W3C home > Mailing lists > Public > public-tracking@w3.org > June 2012

Considering browser vendor as a third party

From: TOUBIANA, VINCENT (VINCENT) <Vincent.Toubiana@alcatel-lucent.com>
Date: Thu, 7 Jun 2012 01:01:29 +0200
To: "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <4D30AC7C2C82C64580A0E798A171B4445337E2B45F@FRMRSSXCHMBSD1.dc-m.alcatel-lucent.com>
In the discussions about first and third parties I do not recall that we considered the browser vendor as a potential tracking entity. But in some cases the browser vendor -- or a service enabled by default in the browser -- could track partially the user to enforce security and/or improve a product.

For instance, starting Chrome 15 Google could collect URLs of potentially risky sites to improve the quality of Safe Browsing and other Google services (see the relevant section from the privacy policy below).
I believe that Google is not using these logs to track users but just to improve Safe Browsing. Also it seems that they delete everything but the URL after two weeks.

Yet, just reading the privacy policy one could understand that Safe Browsing logs could be used to track users.  More generally, I don't think we raised the issue of browser phoning home to send data that could be used for product improvement. In this scenario, I think the browser vendor should be treated as a third party.


Extract of Safe Browsing privacy policies (http://www.google.com/intl/en_us/privacy/browsing.html): 
"In addition, Google Chrome versions 15 and later include Safe Browsing technology that can identify potentially risky sites and executable file downloads not already known by Google. In conjunction with this technology, information regarding a potentially risky site or executable file download, including the full URL of the site or executable file download, may be sent to Google to aid in determining whether the site or download is malicious. Google does not collect any account information or other personally identifying information as part of this contact, but does receive standard log information, including an IP address and one or more cookies."
Received on Wednesday, 6 June 2012 23:02:02 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:44:50 UTC