- From: Bjoern Hoehrmann <derhoermi@gmx.net>
- Date: Fri, 04 Nov 2011 01:37:05 +0100
- To: Rigo Wenning <rigo@w3.org>
- Cc: public-tracking@w3.org
* Rigo Wenning wrote: >Add one minority opinion that says that the distinction between first and >third parties is too complex. This mixes technical and legal consideration >into an indigestible brewing. It will make implementation on the service side >too complex. It will create risk and ambiguity. > >I would rather tone down the compliance requirements for all and not >distinguish between first and third parties to avoid the difficult >distinctions. (I can generate a number of challenging distinctions on demand) > >I also believe that this will create a race into being a first party and that >every ambiguity will be used to become a first party. At the end of the day, >everybody will be a first party by contract or other virtue. My impression is that the Working Group has heard most of the important arguments on whether to, and to what extent, make a distinction between first and third parties, but the Working Group has yet to formulate the problem it actually wants to solve, so we can't evaluate arguments here with respect to whether one thing or the other brings us closer to the goal that was agreed upon. Amy Colando for instance argues that without the distinction there may be a loss of functionality for DNT users which in turn may discourage usage and deployment. But the group so far has not said that a goal is to maximize usage and deployment. The group could define that "DNT: 1" means the logic that decides which content to deliver to a user doesn't make use of information on which web sites the user has visited. That, I'd think, would be popular with most, but then the mechanism would not necessarily affect tracking. So if that was the definition, all content deliverers comply, and all users who have this preference turn DNT on, then usage and deployment would be maximized, but the group would have failed to deliver anything to meaningfully express tracking preferences. Rigo Wenning's last argument, as another example, basically formulates the goal that the mechanism must resist saboteurs. As I understand it, his argument is that if the group was to say, dnt first/third party is the same as cookie first/party, everybody would adapt their dns confi- guration to monitor people's online behavior over their objections. It seems to me that saboteur-resistance, if needed, cannot be provided by this Working Group. It doesn't really matter if they abuse the third/ first party distinction or some exemption or some other ambiguity. So I don't find that a good argument either. In effect it is saying the distinction would negatively impact "in spirit" deployment, but as be- fore, the Working Group has not decided how important deployment is. The Working Group may very well find that the goal is to support a few good actors who want to use data for some good purpose but do not want to use data from users who object to that, in which case wide deploy- ment isn't very important, but detailed technical discussion of, say, data minimization techniques would be very important. I think it would be premature to decide on this question before there is an adequate formulation of the problem the group seeks to address, one where we could argue about whether some measure or other brings us closer to that goal or not, without everyone having their own goalpost. -- Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
Received on Friday, 4 November 2011 01:04:21 UTC