| ID | State | Title | Action | Notes |
|---|---|---|---|---|
| RAISED | ||||
| ISSUE-5 | RAISED | What is the definition of tracking? | Open | Editors and others have made proposals. |
| ISSUE-25 | RAISED | Audience Measurement | Open | Proposals have been made that are under discussion. |
| ISSUE-131 | RAISED | What should implementations look like to satisfy our exit criteria for CR? | Postpone After Last Call | |
| ISSUE-133 | RAISED | What effect does legal liability or consistent data practices between affiliates have on the definition of breadth of a party? | Pending Review Stable | No related actions |
| ISSUE-142 | RAISED | How should protocol data be allowed to be used in the first N weeks? | Merge | Into issue-134: Would we additionally permit logs that are retained for a short enough period? |
| ISSUE-149 | RAISED | Compliance section for user agents | Merge | Into Issue-172: user-education and Issue-194: user-consent. |
| ISSUE-150 | RAISED | DNT conflicts from multiple user agents | Merge | Issue-194: user-consent |
| ISSUE-154 | RAISED | Are First parties allowed to use data (either offline or online) from third parties | Merge | Issue-170: Data append. |
| ISSUE-157 | RAISED | Charter is running out and we need to agree on whether to extend or recharter and what a revised charter would look like | Close | No longer relevant. |
| ISSUE-163 | RAISED | How in the spec should we ensure user agents don't twist a user preference one way or another? | Merge | Into Issue-194 user-consent |
| ISSUE-170 | RAISED | Definition of and what/whether limitations around data append | Open | Discussion of data append and potential first party compliance restrictions tracked here. |
| ISSUE-172 | RAISED | How should user agents be required to provide information about DNT? | Open | Shortname: (user-education) Had some previous actions on this, plus ongoing conversation out of f2f. |
| ISSUE-177 | RAISED | Should we specify compliance requirements for software and hardware other than user agents? For example, is a web server package compliant if it tweaks DNT headers? | Merge | Issue 194: user-consent |
| ISSUE-179 | RAISED | Make sure in the spec that we clarify information provided explicitly by a user (e.g. data typed into a form on a site with a clear privacy policy) is not subject to DNT. | Merge | Issue-54: declared data |
| ISSUE-184 | RAISED | 3rd party dependencies in 1st party content | Pending Review Stable | No related actions |
| ISSUE-191 | RAISED | Non-normative Discussion of De-Identification | Merge | Into Issue-188 Definition of unlinkable data (de-identified data) |
| ISSUE-196 | RAISED | What compliance requirements apply when a signal has been disregarded? | Pending Review Stable | Compliance options on disregarding signals are present in the Editors' Draft. |
| OPEN | ||||
| ISSUE-10 | OPEN | What is a first party? | Pending Review Stable | A single option is present in the Editors' Draft. |
| ISSUE-16 | OPEN | What does it mean to collect data? (caching, logging, storage, retention, accumulation, profile etc.) | Pending Review Stable | A single option is present in the Editors' Draft (with an alternative on "collect" but not sure how essential that is) |
| ISSUE-24 | OPEN | Possible exemption for fraud detection and defense | Pending Review Stable | No recent discussions in the working group, one text in Editors' Draft |
| ISSUE-31 | OPEN | Minimization -- to what extent will minimization be required for use of a particular exemption? (conditional exemptions) | Clarify | Rename to narrow issue: whether to have firm retention limits that can only be exceeded with public disclosure of need? |
| ISSUE-32 | OPEN | Sharing of data between entities via cookie syncing / identity brokering | Pending Review Stable | Text proposal around this corner case, but not sure it's needed |
| ISSUE-49 | OPEN | Third party as first party - is a third party that collects data on behalf of the first party treated the same way as the first party? | Pending Review Stable | Service provider options text are in Editors' Draft |
| ISSUE-54 | OPEN | can first parties use declared data while in a 3rd party context? | Merge | Issue-170 (data append and first party restrictions) |
| ISSUE-60 | OPEN | Will a recipient know if it itself is a 1st or 3rd party? | Close | No longer relevant, answers are present in the spec |
| ISSUE-64 | OPEN | How do we describe non-identifiable data | Merge | into Issue-188 Definition of unlinkable data (de-identified data) |
| ISSUE-73 | OPEN | In order for analytics or other contracting to count as first-party: by contract, by technical silo, both silo and contract | Pending Review Stable | Part Issue-49: service provider |
| ISSUE-97 | OPEN | Re-direction, shortened URLs, click analytics -- what kind of tracking is this? | Pending Review Stable | Part of Issue-10 First Party |
| ISSUE-99 | OPEN | How does DNT work with identity providers? | Pending Review Stable | Part of Issue-10: First Party |
| ISSUE-119 | OPEN | Specify "absolutely not tracking" | Pending Review Stable | Text from Npdoty and others doesn't require a new definition in compliance spec. |
| ISSUE-132 | OPEN | Should the spec speak to intermediaries or hosting providers to modify any responses/statements about DNT compliance? | Merge | Into Issue 194: user-consent |
| ISSUE-134 | OPEN | Would we additionally permit logs that are retained for a short enough period? | ||
| ISSUE-151 | OPEN | User Agent Requirement: Be able to handle an exception request | Merge | Into Issue 194: user-consent |
| ISSUE-174 | OPEN | How do we create straightforward compliance for implementers retaining data for N weeks or less? | Merge | Into issue-134 |
| ISSUE-175 | OPEN | Have an appendix of best practices? | Pending Review Stable | There is a proposal, but not an active discussion |
| ISSUE-178 | OPEN | Add "Marketing" to list of permitted uses in Compliance document | Pending Review Stable | Apparent indication that these might not be relevant any more. |
| ISSUE-180 | OPEN | Add "advertising" as a Permitted Use in the Compliance Document | Pending Review Stable | Apparent indication that these might not be relevant any more. |
| ISSUE-181 | OPEN | Finalize language regarding multiple first parties | Pending Review Stable | Stable text in Editor's Draft |
| ISSUE-188 | OPEN | Definition of unlinkable data | Rename: Group is tending towards "de-identified" as the relevant term. | |
| ISSUE-194 | OPEN | How should we ensure consent of users for DNT inputs? | Change shortname: user-consent, include in Tracking Definitions and Compliance Specification | |
| New ISSUE | OPEN | Limitations on the use of unique identifiers | Open | |
| PENDING REVIEW | ||||
| ISSUE-22 | PENDING REVIEW | Still have "operational use" of data (auditing of where ads are shown, impression tracking, etc.) | Pending Review Stable | Covered by current permitted uses |
| ISSUE-45 | PENDING REVIEW | Companies making public commitments with a "regulatory hook" for US legal purposes | Pending Review Stable | No recent discussions |
| ISSUE-148 | PENDING REVIEW | What does DNT:0 mean? | Pending Review Stable | No recent discussions |
| POSTPONED | ||||
| ISSUE-89 | POSTPONED | Does DNT mean at a high level: (a) no customization, users are seen for the first time, every time. (b) DNT is about data moving between sites. | Merge | Into issue-5: definition of tracking |
| ISSUE-94 | POSTPONED | Is "Do Not Track" the right name to use? | Merge | Into issue-5: definition of tracking |
| ISSUE-102 | POSTPONED | Short names & titles of specifications | Close | No longer relevant |
| ID | Title | Person | Due Date | Proposed resolution | Notes |
|---|---|---|---|---|---|
| ACTION-312 | Merge financial logging language | Justin Brookman | Apr 1, 2013 | ? | |
| ACTION-356 | Review which requirements in the spec would be problematic for an intermediary | Matthias Schunter | Jan 30, 2013 | ? | Might be pre-empted by the “general browseable Web” tentative agreement. |
| ACTION-365 | Clarify behavior of the exception confirmation api | Adrian Bateman | Feb 22, 2013 | ? | |
| ACTION-368 | Work on updated "service provider"/"processor" definition (with vinay) | Chris Pedigo | Feb 27, 2013 | ? | Is there a new version of this? If not, can we add it to the Spec and mark the ISSUE pending review? |
| ACTION-377 | (with rigo, peterswire) to follow up on service provider and independent rights clarification | Chris Pedigo | Mar 18, 2013 | ? | |
| ACTION-382 | Take Canadian references to OBA "Guidelines on Online Behavioral Advertisement" report and link it from the Global consideration page | Rigo Wenning | Mar 19, 2013 | Keep open | |
| ACTION-383 | Ask Malcom Crompton about the Australian OBA guidelines | Rigo Wenning | Mar 19, 2013 | Keep open | |
| ACTION-384 | Make a doodle for weekly calls and open an issue for gap analysis | Rigo Wenning | Mar 19, 2013 | Close (out of date) | |
| ACTION-388 | Draft non-normative text for why it's useful for a server to provide same-party members | Rigo Wenning | Mar 27, 2013 | Close (pre-empted) | |
| ACTION-389 | Organize german industry participation in the work of the delta between regulation and DNT | Thomas Schauf | Mar 28, 2013 | Keep open | |
| ACTION-371 | Propose text on de-identification (with Ed) | Dan Auerbach | Feb 27, 2013 | Close (done) | |
| ACTION-372 | Propose language on service providers sharing/combining data for debugging | David Wainberg | Mar 13, 2013 | Close (done) | Not much agreement on whether this combining of silo’d data should be allowed, but the text is present. Recommend add to the draft as an option. |
| ACTION-385 | Propose specific text on cookie-like exceptions | Adrian Bateman | Mar 27, 2013 | Close (done) | |
| ACTION-392 | Check with Jonathan about revising consent requirements (would adrianba's text suffice?) | Nick Doty | Apr 17, 2013 | Close (done) | |
| ACTION-393 | Work with Ronan on new consent indicator proposal | Matthias Schunter | Apr 17, 2013 | Close (done) | Assume this is just the “P” response. |
| ACTION-276 | Provide text regarding data retention, applicable to finanical logging data | Luigi Mastria | Apr 1, 2013 | Close (out of date) | We will need text proposals from DAA at some point if we’re going to pursue this adaptation approach, but may not need a separate action here. |
| ACTION-310 | Add three options for identity providers | Justin Brookman | Apr 1, 2013 | Close (out of date) | |
| ACTION-326 | Draft a proposal on marketing permitted use (with rachel) | Brendan Riordan-Butterworth | Apr 1, 2013 | Close (out of date) | Brendan no longer participating. |
| ACTION-327 | Draft a proposal on advertising permitted use (with rachel) | Brendan Riordan-Butterworth | Apr 1, 2013 | Close (out of date) | Brendan no longer participating. |
| ACTION-338 | Work with tl/jmayer on combining options on compliance hook | Aleecia McDonald | Apr 1, 2013 | Close (out of date) | |
| ACTION-308 | (with justin) to coordinate which document contains exceptions | David Singer | Apr 1, 2013 | Close (pre-empted) | A general coordination action (in particular for Justin and David) will be needed. |
| ACTION-309 | Coordinate with David Singer to accord User Agent constraints in both specs | Justin Brookman | Apr 1, 2013 | Close (pre-empted) | A general coordination action (in particular for Justin and David) will be needed. |
| ACTION-335 | Write non-normative text on unlinkability, with Shane | Dan Auerbach | Apr 1, 2013 | Close (pre-empted) | Red-Yellow-Green approach in progress is aimed at this. |
| ACTION-370 | Propose narrower "market research" use (with David Stark, Justin, Susan, Ronan, Rachel, Chris_M, EBerkower) | Richard Weaver | Feb 27, 2013 | Close (pre-empted) | |
| ACTION-373 | Propose text prohibiting data append (because it requires sharing, or otherwise; with jchester) | Aleecia McDonald | Mar 20, 2013 | Close (pre-empted) | I believe John Simpson’s text on this subject suffices. |
| ACTION-378 | Update de-identification definition based on feedback from Rob, Shane, public commitment | Dan Auerbach | Mar 13, 2013 | Close (pre-empted) | Likely pre-empted by ongoing work on red-yellow-green. |
| ACTION-391 | Update UI/consent proposal (including discussion with Adrian) | Alan Chapell | Apr 17, 2013 | Close (pre-empted) | Given discussion at the f2f, I believe we can move forward with Adrian’s text. |
| ACTION-395 | Provide a couple slides explanation of exchanges / redirects / server-to-server | Shane Wiley | May 1, 2013 | Close (pre-empted) | This was intended for the f2f, now passed. |
| ACTION-369 | Summarize texts, agreements, and uncertain bits to data around service providers (ideally with dsinger and perhaps npdoty, if willing) | Aleecia McDonald | Mar 13, 2013 | Keep open | Suggest we collapse the related action items into this one. This issue is dragging along unhelpfully, we should address it (through Call for Objections, if necessary) and move on. |
| ACTION-375 | Review TPE for updates necessary on multiple first parties (with Ed, Nick, RobS, possibly fielding) | Shane Wiley | Mar 18, 2013 | Keep open | |
| ACTION-376 | (with justin) to propose updates on multiple first parties (distinguishing between the one site and platform) | Rob Sherman | Mar 18, 2013 | Keep open | |
| ACTION-396 | Provide pending review text for signal of transferred/redirected exception (issue 168) | Nick Doty | May 1, 2013 | Keep open | |
| ACTION-397 | Look into data around the impact of audience measurement / changes to census calibration | Richard Weaver | May 13, 2013 | Keep open | |
| ACTION-398 | Work with ESOMAR folks on clarifying "otherwise support" in audience measurement proposed text | Richard Weaver | May 13, 2013 | Keep open | |
| ACTION-399 | Propose text (with Rigo and Rob v.E.) on harmonizing audience measurement permitted use in EU context | Susan Israel | May 13, 2013 | Keep open | |
| ACTION-400 | Explore how service providers (to 1st and 3rd parties) can provide transparency, and work through the use cases | David Singer | May 14, 2013 | Keep open | See David’s previous ACTION-317, and Rigo’s ongoing ACTION-388. |
| ACTION-401 | Update compliance standard to provide requirements for sending D tracking status signal when disregarding DNT:1 signals | Justin Brookman | May 14, 2013 | Keep open | |
| ACTION-402 | Work with Dan to follow up on defining the "yellow" to "green" transaction with strong enough measures | Shane Wiley | May 15, 2013 | Keep open | |
| ACTION-403 | Write language on red / yellow / green | Justin Brookman | May 15, 2013 | Keep open | |
| ACTION-404 | Further Fact finding on scope of audience measurement and the DAA exception (one page of text) | Susan Israel | May 15, 2013 | Keep open | |
| ACTION-405 | Follow up with Kathy, Jeff and Justin on FAQ | Rigo Wenning | May 24, 2013 | Keep open | |
| ACTION-387 | Review David Singer's most recent suggestion on service provider flag to see if it addresses the concern (with jmayer?) | Aleecia McDonald | Mar 27, 2013 | Merge into action-369. | |