- From: Amy Colando (LCA) <acolando@microsoft.com>
- Date: Mon, 12 Nov 2012 16:10:40 +0000
- To: Rob Sherman <robsherman@fb.com>, "Aleecia M. McDonald" <aleecia@aleecia.com>, "public-tracking@w3.org (public-tracking@w3.org) (public-tracking@w3.org)" <public-tracking@w3.org>
- Message-ID: <81152EDFE766CB4692EA39AECD2AA5B61D979D29@TK5EX14MBXC296.redmond.corp.microsoft.>
Rob in your example (authorizing app to share info), wouldn't that authorization already be covered under consent section? Agree with the rest of your points regarding figuring out how various pieces fit overall into the draft. Sent from my Windows Phone ________________________________ From: Rob Sherman Sent: 11/11/2012 7:00 PM To: Aleecia M. McDonald; public-tracking@w3.org (public-tracking@w3.org) (public-tracking@w3.org) Subject: Re: Proposals for Compliance issue clean up Aleecia, I think it is premature to finalize a definition of "declared data" before we have consensus on whether and how the concept is relevant. Particularly, I'm not aware of any existing text in the Editors' Draft that uses the term "declared data," and it seems that the question whether a particular proposed definition of that term makes sense depends a lot on how the term is going to be used. On the substance of Shane's proposal, though, I'd suggest that it be modified along the lines of my correspondence with Shane (http://lists.w3.org/Archives/Public/public-tracking/2012Oct/0310.html) to make clear that there are situations in which information is "declared data" even if it is not "directly and expressly supplied by a user to a party." As described in the thread, Shane and I agreed that this concept includes a situation in which the user authorizes sharing of information but does not "directly and expressly suppl[y]" it. (For example, we agreed that if you specifically authorize an app to publish information about actions you take within the app to your Facebook timeline (or specifically authorize Facebook to receive that information), that information would be deemed "declared data" as to Facebook even though it is not provided "directly" by the user to Facebook.) (I'm happy to work with Shane to modify his proposal to address this concern. Even with those modifications, before we finalize this definition I think it's important for us to understand how, if at all, it will fit into the draft.) Thanks. Rob Rob Sherman Facebook | Manager, Privacy and Public Policy 1155 F Street, NW Suite 475 | Washington, DC 20004 office 202.370.5147 | mobile 202.257.3901 On 11/9/12 3:04 PM, "Aleecia M. McDonald" <aleecia@aleecia.com> wrote: >Here are places we might have straight-forward decisions. If there are no >responses within a week (that is, by Friday 16 November,) we will adopt >the proposals below. > > >For issue-97 (Re-direction, shortened URLs, click analytics -- what kind >of tracking is this?) with action-196, we have text with no counter >proposal. Unless someone volunteers to take an action to write opposing >text, we will close this with the action-196 text. > PROPOSED: We adopt the text from action-196, >http://lists.w3.org/Archives/Public/public-tracking/2012Jun/0106.html > >For issue-60 (Will a recipient know if it itself is a 1st or 3rd party?) >we had a meeting of the minds >(http://lists.w3.org/Archives/Public/public-tracking/2012Apr/0129.html) >but did not close the issue. We have support for 3.5.2 Option 2, >http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance.html >#def-first-third-parties-opt-2, with one of the authors of 3.5.1 Option >1, >http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance.html >#def-first-third-parties-opt-2 accepting Option 2. There was no sustained >objection against Option 2 at that time. Let us find out if there is >remaining disagreement. > PROPOSED: We adopt 3.5.2 Option 2, >http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance.html >#def-first-third-parties-opt-2 > >For action-306, we have a proposed definition with accompanying >non-normative examples > PROPOSED: We adopt the text from action-306 to define declared data, to >be added to the definitions in the Compliance document, >http://lists.w3.org/Archives/Public/public-tracking/2012Oct/0296.html > PROPOSED: We look for volunteers to take an action to write text >explaining when and how declared data is relevant (See the note in >6.1.2.3, >http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance.html >#first-party-data) to address issue-64 > > Aleecia
Received on Monday, 12 November 2012 16:12:16 UTC