W3C home > Mailing lists > Public > public-tracking@w3.org > June 2012

RE: Towards a Grand Compromise

From: Shane Wiley <wileys@yahoo-inc.com>
Date: Fri, 8 Jun 2012 11:02:59 -0700
To: Jeffrey Chester <jeff@democraticmedia.org>
CC: Jonathan Mayer <jmayer@stanford.edu>, "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <63294A1959410048A33AEE161379C8023D185908AD@SP2-EX07VS02.ds.corp.yahoo.com>
Jeff,

I absolutely agree that this is an on-going negotiation with compromise on both sides.  I don't believe Jonathan's "Grand" Compromise meets a final balance point with regard to the proposal myself and others presented in DC (I've tried to highlight those below).  Permitted uses will be necessary for several narrowly defined business operations for 3rd parties to remain in business and remove the vast majority of envisioned (although no documented evidence) of harm to consumers.  We'll have an updated version for Seattle.

- Shane

From: Jeffrey Chester [mailto:jeff@democraticmedia.org]
Sent: Friday, June 08, 2012 10:44 AM
To: Shane Wiley
Cc: Jonathan Mayer; public-tracking@w3.org
Subject: Re: Towards a Grand Compromise

I want to weigh in on one aspect.  Privacy and consumer advocates/NGOs working in this W3C group agreed on no default (activate DNT) as part of our hopes for a compromise that would include limits on collection/retention.  We also agreed to take First parties off the table, another major concession in my view to achieve consensus on collection.  There's a package here of give and take.  I hope we conclude these negotiations in that spirit.

Regards,

Jeff


On Jun 8, 2012, at 10:43 AM, Shane Wiley wrote:


Jonathan,

Thank you for evolving the original proposal from DC.  Since you've decided to call this the "Grand Compromise" could you please help me understand where the compromise really is?  After reviewing your key points of "compromise", I'm not really seeing any.

1.       User must expressly activate DNT:  The TPWG decided on this and captured it in draft text over 9 months ago.  No compromise here.
2.       Affiliate 1st Party Definition:  On the surface this appears to be a compromise but once we get to #3 it clearly isn't.
3.       No "Tracking Cookies":  By this I believe your text is focused on cookies with unique identifiers.  Once those unique identifiers are removed then the data becomes "unlinkable".  We've all agreed that "unlinkable" data is outside the scope of the standard and can be shared generously (although I wouldn't personally advise that).  With that in mind, the "Affiliate 1st Party Definition" is meaningless in your context.

I see no mention of Permitted Uses, which the FTC and several EU DPAs have each conceded will be necessary for businesses to remain operational.

In essence, I'm not seeing any real change since your submission in DC.  Can you please help me understand what I'm missing on the "unlinkability" outcome?  I thought this was also your position in DC and have raised that concern in the discussion of "temporary log file retention".  In my opinion, If you don't agree with the complete "unlinkability" outcome, then the "temporary log file retention" discussion isn't helpful.

Happy to learn more of your perspectives here.

Thank you,
- Shane

From: Jonathan Mayer [mailto:jmayer@stanford.edu]
Sent: Thursday, June 07, 2012 10:40 PM
To: public-tracking@w3.org<mailto:public-tracking@w3.org>
Subject: Re: Towards a Grand Compromise

We've already received an extraordinary amount of feedback from working group participants on this proposal.  Thanks!

In the interest of keeping revisions sane, I've created a repo on GitHub.  The version control is available at https://github.com/jonathanmayer/dnt-compromise/blob/gh-pages/compromise-proposal.html, and the latest version can be viewed at http://jonathanmayer.github.com/dnt-compromise/compromise-proposal.html.

Jonathan

On Wednesday, June 6, 2012 at 8:06 AM, Jonathan Mayer wrote:
This group has made tremendous progress.  As we enter our second year and look forward to our fifth meeting, we can celebrate achieving hard-won consensus on many difficult topics.

It's time to complete our task.  We have given shape to the several issues at the center of Do Not Track policy, but we have not reached agreement on how to resolve them.  Those issues are, in brief:

1) May a user agent enable Do Not Track by default?

2) May a website share its information with corporate affiliates?

3) May a third-party website continue to set tracking cookies (or use an equivalent technology for collecting a user's browsing history)?

Peter Eckersley (EFF), Tom Lowenthal (Mozilla), and I (Stanford) have iterated on a comprehensive compromise proposal that addresses these issues.  The text draws extensively on prior drafts from multiple constituencies.  It would, in short:

1) Require explicit consent for enabling Do Not Track.

2) Allow affiliate information sharing.

3) Prohibit tracking cookies.

We have received valuable feedback from a number of participant viewpoints, including browser vendors, advertising companies, analytics services, social networks, policymakers, consumer groups, and researchers.  Out of respect for the candid nature of those ongoing conversations, we leave it to stakeholders to volunteer their contributions to and views on this proposal.

As you review the draft, please recognize that it is a compromise proposal.  The document is not a retread of well-worn positions; it reflects extraordinarily painful cuts for privacy-leaning stakeholders, including complete concessions on two of the three central issues.  Some participants have already indicated that they believe the proposal goes too far and are unwilling to support it.

We would ask all stakeholders to approach the document with a collegial spirit.  I can assure you now: there will be components of the proposal that you will not like.  Some industry and advocacy participants will flatly reject it.  But when everyone in the center of the group is just a bit unhappy, I think we've found our consensus.

Sincerely,
Jonathan



Attachments:
- compromise-proposal-pde-tl-jm.html
- compromise-proposal-pde-tl-jm.pdf
Received on Friday, 8 June 2012 18:04:14 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:30 UTC