Re: Towards a Grand Compromise from Jonathan Mayer on 2012-06-10 (public-tracking@w3.org from June 2012)

From: Jonathan Mayer <jmayer@stanford.edu>
Date: Sun, 10 Jun 2012 16:36:58 -0700
To: Shane Wiley <wileys@yahoo-inc.com>
Cc: "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <0F178C2C37C44AE28A57BE61C569206D@gmail.com>
Shane,

Several others have already explained just how much compromise is reflected in this proposal.  I would like to address three other points you made.

First, we do not have the consensus on unlinkable data that you described.  The group has not agreed that removing an ID renders data unlinkable, nor has it agreed that unlinkable data is entirely out of scope.  The minutes from the 4/10 meeting, in fact, reflect a lively debate on unlinkability.  Here's one gem:

> <WileyS> Anonymization = de-identification (at least in the privacy world these two should be equatable)
> . . .  
> <tl> WileyS: Nowai? Removing identifiers does not make records anonymous.

I believe we do have consensus in favor of some sort of unlinkable data exception.  We do not yet have agreement on a) the definition of unlinkable data and b) the limits on what can be done with unlinkable data.

Second, you argued that an unlinkable data exception makes the proposal's allowance for affiliate information sharing "meaningless."  I don't follow.  Here's a concrete example: Suppose a DNT user, Alice, visits the ABC, Disneyland, ESPN, Marvel, and Pixar websites.  Under a user expectations or branding approach to party determinations, Disney might not be able to compile analytics about what Alice does across the sites.  By moving to party affiliation, our proposal allows Disney to calculate cross-site analytics involving Alice.  That analytics data is, of course, far from unlinkable.

Third, you claimed a) "permitted uses" exceptions are "necessary for businesses to remain operational" and b) that point has been "conceded" by both the FTC and some EU DPAs.  I have heard several advertising industry representatives make the former claim, but I am unaware of any supporting evidence.  As to the latter claim, while there is certainly some lack of clarity in where certain regulators stand on "permitted uses," I do not believe any have joined in the factual assertion that they are sine qua non for online businesses.

Jonathan


On Friday, June 8, 2012 at 10:43 AM, Shane Wiley wrote:

>  
> Jonathan,
>  
>  
>   
>  
>  
> Thank you for evolving the original proposal from DC.  Since you’ve decided to call this the “Grand Compromise” could you please help me understand where the compromise really is?  After reviewing your key points of “compromise”, I’m not really seeing any.
>  
>  
>   
>  
>  
> 1.       User must expressly activate DNT:  The TPWG decided on this and captured it in draft text over 9 months ago.  No compromise here.
>  
>  
> 2.       Affiliate 1st Party Definition:  On the surface this appears to be a compromise but once we get to #3 it clearly isn’t.
>  
>  
> 3.       No “Tracking Cookies”:  By this I believe your text is focused on cookies with unique identifiers.  Once those unique identifiers are removed then the data becomes “unlinkable”.  We’ve all agreed that “unlinkable” data is outside the scope of the standard and can be shared generously (although I wouldn’t personally advise that).  With that in mind, the “Affiliate 1st Party Definition” is meaningless in your context.
>  
>  
>   
>  
>  
> I see no mention of Permitted Uses, which the FTC and several EU DPAs have each conceded will be necessary for businesses to remain operational.
>  
>  
>   
>  
>  
> In essence, I’m not seeing any real change since your submission in DC.  Can you please help me understand what I’m missing on the “unlinkability” outcome?  I thought this was also your position in DC and have raised that concern in the discussion of “temporary log file retention”.  In my opinion, If you don’t agree with the complete “unlinkability” outcome, then the “temporary log file retention” discussion isn’t helpful.
>  
>  
>   
>  
>  
> Happy to learn more of your perspectives here.
>  
>  
>   
>  
>  
> Thank you,
>  
>  
> - Shane
>  
>  
>   
>  
>  
> From: Jonathan Mayer [mailto:jmayer@stanford.edu]  
> Sent: Thursday, June 07, 2012 10:40 PM
> To: public-tracking@w3.org (mailto:public-tracking@w3.org)
> Subject: Re: Towards a Grand Compromise
>  
>  
>  
>   
>  
>  
> We've already received an extraordinary amount of feedback from working group participants on this proposal.  Thanks!
>  
>  
>  
>   
>  
>  
>  
> In the interest of keeping revisions sane, I've created a repo on GitHub.  The version control is available at https://github.com/jonathanmayer/dnt-compromise/blob/gh-pages/compromise-proposal.html, and the latest version can be viewed at http://jonathanmayer.github.com/dnt-compromise/compromise-proposal.html.
>  
>  
>  
>   
>  
>  
>  
> Jonathan
>  
>  
> On Wednesday, June 6, 2012 at 8:06 AM, Jonathan Mayer wrote:
> >  
> > This group has made tremendous progress.  As we enter our second year and look forward to our fifth meeting, we can celebrate achieving hard-won consensus on many difficult topics.  
> >  
> >  
> >  
> >   
> >  
> >  
> >  
> > It's time to complete our task.  We have given shape to the several issues at the center of Do Not Track policy, but we have not reached agreement on how to resolve them.  Those issues are, in brief:
> >  
> >  
> >  
> >   
> >  
> >  
> >  
> > 1) May a user agent enable Do Not Track by default?
> >  
> >  
> >  
> >   
> >  
> >  
> >  
> > 2) May a website share its information with corporate affiliates?
> >  
> >  
> >  
> >   
> >  
> >  
> >  
> > 3) May a third-party website continue to set tracking cookies (or use an equivalent technology for collecting a user's browsing history)?
> >  
> >  
> >  
> >   
> >  
> >  
> >  
> > Peter Eckersley (EFF), Tom Lowenthal (Mozilla), and I (Stanford) have iterated on a comprehensive compromise proposal that addresses these issues.  The text draws extensively on prior drafts from multiple constituencies.  It would, in short:
> >  
> >  
> >  
> >   
> >  
> >  
> >  
> > 1) Require explicit consent for enabling Do Not Track.
> >  
> >  
> >  
> >   
> >  
> >  
> >  
> > 2) Allow affiliate information sharing.
> >  
> >  
> >  
> >   
> >  
> >  
> >  
> > 3) Prohibit tracking cookies.
> >  
> >  
> >  
> >   
> >  
> >  
> >  
> > We have received valuable feedback from a number of participant viewpoints, including browser vendors, advertising companies, analytics services, social networks, policymakers, consumer groups, and researchers.  Out of respect for the candid nature of those ongoing conversations, we leave it to stakeholders to volunteer their contributions to and views on this proposal.
> >  
> >  
> >  
> >   
> >  
> >  
> >  
> > As you review the draft, please recognize that it is a compromise proposal.  The document is not a retread of well-worn positions; it reflects extraordinarily painful cuts for privacy-leaning stakeholders, including complete concessions on two of the three central issues.  Some participants have already indicated that they believe the proposal goes too far and are unwilling to support it.
> >  
> >  
> >  
> >   
> >  
> >  
> >  
> > We would ask all stakeholders to approach the document with a collegial spirit.  I can assure you now: there will be components of the proposal that you will not like.  Some industry and advocacy participants will flatly reject it.  But when everyone in the center of the group is just a bit unhappy, I think we've found our consensus.
> >  
> >  
> >  
> >   
> >  
> >  
> >  
> > Sincerely,
> >  
> >  
> >  
> > Jonathan
> >  
> >  
> >  
> >   
> >  
> >  
> >  
> >   
> >  
> >  
> >  
> >  
> >  
> >   
> >  
> >  
> > Attachments:
> >  
> >  
> >  
> > - compromise-proposal-pde-tl-jm.html
> >  
> >  
> >  
> >  
> > - compromise-proposal-pde-tl-jm.pdf
> >  
> >  
> >  
>  
>  
>   
>  
>  
>  
>  
>
Received on Sunday, 10 June 2012 23:37:32 UTC