RE: ACTION-31: Write up a proposal for a user-agent-managed site-specific exception from TOUBIANA, VINCENT (VINCENT) on 2011-12-22 (public-tracking@w3.org from December 2011)

From: TOUBIANA, VINCENT (VINCENT) <Vincent.Toubiana@alcatel-lucent.com>
Date: Thu, 22 Dec 2011 15:34:06 +0100
To: Dennis Riedel <dennis.riedel@united-internet-media.de>, "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <4D30AC7C2C82C64580A0E798A171B44448888A80C1@FRMRSSXCHMBSD1.dc-m.alcatel-lucent.c>

If the contracted third parties are covered by an exemption then Wired would not have to ask for user's consent. There seems to be an exemption for siloed third party analytics according to the drafted proposal for Issue 31 sent this morning (http://lists.w3.org/Archives/Public/public-tracking/2011Dec/0193.html).
Wired would only have to ask user consent for third parties that are not covered by exemptions.

Vincent

________________________________
De : Dennis Riedel [mailto:dennis.riedel@united-internet-media.de]
Envoyé : jeudi 22 décembre 2011 14:21
À : public-tracking@w3.org
Objet : Re: ACTION-31: Write up a proposal for a user-agent-managed site-specific exception

I have a question regarding this proposal in relation to what was said about first-party and DNT signal. As Lauren Gelman wrote recently what seems to be derived from the latest discussions:

"A DNT ON user visits Wired. Wired as a first party is the ONLY party that can collect information from the session. It can combine that information with other information it has on the user. Wired must keep info silo'd and CANNOT transfer any info it to third parties. It CAN transfer information per exceptions to outsource certain tasks that are generally accepted as necessary to manage a website (i.e. to service providers for analytics, to service providers to provide content management or user management, even to create user segments based on data collected only on their site). But the Service providers must act in the shoes of the publishers and keep info silo'd on behalf of their clients and cannot use it for any other purpose, or combine it with any data from other clients. Third parties (widgets, ad networks, lots of others yet to be invented) cannot themselves collect information about the user and thus also cannot transfer. If there is a "significant user interaction" that sufficiently triggers a change in users' expectations, they can turn into First Parties. Then they can act under the same rules as applies to Wired."

How does this description fit together with this proposal?

Would Wired have to ask the user for consent using the mechanisms described in this proposal for itself and its contracted 3rd-parties, although all data in this request is processed only for the purpose and use of Wired?

Or is this a seperate discussion for a TPL recommendation not related to the Tracking Compliance and Scope Specification and Tracking Preference Expression (DNT)

Thank you.

Received on Thursday, 22 December 2011 14:34:56 UTC