W3C home > Mailing lists > Public > public-tracking@w3.org > November 2011

Re: Issue-17, Issue-51 First party obligations

From: David Wainberg <dwainberg@appnexus.com>
Date: Tue, 29 Nov 2011 12:48:34 -0500
Message-ID: <4ED51AF2.3030908@appnexus.com>
To: Sean Harvey <sharvey@google.com>
CC: Jeffrey Chester <jeff@democraticmedia.org>, JC Cannon <jccannon@microsoft.com>, John Simpson <john@consumerwatchdog.org>, "<public-tracking@w3.org> (public-tracking@w3.org)" <public-tracking@w3.org>
Assuming the data was collected with consent for that purpose, why not?

On 11/29/11 12:39 PM, Sean Harvey wrote:
> to my mind the first party should not be using any third party data 
> for targeting in a DNT-on context, and I thought that was stated 
> elsewhere in the email chain, though I can go back and check.
>
>
>
>
> On Tue, Nov 29, 2011 at 12:26 PM, David Wainberg 
> <dwainberg@appnexus.com <mailto:dwainberg@appnexus.com>> wrote:
>
>     This raises an interesting issue with how this is going to work.
>     If the user engaged DNT after the data was collected, we probably
>     have consensus that prior collected data should not be used.
>     However, if the user had DNT at the time the data was collected,
>     but granted an exception to DNT, the data is ok to be used. The
>     problem is, how does the 1st party know the difference? It will
>     fall on the 3rd party to honor the user's choices, and the 1st
>     party will have to trust them.
>
>
>
>     On 11/29/11 9:50 AM, Jeffrey Chester wrote:
>>     If a DNT system is to work, it must address how first party sites
>>     incorporate third party data and also use ad exchanges.  If a
>>     user has said they do not want to be tracked via a third party
>>     data service, such as eXelate, BlueKai or Experian (for example)
>>     then such user data should not be automatically imported or used
>>     by the First party site.  Sites increasingly mix in-house data
>>     with third party targeting data.  A user should have reasonable
>>     control of this process under DNT.
>>
>>
>>
>>     Jeffrey Chester
>>     Center for Digital Democracy
>>     1621 Connecticut Ave, NW, Suite 550
>>     Washington, DC 20009
>>     www.democraticmedia.org <http://www.democraticmedia.org>
>>
>>     On Nov 28, 2011, at 7:59 PM, JC Cannon wrote:
>>
>>>     John,
>>>     I believe we are already in agreement that DNT will not apply to
>>>     1^st party sites. I understand the need to clarify that 3^rd
>>>     -party sharing will be limited to certain exceptions, but I
>>>     donít want to revisit something we have already agreed on.
>>>     JC
>>>     Twitter <http://twitter.com/jccannon7>
>>>     *From:*John Simpson [mailto:john@consumerwatchdog.org]
>>>     *Sent:*Monday, November 28, 2011 4:47 PM
>>>     *To:*<public-tracking@w3.org <mailto:public-tracking@w3.org>>
>>>     (public-tracking@w3.org <mailto:public-tracking@w3.org>)
>>>     *Subject:*Issue-17, Issue-51 First party obligations
>>>     Colleagues,
>>>     I've been thinking a bit more about the idea of "1st Party"
>>>     obligations if we use the frame of a 1st Party and 3rd Party
>>>     distinction.  It seems clear to me that there is consensus that
>>>     the 1st Party must not share data (some will say there are
>>>     exceptions) with a 3rd party when DNT is enabled.
>>>     It does seem to me there are further obligations.  When I go to
>>>     a 1st party  site and interact with it, I assume it is using my
>>>     information for that transaction.  If I
>>>     have DNT enabled, I don't have ANY expectation that it will
>>>     continue to use that information beyond that transaction.  The
>>>     site should ask me if it can continue to store the information
>>>     and use it beyond that specific visit to the site.
>>>     In other words from my perspective as a user, a 1st Party site
>>>     should treat me as if I had cleared all my cookies the next time
>>>     I visit the site if I have DNT enabled.
>>>     When DNT is enabled, a 1st party should treat each session with
>>>     a user as an entirely new session unless it has been given
>>>     permission to store his information and use it again.
>>>     73s,
>>>     John
>>>     ----------
>>>     John M. Simpson
>>>     Consumer Advocate
>>>     Consumer Watchdog
>>>     1750 Ocean Park Blvd. ,Suite 200
>>>     Santa Monica, CA,90405
>>>     Tel: 310-392-7041 <tel:310-392-7041>
>>>     Cell: 310-292-1902 <tel:310-292-1902>
>>>     www.ConsumerWatchdog.org <http://www.ConsumerWatchdog.org>
>>>     john@consumerwatchdog.org <mailto:john@consumerwatchdog.org>
>>
>
>
>
> -- 
> Sean Harvey
> Business Product Manager
> Google, Inc.
> 212-381-5330
> sharvey@google.com <mailto:sharvey@google.com>
Received on Tuesday, 29 November 2011 17:49:08 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:22 UTC