W3C home > Mailing lists > Public > public-tracking@w3.org > June 2013

RE: June Draft - Change Proposal to First Party Compliance

From: Chris Pedigo <CPedigo@online-publishers.org>
Date: Wed, 26 Jun 2013 14:31:18 +0000
To: John Simpson <john@consumerwatchdog.org>, Alan Chapell <achapell@chapellassociates.com>
CC: "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
Message-ID: <CEED5B1AC4405240B53E0330753999D320643F5C@mbx023-e1-nj-4.exch023.domain.local>
John and Alan, no, I am not advocating that a 1st party must only meet the 1st party requirements and nothing more.  I do think there will competition among 1st parties to be more privacy friendly - both in the collection and use of data and also in how they message that to users.

My concern is that this sentence is so obvious and thus seems to imply we mean something else.  After we have finished, I think this standard will have legs either in self-regulatory bodies or state legislatures or other fora.  And, this sentence might be interpreted down the road in different ways, potentially to create tiers of regulatory compliance or tiers of treatment by browsers.  "May" might be interpreted as a best practice, for instance.  For a technical standard, I think this sentence is out of place.

From: John Simpson [mailto:john@consumerwatchdog.org]
Sent: Wednesday, June 26, 2013 9:53 AM
To: Alan Chapell
Cc: Chris Pedigo; public-tracking@w3.org (public-tracking@w3.org)
Subject: Re: June Draft - Change Proposal to First Party Compliance


I'm confused here.  All this says, as I understand it,  is that 1st parties can choose to follow more privacy friendly practices if they choose.  Seems to me that might mean some sites would compete around privacy issues.  What's wrong with that?

Are you suggesting that all 1st parties must only meet the minimum first party requirements and nothing more?


On Jun 26, 2013, at 6:46 AM, Alan Chapell <achapell@chapellassociates.com<mailto:achapell@chapellassociates.com>> wrote:

Chris - can you help me understand what you mean by tiers of compliance for first parties?

From: Chris Pedigo <CPedigo@online-publishers.org<mailto:CPedigo@online-publishers.org>>
Date: Wednesday, June 26, 2013 9:39 AM
To: "public-tracking@w3.org<mailto:public-tracking@w3.org> (public-tracking@w3.org<mailto:public-tracking@w3.org>)" <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Subject: June Draft - Change Proposal to First Party Compliance
Resent-From: <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Resent-Date: Wed, 26 Jun 2013 13:40:27 +0000

In Section 4, I propose to strike the last sentence - "First parties MAY elect to follow third party practices."

This sentence is obvious and unnecessary.  I fear that it would be used by some to create tiers of compliance for first parties.

Chris Pedigo
VP, Government Affairs
Online Publishers Association
(202) 744-2967
Received on Wednesday, 26 June 2013 14:31:52 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:45:13 UTC