- From: David Wainberg <dwainberg@appnexus.com>
- Date: Fri, 20 Jan 2012 18:22:59 -0500
- To: Jonathan Mayer <jmayer@stanford.edu>
- CC: Kevin Smith <kevsmith@adobe.com>, David Singer <singer@apple.com>, "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
On 1/20/12 3:34 PM, Jonathan Mayer wrote: > This is the clearest articulation I've seen of what "cross-site tracking" might mean. Thanks, Kevin. > > I would offer three criticisms of the approach. > > First, it does nothing to simplify definitions: it requires defining what qualifies for a silo (= party), and it requires defining which silo is applicable in a given context (= first party vs. third party). In fact, it is trivial to recast the proposal into our current analytical approach: an exception for all data that is siloed per-first party. I disagree. I think it requires only defining "cross-site" and "cross-site tracking". Once data collected across sites is combined, it becomes "cross-site". This makes it very simple. I understand there will be some interest in guidelines around the adequate segregation of the data. > > Second, as Rigo and David note, the approach relies far too extensively on siloing. There are myriad effective ways of linking user records that do not share an identifier. (See all the research my lab and others have done on re-identification and how third parties can identify a user.) While I'm not overly comfortable with the extent to which the outsourcing exception relies on siloing, at least outsourced services have, in general, greater market incentives to 1) silo anyways, 2) not game silos, and 3) get security right. Moreover, if an outsourced service does goof on its privacy or security, it may not only lose clients, but it may also face litigation from former clients. We cannot solve this whole problem with DNT. Bad actors will do bad things, regardless of DNT. But one thing we can do with DNT is to create incentives for minimizing data collected and retained. Again, this is a reason to focus more on data than on usage. > Third, it does not go far enough in addressing consumer privacy risks. In our proposed non-normative discussion of first vs. third parties, Tom and I identified three motivations for the distinction: user awareness and control of information sharing, market incentives for privacy and security, and collection of data across unrelated websites. The "cross-site tracking" approach only somewhat mitigates the third concern and does nothing to address the first two. Can you explain this further? Why does "cross-site tracking" not solve these problems? >
Received on Friday, 20 January 2012 23:23:26 UTC