W3C home > Mailing lists > Public > public-tracking@w3.org > March 2012

Re: Third parties should not pretend to be first parties

From: Jeffrey Chester <jeff@democraticmedia.org>
Date: Wed, 29 Feb 2012 20:04:33 -0500
Cc: Tom Lowenthal <tom@mozilla.com>, "public-tracking@w3.org" <public-tracking@w3.org>
Message-id: <3102F2E1-5D0E-4388-89C3-1D200079F616@democraticmedia.org>
To: "Roy T. Fielding" <fielding@gbiv.com>
This brings in a wholesale set of outside data practices for targeting, I presume.  With DNT:1 enabled, it should limit what outside data sources can be used by first parties.  

Jeffrey Chester
Center for Digital Democracy
1621 Connecticut Ave, NW, Suite 550
Washington, DC 20009

On Feb 29, 2012, at 7:58 PM, Roy T. Fielding wrote:

> On Feb 29, 2012, at 4:10 PM, Tom Lowenthal wrote:
>> The aim is to prohibit anyone who isn't a first party from using the
>> first-party options in the URI/Tk header, which even outsourced service
>> providers shouldn't do. Perhaps we should add more detail to the
>> outsourcing exception to deal with this case?
> I've never understood why outsourced services should be considered
> a different party if they adhere to the "acting as a first-party"
> constraints.  They are, by contract and by practice and by view
> of the user, the same party -- the only reason they differ at all
> is because of the ownership/control definition in first-party.
> If we just add outsourcing (or data processor) to the first-party
> definition, we are done.
> ....Roy
Received on Thursday, 1 March 2012 01:05:18 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:41:03 UTC