RE: Browser finger printing?

Apologies John - trying to jump between my day-to-day work and DNT email responses.  TGIF!  :)

The industry proposal does not distinguish one form of a unique identifier from another - and treats them all the same.  This provides for a more future proof standard that isn't dependent on a specific technology.

For example, DNT does not prohibit the setting of an HTML cookie, a local store object (Flash Cookie, HTML 5 Persistent Store, etc.), a browser fingerprint, or any future technical conception that's goal is to create a unique ID for a particular user or device.

I believe many people are supportive of this approach and I hope we can convince you to be as well.  That said, I can understand why you may be against the practice of allowing any form of unique identification outside of a user's control -- I support you in that sentiment but would suggest DNT isn't the correct location to address that concern.

We have a long list of privacy issues to tackle to improve online consumer privacy so I appreciate the desire to "pile on" within DNT.  Hopefully we can stay focused and address the core purpose of DNT as a working group and faithfully demonstrate a multi-stakeholder process can work - and then immediately begin to tackle the other issues (admittedly though I hope we do get a small break after DNT before rolling our sleeves up to jump on the next priority topic).

Have a wonderful weekend,
- Shane

From: John Simpson [mailto:john@consumerwatchdog.org]
Sent: Thursday, July 11, 2013 6:57 PM
To: Shane Wiley
Subject: Fwd: Browser finger printing?

Shane,

Appreciate all your many answers.  I wonder if you you could please address this one on specific text that prohibits "fingerprinting.".

Thanks,
John

Begin forwarded message:


Resent-From: public-tracking@w3.org<mailto:public-tracking@w3.org>
From: John Simpson <john@consumerwatchdog.org<mailto:john@consumerwatchdog.org>>
Subject: Re: Browser finger printing?
Date: July 10, 2013 4:06:05 PM PDT
To: Shane Wiley <wileys@yahoo-inc.com<mailto:wileys@yahoo-inc.com>>
Cc: Marc Groman <mgroman@networkadvertising.org<mailto:mgroman@networkadvertising.org>>, Jack Hobaugh <jack@networkadvertising.org<mailto:jack@networkadvertising.org>>, Mike Zaneis <mike@iab.net<mailto:mike@iab.net>>, "public-tracking@w3.org<mailto:public-tracking@w3.org> List" <public-tracking@w3.org<mailto:public-tracking@w3.org>>

Shane,

I couldn't find the relevant email traffic.  Went back into your proposed text.  This could possibly be the relevant language I suppose:

"Outside the permitted uses or de-identification, the third party must not collect, retain, or share network interaction identifiers that identify the specific user, computer or device."

Is what you get from fingerprinting a "network interaction identifier?"

Otherwise all references to "unique identifiers" seem to have been deleted from the DAA proposed text.  I understand that it may the DAA's intent to preclude "fingerprinting" when DNT:1 is sent, but just can't find it in your text.  Could please tell what text specifically covers this?

Thanks,
John

On Jul 10, 2013, at 3:28 PM, John Simpson <john@consumerwatchdog.org<mailto:john@consumerwatchdog.org>> wrote:


Apologies, Shane.  I managed to miss that -- or forget it -- in all the traffic today.

On Jul 10, 2013, at 3:21 PM, Shane Wiley <wileys@yahoo-inc.com<mailto:wileys@yahoo-inc.com>> wrote:


John,

As already discussed on the email list, browser fingerprinting is another form of a unique ID so all text related to unique IDs is equally applicable to this form of identification.

- Shane

-----Original Message-----
From: John Simpson [mailto:john@consumerwatchdog.org<http://consumerwatchdog.org/>]
Sent: Wednesday, July 10, 2013 11:17 PM
To: Shane Wiley; Marc Groman; Jack Hobaugh; Mike Zaneis
Cc: public-tracking@w3.org<mailto:public-tracking@w3.org> List
Subject: Browser finger printing?

Colleagues,

Does the DAA proposed text prohibit "browser fingerprinting" if DNT:1 is sent.  If so, can you please point me to the relevant portion of text?

Thank you.

John