W3C home > Mailing lists > Public > public-tracking@w3.org > March 2012

Re: Third parties should not pretend to be first parties

From: Chris Pedigo <CPedigo@online-publishers.org>
Date: Thu, 1 Mar 2012 01:13:47 +0000
To: Jeffrey Chester <jeff@democraticmedia.org>
CC: "Roy T. Fielding" <fielding@gbiv.com>, Tom Lowenthal <tom@mozilla.com>, "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <08B8B104-B083-4DFC-B163-129588FB30D2@online-publishers.org>
Haven't we already stated that third party data can't be combined with first party data when DNT is on?

Let's not unnecessarily hamstring first party activities especially when that shouldn't be the focus of a DNT standard anyway.

On Feb 29, 2012, at 8:06 PM, "Jeffrey Chester" <jeff@democraticmedia.org<mailto:jeff@democraticmedia.org>> wrote:

This brings in a wholesale set of outside data practices for targeting, I presume.  With DNT:1 enabled, it should limit what outside data sources can be used by first parties.

Jeffrey Chester
Center for Digital Democracy
1621 Connecticut Ave, NW, Suite 550
Washington, DC 20009

On Feb 29, 2012, at 7:58 PM, Roy T. Fielding wrote:

On Feb 29, 2012, at 4:10 PM, Tom Lowenthal wrote:

The aim is to prohibit anyone who isn't a first party from using the
first-party options in the URI/Tk header, which even outsourced service
providers shouldn't do. Perhaps we should add more detail to the
outsourcing exception to deal with this case?

I've never understood why outsourced services should be considered
a different party if they adhere to the "acting as a first-party"
constraints.  They are, by contract and by practice and by view
of the user, the same party -- the only reason they differ at all
is because of the ownership/control definition in first-party.
If we just add outsourcing (or data processor) to the first-party
definition, we are done.

Received on Thursday, 1 March 2012 01:14:16 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:44:46 UTC