W3C home > Mailing lists > Public > public-tracking@w3.org > November 2011

Re: Summary of First Party vs. Third Party Tests

From: David Singer <singer@apple.com>
Date: Fri, 04 Nov 2011 10:05:57 -0700
Message-id: <F670763D-16C7-4FD5-AA4A-83906E656BEF@apple.com>
To: "public-tracking@w3.org Group WG" <public-tracking@w3.org>

On Nov 3, 2011, at 15:15 , Kimon Zorbas wrote:

> 
> Fully support Amy & Shane - common sense applies and also reflects what even European regulators express on distinction between 1st & 3rd parties. Works for us too.
> 

My concern is that the common-sense definition "the first party is the site the user chose to visit and believes that they are visiting, and every other site is third party" (the user is 2nd, natch), is unfortunately not easily determined 100% of the time by either the originator ('browser') or target ('server') of an HTTP request.  And therefore by using such a definition, we'll encourage the more…adventurous…to move into that grey area.

I am toying with saying that everyone has a DNT obligation, until the user interacts.  I fear that that will result in an increase of mis-leading clickable objects (weak click-jacking).

David Singer
Multimedia and Software Standards, Apple Inc.
Received on Friday, 4 November 2011 18:09:58 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:22 UTC