W3C home > Mailing lists > Public > public-tracking@w3.org > February 2012

Re: Deciding Exceptions (ISSUE-23, ISSUE-24, ISSUE-25, ISSUE-31, ISSUE-34, ISSUE-49)

From: Jonathan Mayer <jmayer@stanford.edu>
Date: Tue, 7 Feb 2012 20:02:57 -0800
Cc: "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
Message-Id: <47EFF355-845D-4CDB-926B-48EE8B038402@stanford.edu>
To: Roy T. Fielding <fielding@gbiv.com>
There are two ways in which a website might collect information.  Some information is "passively collected," in the sense that it's necessarily included in HTTP and other protocols.  Given that the standard will allow third parties to directly connect to DNT-enabled clients, the exception covering that information will necessarily impose retention and use limits, not collection limits.  Other information is "actively collected," in the sense that it would not be sent unless a website caused it to be sent (e.g. cookies, in some cases Request-URI).  The standard can and should require third parties to not engage in some forms of active collection.

To be sure, servers do on occasion receive connections from user agents they have no interest in communicating with, or receive non-protocol information that they did not cause to be sent.  Some time ago Justin Brookman and I kicked around the possibility of an exception addressing these issues.  I remain all for it.

As for why collection of a user's browsing history across unrelated sites is a privacy issue, it's been discussed many times in the group, and I imagine the list archives have at least a few discussions on the topic.  I fully recognize that many industry participants disagree and find that the only privacy issue is personalization use of data.

Jonathan

On Feb 7, 2012, at 6:29 PM, Roy T. Fielding wrote:

> On Feb 6, 2012, at 5:56 PM, Jonathan Mayer wrote:
> 
>> In the interest of keeping things readable, here's a consolidation of issues on the thread and my responses.
> 
> ...
> 
>> 7) Where's the privacy problem if we prevent profiling?
>> 
>> Shane:
>>> [W]hat are the counter arguments . . . for allowing the already stated exceptions?  Especially since none of these allow the profiling (tracking) of a user's activities into a profile for use to alter the user's experience.
>> 
>> Roy:
>>> I am not following the part where it is assumed server-side frequency capping cannot be done while preserving privacy. If we are assuming that the server is a good actor, then there should be ways to store the data such that it is no more of a privacy concern than using the network.
>> 
>> I believe a third party's collection of a user's browsing history across unrelated websites poses serious privacy risks to users.  From the group's conversations, it's clear that I'm far from alone in that assessment.
> 
> You defined collection as merely receiving the information.  The user is
> sending the information across the network.  Therefore, the third party
> will collect it regardless of our protocol.  Retention, however, can be
> limited in such a way that the user's browsing history cannot be discovered
> from the data retained for frequency capping.  Is that sufficient?  If not, why?
> 
> ....Roy
Received on Wednesday, 8 February 2012 04:06:30 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:24 UTC