Re: Browser finger printing?

Thanks, Shane

On Jul 12, 2013, at 1:26 AM, Shane Wiley <wileys@yahoo-inc.com> wrote:

> Apologies John – trying to jump between my day-to-day work and DNT email responses.  TGIF!  J
>  
> The industry proposal does not distinguish one form of a unique identifier from another – and treats them all the same.  This provides for a more future proof standard that isn’t dependent on a specific technology.
>  
> For example, DNT does not prohibit the setting of an HTML cookie, a local store object (Flash Cookie, HTML 5 Persistent Store, etc.), a browser fingerprint, or any future technical conception that’s goal is to create a unique ID for a particular user or device.
>  
> I believe many people are supportive of this approach and I hope we can convince you to be as well.  That said, I can understand why you may be against the practice of allowing any form of unique identification outside of a user’s control -- I support you in that sentiment but would suggest DNT isn’t the correct location to address that concern. 
>  
> We have a long list of privacy issues to tackle to improve online consumer privacy so I appreciate the desire to “pile on” within DNT.  Hopefully we can stay focused and address the core purpose of DNT as a working group and faithfully demonstrate a multi-stakeholder process can work – and then immediately begin to tackle the other issues (admittedly though I hope we do get a small break after DNT before rolling our sleeves up to jump on the next priority topic).
>  
> Have a wonderful weekend,
> - Shane
>  
> From: John Simpson [mailto:john@consumerwatchdog.org] 
> Sent: Thursday, July 11, 2013 6:57 PM
> To: Shane Wiley
> Subject: Fwd: Browser finger printing?
>  
> Shane,
>  
> Appreciate all your many answers.  I wonder if you you could please address this one on specific text that prohibits "fingerprinting.".
>  
> Thanks,
> John
>  
> Begin forwarded message:
> 
> 
> Resent-From: public-tracking@w3.org
> From: John Simpson <john@consumerwatchdog.org>
> Subject: Re: Browser finger printing?
> Date: July 10, 2013 4:06:05 PM PDT
> To: Shane Wiley <wileys@yahoo-inc.com>
> Cc: Marc Groman <mgroman@networkadvertising.org>, Jack Hobaugh <jack@networkadvertising.org>, Mike Zaneis <mike@iab.net>, "public-tracking@w3.org List" <public-tracking@w3.org>
>  
> Shane,
>  
> I couldn't find the relevant email traffic.  Went back into your proposed text.  This could possibly be the relevant language I suppose:
>  
> "Outside the permitted uses or de-identification, the third party must not collect, retain, or share network interaction identifiers that identify the specific user, computer or device."
>  
> Is what you get from fingerprinting a "network interaction identifier?"
>  
> Otherwise all references to "unique identifiers" seem to have been deleted from the DAA proposed text.  I understand that it may the DAA's intent to preclude "fingerprinting" when DNT:1 is sent, but just can't find it in your text.  Could please tell what text specifically covers this?
>  
> Thanks,
> John
>  
> On Jul 10, 2013, at 3:28 PM, John Simpson <john@consumerwatchdog.org> wrote:
> 
> 
> Apologies, Shane.  I managed to miss that -- or forget it -- in all the traffic today.
> 
> On Jul 10, 2013, at 3:21 PM, Shane Wiley <wileys@yahoo-inc.com> wrote:
> 
> 
> John,
> 
> As already discussed on the email list, browser fingerprinting is another form of a unique ID so all text related to unique IDs is equally applicable to this form of identification.
> 
> - Shane
> 
> -----Original Message-----
> From: John Simpson [mailto:john@consumerwatchdog.org] 
> Sent: Wednesday, July 10, 2013 11:17 PM
> To: Shane Wiley; Marc Groman; Jack Hobaugh; Mike Zaneis
> Cc: public-tracking@w3.org List
> Subject: Browser finger printing?
> 
> Colleagues,
> 
> Does the DAA proposed text prohibit "browser fingerprinting" if DNT:1 is sent.  If so, can you please point me to the relevant portion of text?
> 
> Thank you.
> 
> John
> 
>  
> 
>  
>