RE: Proposed definitions of Share and Collect from Chris Pedigo on 2012-10-24 (public-tracking@w3.org from October 2012)

From: Chris Pedigo <CPedigo@online-publishers.org>
Date: Wed, 24 Oct 2012 17:10:22 +0000
To: "Roy T. Fielding" <fielding@gbiv.com>
CC: "Amy Colando (LCA)" <acolando@microsoft.com>, "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <CEED5B1AC4405240B53E0330753999D306AA68B1@mbx023-e1-nj-8.exch023.domain.local>

Roy, I believe it's way too broad to define "share" as simply allowing access to the data.  For example, a first party uses an ad network to deliver contextual advertising.  Under our standard, the ad network is a third party and can only collect/use data for the Permitted Uses.  But, they have technically have access to the data.

I would prefer Amy's original definition (below).

Share: A party "shares" data if it transfers or provides a copy of data that it has collected to any other party

From: Roy T. Fielding [mailto:fielding@gbiv.com]
Sent: Wednesday, October 24, 2012 12:27 PM
To: Roy T. Fielding
Cc: Amy Colando (LCA); public-tracking@w3.org
Subject: Re: Proposed definitions of Share and Collect

On Oct 24, 2012, at 9:11 AM, Roy T. Fielding wrote:
On Oct 23, 2012, at 9:09 PM, Amy Colando (LCA) wrote:

Per an action assigned to me in Amsterdam, I'm submitting a couple of proposed verb definitions for discussion by the group.  I worked on these with a small group, including David W., Rigo, Chris Pedigo and Susan Israel.  I can't say that we are in total agreement, but we wanted to share our work product to date in order to keep the process moving forward.  Looking forward to feedback.

Collect: a party "collects" data if it receives the data and stores it for more than a transient period.

Share: A party "shares" data if it transfers or provides a copy of data that it has collected to any other party

I suggest something slightly different ...

Collect: A party "collects" data if it receives the data and shares the
         data with other parties or stores the data for more than a
         transient period.

er, I'd better make that grammar less ambiguous ...

  Collect: A party "collects" data if it receives the data and then
           either shares the data with other parties or stores the
           data for more than a transient period.

Share:   A party "shares" data if it provides a copy or access to the
         data to a third party.

My rationale is that one can share without storing (already mentioned
at DC meeting) and that it isn't "sharing data" if multiple legal
entities within the first party context, including service providers
that meet the contractual obligations of confidentiality, have access
to the data.

....Roy

Received on Wednesday, 24 October 2012 17:10:51 UTC