracking-protection/">Tracking Protection
- Working Group</a>. It does not yet capture all of our work. For
- example, we have issues that are [PENDING REVIEW] with complete text
- proposals that have not yet made it into this draft. Text in blue boxes
- presents multiple options the group is considering. Options included in
- this draft should not be read as limitations on the potential outcome,
- but rather simply as possible options that are currently under
- consideration by the working group. An
+ Working Group</a> on Feburary 11-13, 2013. This language reflects the editors
+ effort to simplify existing text and has not been formally adopted by the
+ Working Group. An
<a href="http://www.w3.org/2011/tracking-protection/track/issues/">issue
tracking system</a> is available for recording
<a href="http://www.w3.org/2011/tracking-protection/track/issues/raised">raised</a>,
@@ -68,10 +66,10 @@
<h2>Introduction</h2>
<p class="note">
- This introduction will be re-worked after details of substantive text
+ The introduction will be re-worked after details of substantive text
is closer to being finalized.
</p>
- <p>
+ <!-- <p>
The World Wide Web (WWW, or Web) consists of millions of sites
interconnected through the use of hypertext. Hypertext provides a
simple, page-oriented view of a wide variety of information that can be
@@ -88,7 +86,7 @@
interaction with the user even though the pages might be composed of
information requested from many different and possibly independent Web
sites. From the user's perspective, they are simply visiting and
- interacting with a single brand -- the first-party Web property -- and
+ interacting with a single brand — the first-party Web property — and
all of the technical details and protocol mechanisms that are used to
compose a page representing that brand are hidden behind the scenes.
</p>
@@ -144,19 +142,17 @@
or non-compliance with the user's expressed preference, and JavaScript
APIs for determining DNT status and requesting a site-specific,
user-granted exception.
- </p>
+ </p> -->
</section>
<section id="scope-and-goals">
<h2>Scope and Goals</h2>
<p class="issue" data-number="6" title="What are the underlying concerns? Why are we doing this?">
- This section consists of proposed text that is meant to address ISSUE-6
- and is in active discussion. Currently, it satisfies no one. Like the
- introduction, we will revisit and finalize once the document is more
- complete.
+ This section will be re-worked after details of substantive text
+ is closer to being finalized.
</p>
- <p>
+ <!-- <p>
While there are a variety of business models to monetize content on the
web, many rely on advertising. Advertisements can be targeted to a
particular user's interests based on information gathered about one's
@@ -227,7 +223,7 @@
technology neutral, and [something that speaks with the ability to opt
back in], but that preserves a vibrant online ecosystem,
privacy-preserving secondary data uses, and adequate security measures.
- </p>
+ </p> -->
</section>
<section id="definitions">
@@ -245,7 +241,7 @@
-->
<p>
- A user is an individual human. When user-agent software accesses
+ A <dfn>user</dfn> is an individual human. When user-agent software accesses
online resources, whether or not the user understands or has specific
knowledge of a particular request, that request is made "by" the
user.
@@ -260,7 +256,7 @@
-->
<p>
- This specification uses the term user agent to refer to any of the
+ This specification uses the term <dfn>user agent</dfn> to refer to any of the
various client programs capable of initiating HTTP requests,
including but not limited to browsers, spiders (web-based robots),
command-line tools, native applications, and mobile apps [[!HTTP11]].
@@ -282,44 +278,27 @@
<p class="note">Dsinger has asked to add something about the responsibility
following the data</p>
-->
- <!-- I have shuffled this language around for clarity and simplicity,
- but it should retain the same meaning. Previous language retained in
- comments. -->
-
- <section class="option" id="def-party-1">
- <h4>Option 1</h4>
-
- <p>
- A <dfn>party</dfn> is any commercial, nonprofit, or governmental
- organization, a subsidiary or unit of such an organization, or a
- person which acts as a functional entity. A set of functional
- entities is considered affiliated when they are related by both
- common majority ownership and common control, and affiliation is
- made easily discoverable by a user.
- </p>
- </section>
-
- <section class="option" id="def-party2">
- <h4>Option 2</h4>
+ <!-- Justin, 2.1.13: The two definitions were so close that I just decided
+ to merge them. -->
<p>
A <dfn>party</dfn> is any commercial, nonprofit, or governmental
- organization, a subsidiary or unit of such an organization, or
+ organization, a subsidiary or unit of such an organization, or
a person. For unique corporate entities to qualify as a common
- party with respect to this document, those entities MUST be
- commonly owned and commonly controlled (Affiliates) and MUST
- provide “easy discoverability” of affiliate organizations. An
- “Affiliate List” MUST be provided within one click from each
- page or the entity owner clearly identified within one click
+ party with respect to this document,those entities MUST be
+ commonly owned and commonly controlled and MUST
+ provide easy discoverability of affiliate organizations. An
+ list of affiliates MUST be provided within one click from each
+ page or the entity owner clearly identified within one click
from each page.
</p>
- <p class="example">
+ <!-- <p class="example">
A website with a clear labeled link to the Affiliate List within
the privacy policy would meet this requirement or the ownership
brand clearly labeled on the privacy policy itself and may choose
- to act as a single party.
- </p>
- </section>
+ to act as a single party. -->
+ </p></section>
+
<!--
A <dfn>functional entity</dfn> is any commercial, nonprofit, or governmental
organization, a subsidiary or unit of such an organization, or a person.
@@ -361,20 +340,32 @@
prominent and common branding by a functional entity of affiliation on its
webpages, within a privacy policy linked from its webpages, or a
machine-readable format in a well-known location.</p>
+</section>
</section>
-</section>
--->
- </section>
+
+ </section> -->
<section id="def-service-providers">
- <h4>Service Providers/Outsourcers</h4>
+ <h4>Service Providers</h4>
- <p class="note">
- We seem to have general consensus in theory but not in language for
- the definition of a service provider. However, the three options
- below different significantly in how prescriptive and demanding the
- test to qualify as a service provider should be.
+
+
+ Outsourced service providers are considered to be the same party as their
+ clients if the outsourced service providers only act as data processors on
+ behalf of that party in relation to that party, silo the data so that it
+ cannot be accessed by other parties, and have no control over the use or
+ sharing of that data except as directed by that party.
+
+ <p class="note">
+ The working group is continuing to fine tune the defintion of service
+ provider. The above language is not consensus.
</p>
+
+ <!--- Justin, 2.1.13: I could not just comment out three options, so I
+ deleted them entirely. However, we can find them in previous drafts if
+ necessary. -->
+
+ <p> </p>
<!-- <p class="note">Ensure that third party can act as a third party,
or as a first party within section</p>
<p class="note">hwest to propose an alternative definition of first
@@ -382,340 +373,31 @@
http://www.w3.org/2012/07/11-dnt-minutes.html#action01]</p>
-->
- <section class="option" id="def-service-providers-opt-1">
- <h3>Option 1: Service Provider/Outsourcer Definition</h3>
-
- <p class="note">
- This option contains both definitions and normative compliance
- requirements.
- </p>
- <p>
- This section applies to parties engaging in an outsourcing
- relationship, wherein one party "stands in the shoes" of another
- party to perform a specific task. Both parties have
- responsibilities, as detailed below.
- </p>
- <p>
- A <a>first party</a> or a <a>third party</a> MAY outsource
- functionality to another <a>party</a>, in which case the <a>third
- party</a> may act as the original <a>first party</a> or <a>third
- party</a> under this standard, with the following additional
- restrictions:
- </p>
- <ul>
- <li>Data collected by each outsourced company is separated for each
- party they collect data for by both technical means and
- organizational process, AND</li>
-
- <li>The outsourced company has no independent rights to the
- collected information, AND</li>
-
- <li>A contractual relationship exists between the outsourced and
- the party they collect data for that outlines and mandates these
- requirements.</li>
- </ul>
- <p>
- An outsourced company acting on the behalf of another party is
- subject to all of the same restrictions on that party (for First or
- Third party, as appropriate.)
- </p>
-
- <section class="informative">
- <h2>Non-Normative</h2>
-
- <p class="informative">
- Outsourced companies that act purely as vendors for their
- customers (often first parties in this context) are not the
- intended target for the Tracking Preference Expression but it is
- important there are no unintended activities that are extended to
- another party through this allowance. In all cases, its expected
- an outsourced company acting on the part of a customer follows
- all of the same restrictions placed on that customer.
- </p>
- <p>
- For the data separation requirement, outsourced companies have
- technical options to achieve appropriate separation but in each
- the critical element is that data is never reconstituted for
- users that have indicated a preference not to be tracked. One
- possible approach would be to leverage a per partner hash against
- a common cookie identifier, ensuring the resulting identifier is
- consistent for a specific customer, but is unable to be linked
- with another customer’s identifier.
- </p>
- <p>
- Contractual requirements that enforce data rights and
- responsibilities for separation are a critical element of
- establishing an outsourcer acting on another party’s behalf.
- Contracts may occur directly through parties (for example, a
- Publisher in an Ad Network) or between intermediaries (for
- example, an Ad Network acting through an Ad Exchange). In either
- case, data separation and removal of independent rights are
- necessary elements that must survive intermediary contractual
- constructs.
- </p>
- </section><!-- closes non-normative, h2 -->
-
- <section>
- <h2>Technical Precautions</h2>
-
- <p>
- Throughout all data <a>collection</a>, <a>retention</a>, and
- <a>use</a>, outsourced parties MUST use all feasible technical
- precautions to both mitigate the identifiability of and prevent
- the identification of data from different first parties.
- </p>
- <p>
- Structural separation ("siloing") of data per first party,
- including both
- </p>
- <ol>
- <li>separate data structures and</li>
- <li>avoidance of shared unique identifiers</li>
- </ol>
- <p>
- are necessary, but not necessarily sufficient, technical
- precautions.
- </p>
- </section><!-- closes technical precautions, h2 -->
-
- <section class="informative">
- <h2>Non-Normative Discussion</h2>
-
- <section>
- <h3>Siloing in the Browser</h3>
-
- <p>
- Outsourcing services should use browser access control features
- so that stored data specific to one party is never accessed or
- collected when the user visits another party.
- </p>
-
- <section>
- <h4>Same-Origin Policy</h4>
-
- <p>
- The same-origin policy silos stored data by domain name. An
- outsourcing service can use a different domain name for each
- first party.
- </p>
- <pre class="example">
- Example Analytics provides an outsourced analytics service to Example News
- and Example Sports, two unrelated websites. Example Analytics stores its
- cookies for Example News at examplenews.exampleanalytics.com, and it
- stores its cookies for Example Sports at
- examplesports.exampleanalytics.com.
-</pre>
- </section><!-- closes same origin policy, h4 -->
-
- <section>
- <h4>Cookie Path Attribute</h4>
-
- <p>
- The HTTP cookie path can be used to silo data to a first
- party.
- </p>
- <pre class="example">
- Example Analytics stores its cookies for Example News with
- "Path=/examplenews", and it stores its cookies for Example Sports with
- "Path=/examplesports".
-</pre>
- </section><!-- closes cookie path attribute, h4 -->
-
- <section>
- <h4>Storage Key</h4>
-
- <p>
- For key/value storage APIs, such as Web Storage and Indexed
- Database, an outsourcing service can use a different key or
- key prefix for each first party.
- </p>
- <pre class="example">
- Example Analytics stores data for Example News at
- window.localStorage["examplenews"] and data for Example Sports at
- window.localStorage["examplesports"].
-</pre>
- </section><!-- closes storage key, h4 -->
- </section><!-- closes siloing in the browser, h3 -->
-
- <section>
- <h3>Siloing in the Backend</h3>
-
- <section>
- <h4>Encryption Keys</h4>
-
- <p>
- An outsourcing service should encrypt each <a>first
- party</a>'s data with a different set of keys.
- </p>
- </section><!-- closes encryption keys, h4 -->
-
- <section>
- <h4>Access Controls</h4>
-
- <p>
- An outsourcing service should deploy access controls so that
[1157 lines skipped]
Received on Wednesday, 6 March 2013 23:31:52 UTC