W3C home > Mailing lists > Public > public-tracking@w3.org > October 2011

Re: ISSUE-5: What is the definition of tracking?

From: Jonathan Mayer <jmayer@stanford.edu>
Date: Tue, 25 Oct 2011 23:48:25 -0700
Cc: David Wainberg <dwainberg@appnexus.com>, Sean Harvey <sharvey@google.com>, "public-tracking@w3.org Group WG" <public-tracking@w3.org>
Message-Id: <5C1481F8-0E60-4A91-90B4-BF3F8A04E279@stanford.edu>
To: Karl Dubost <karld@opera.com>

On Oct 25, 2011, at 7:04 PM, Karl Dubost wrote:

> 
> Le 25 oct. 2011 à 21:17, Jonathan Mayer a écrit :
>> Organizational boundaries are a cornerstone of many areas of regulatory law and policy.  They enable market signals, consumer choices, business pressures, and government enforcement for countless product qualities.
> 
> I do not understand what you mean here.

It was a circuitous way of saying the profoundly obvious: organizational boundaries are used a lot, and matter a lot, in regulation.

> 
>> Organizational boundaries are particularly important for online privacy: organizations have widely varying incentives surrounding user data, and user data is very easy to use and copy.  One of the most effective privacy choices available to a consumer - which turns up in countless privacy regulations in the U.S. and elsewhere - is a limit on which organizations have unfettered access to their data in the first place.
> 
> Concrete and practical example?

Here's a case I suspect we'll be talking about frequently.  Suppose I log into Example Website, and I run a query for Example Thing.  I'm comfortable with Example Website knowing I'm interested in Example Thing.  Example Website is a large, public-facing company that goes to great lengths to protect its users' data and makes enforceable commitments to not use its users' data save in a few commonly accepted ways.  While I'm on Example Website learning about Example Thing, an ad loads from Shady Advertising Network.  I've never heard of Shady Advertising Network.  They have a goofy-sounding name.  They're under scant public pressure to adequately protect my data, not use my data in ways I don't approve of, or not share my data.  And I really, really don't want others to know I'm into Example Thing.  I don't trust Shady Advertising Network, and so I'd like to impose some restrictions on the company's interaction with my data.  That's a user decision that maps to organizational boundaries.

Again, I don't think I'm saying anything particularly non-obvious or controversial.

> -- 
> Karl Dubost - http://dev.opera.com/
> Developer Relations & Tools, Opera Software
> 
Received on Wednesday, 26 October 2011 06:49:04 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:22 UTC