Re: cross-site tracking and what it means

On 1/18/12 8:56 PM, Jonathan Mayer wrote:
>> - 3rd party as a Service Provider:  Able to ignore DNT if service is for a 1st party and 3rd party has no independent rights to use this information across sites (legal and technical protections)
> There was consensus at Santa Clara that the outsourcing exception requires both legal and technical precautions.  There was not consensus about what those precautions are against, either 1) collecting data that could be correlated across first parties, or 2) commingling data across first parties.  David's draft text proposes the former rule (which de facto encapsulates the latter rule), and I am in support.
I do not recall consensus on this. Wasn't there dissent regarding the 
feasibility of such precautions? My view is that legal requirements in 
this technical standard are not workable.
>> - 1st party in a 3rd party context (Widgets):  1st party is present on a 3rd party site and would act as a 3rd party unless the user "meaningfully interacts" with a branded component which at that point they fall under 1st party rules (need to vet the use cases here in more detail but I believe the group has made good progress here)
> I believe there is consensus on how the most common widget use cases should turn out.  There appeared to be consensus on the list and in calls to apply a user expectations test to borderline cases, but that consensus may no longer exist.
No, I don't think we had consensus that a "user expectations" test 
should be used. A user expectations standard is absolutely unworkable 
for companies trying to implement. From my conversations with others in 
industry, the one thing almost everyone says they want out of DNT is 
clarity. The ambiguity of a user expectations test would, in my view, be 
a disaster.

Received on Thursday, 19 January 2012 15:46:38 UTC