W3C home > Mailing lists > Public > public-tracking@w3.org > May 2012

Allowed uses of protocol data in first N weeks (ACTION-190)

From: イアンフェッティ <ifette@google.com>
Date: Wed, 2 May 2012 08:47:53 -0700
Message-ID: <CAF4kx8fAu5mcN6JCaZ9WHDQg9Kqtpnko7zMxobySVS-5g5xvBA@mail.gmail.com>
To: "public-tracking@w3.org Group WG" <public-tracking@w3.org>
On last week's call, I took an action to write a proposal for protocol data
in the first N weeks (ACTION-190 and ISSUE-142).

My proposed text would be as follows, comments welcome:

Protocol data, meaning data that is transmitted by a user agent, such as a
web browser, in the process of requesting content from a provider,
explicitly including items such as IP addresses, cookies, and request URIs,
MAY be stored for a period of 6 weeks in a form that might not otherwise
satisfy the requirements of this specification. For instance, the data may
not yet be reduced to the subset of information allowed to be retained for
permitted uses (such as fraud detection), and technical controls limiting
access to the data for permitted uses may not be in place on things like
raw logs data sitting on servers waiting for processing and aggregation
into a centralized logs storage service.

Within this six week period, a data collector MUST NOT share data with
other parties in a manner that would be prohibited outside of the six week
period. Similarly, a data collector MUST NOT use the data to build any
profile, or associate the data to any profile, of a user used for purposes
other than would be allowed outside of the the six week period. As
examples, a data collector MAY use the raw data within a six week period to
debug their system, a data collector MAY use the raw data within the six
week period to build a profile of a user fraudulently or maliciously
accessing the system for purposes such as blocking access to the system by
that user, but the data collector MUST NOT build a profile to serve
targeted advertisements based on the user's past six weeks of browsing

After the six week period has passed, only the subset of data necessary to
accomplish the permitted exceptions in this specification may be retained,
and the data must be controlled in such a way that only access to the data
for these permitted exceptions is allowed.
Received on Wednesday, 2 May 2012 15:48:27 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:38:42 UTC