Re: Compliance document updates for review before next WD publication (was CVS WWW/2011/tracking-protection/drafts) from Nicholas Doty on 2013-10-01 (public-tracking@w3.org from October 2013)

From: Nicholas Doty <npdoty@w3.org>
Date: Mon, 30 Sep 2013 22:23:16 -0700
To: John Simpson <john@consumerwatchdog.org>
Cc: "public-tracking@w3.org List" <public-tracking@w3.org>
Message-Id: <E6A112C4-2113-4F63-8E43-B8A0D3CCE8D3@w3.org>
Hi John,

Yes, the attached diff documents the changes that result in the current editors' draft:
  http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance.html

(Only the date differs.)

Thanks,
Nick

On September 30, 2013, at 2:14 PM, John Simpson <john@consumerwatchdog.org> wrote:

> Nick,
> 
> Am I correct that all of the changes you describe here in the attached html diff are now reflected in the Editors' draft dated Sept. 28 that is linked to from the WG's home page?
> 
> I have no objections to publishing the document outlined in your attached html diff (and I believe it is the the current editors' draft dated Sept. 28) as a public working draft.
> 
> Cheers,
> 
> John
> On Sep 28, 2013, at 4:32 PM, Nicholas Doty <npdoty@w3.org> wrote:
> 
>> Friends,
>> 
>> As discussed on our last call, we wanted to make updates to the Compliance draft before publishing an October Working Draft, as part of a regular schedule of publishing Working Drafts on a bi-monthly basis. On the call, Matthias asked for a quick review of these changes over the weekend as, per the proposed schedule, the next Working Draft snapshot would be published on Tuesday, October 1st. In prepping that document for publication, I would provide a largely similar "Status of This Document" section that emphasizes the lack of consensus and the process of resolving issues and the list of change proposals; as a reminder, the last Working Draft is here: http://www.w3.org/TR/2013/WD-tracking-compliance-20130912/.
>> 
>> The diff quoted at bottom shows all the changes made, but to facilitate review, I've summarized the list of changes below and I've attached a diff showing the changes in HTML, in case you don't like reading markup.
>> 
>> I mentioned on our last call that I have been keeping a list of editorial suggestions that have been provided. I'm managing that list on the wiki here: 
>> 
>>   http://www.w3.org/wiki/Privacy/TPWG/Editorial_corrections
>> 
>> And I've struck through the ones that I believe have been completed (most of the list, but not all, as some I couldn't easily figure out or thought would be substantive and controversial). If there are editorial suggestions you made that apparently aren't on that list, I may have missed them, I apologize, and I appreciate your bringing them to our attention.
>> 
>> Thanks,
>> Nick
>> 
>> 
>> Summary of changes:
>> 
>> * adds graduated response non-normative section per group decision [we may see change proposals to remove this]
>> 
>> * removed instances of "pass to" and "transmit to" when used in this sense, only use the defined term "share"
>> 
>> * in User Agent Compliance requirement for having a set of options for the user, indicated that this is a general preference (for a user-granted exception, the browser won't separately offer dnt 1 and dnt unset)
>> 
>> * regarding data/information/records being collected or used, made the document consistent in using "data" (Retains "information" in phrases like "information security".) We use "data" for both plural and singular.
>> 
>> * replaced instances of "operator of a website" with the defined term "party".
>> ** [still open: handling "web sites" in the UA Compliance section]
>> 
>> * separated legal compliance into its own section (applies to all parties)
>> 
>> * changed "this standard" to "this recommendation"
>> ** [still have one instance of "this and other standards", which I'm inclined to leave as is]
>> 
>> <editorial-snapshots-html.html>
>> 
>> Begin forwarded message:
>> 
>>> Resent-From: public-tracking-commit@w3.org
>>> From: "CVS User npdoty" <cvsmail@w3.org>
>>> Subject: CVS WWW/2011/tracking-protection/drafts
>>> Date: September 28, 2013 3:30:05 PM PDT
>>> To: public-tracking-commit@w3.org
>>> Archived-At: <http://www.w3.org/mid/E1VQ31Z-0004bj-TE@gil.w3.org>
>>> 
>>> Update of /w3ccvs/WWW/2011/tracking-protection/drafts
>>> In directory gil:/tmp/cvs-serv17711
>>> 
>>> Modified Files:
>>> 	tracking-compliance.html 
>>> Log Message:
>>> through much of the backlog of editorial changes for Compliance doc
>>> 
>>> --- /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-compliance.html	2013/09/19 21:49:08	1.102
>>> +++ /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-compliance.html	2013/09/28 22:30:05	1.103
>>> @@ -170,10 +170,10 @@
>>> 				       linked to, a particular consumer, computer, or other device;
>>> 				</li>
>>> 				<li>
>>> -					commits to try not to reidentify the data; and
>>> +					commits to make no attempt to re-identify the data; and
>>> 				</li>
>>> 				<li>
>>> -					contractually prohibits downstream recipients from trying to
>>> +					contractually prohibits downstream recipients from attempting to
>>>           re-identify the data.
>>> 				</li>
>>> 			</ol>
>>> @@ -185,7 +185,7 @@
>>> 				<h3>Tracking</h3>
>>> 			<p>
>>> 				<dfn>Tracking</dfn> is the retention or use, after a network
>>> -         interaction is complete, of data records that are, or can be,
>>> +         interaction is complete, of data that are, or can be,
>>>          associated with a specific user, user agent, or device.
>>> 			</p>
>>> 			<p class="issue" data-number="5" title="What is the definition of tracking?"></p>
>>> @@ -194,7 +194,7 @@
>>> 			<section id="collection">
>>> 				<h3>Collect, Retain, Use, Share</h3>
>>>         <p id="def-collection">
>>> -					A party <dfn>collects</dfn> data if it receives the data and shares
>>> +					A party <dfn>collects</dfn> data if it receives the data and either shares
>>>           the data with other parties or stores the data for more than a
>>>           transient period.
>>> 				</p>
>>> @@ -204,7 +204,7 @@
>>> 				</p>
>>>         <p>
>>> 					A party <dfn>uses</dfn> data if the party processes the data for any
>>> -          purpose other than storage or merely forwarding it to another party.
>>> +          purpose other than either storage or merely forwarding it to another party.
>>> 				</p>
>>>         <p>
>>> 					A party <dfn>shares</dfn> data if the party enables another party to
>>> @@ -212,12 +212,18 @@
>>> 				</p>
>>> 				<p class="issue" data-number="16" title="What does it mean to collect data? (caching, logging, storage, retention, accumulation, profile etc.)"></p>
>>> 			</section>
>>> +			<section id="graduated-response">
>>> +				<h3>Graduated Response</h3>
>>> +				<p>
>>> +					A <dfn>graduated response</dfn> a methodology where the action taken is proportional to the size of the problem or risk that is trying to be mitigated. In the context of this document, the term is used to describe an increase in the collection of data about a user or transaction in response to a specific problem that a party has become aware of, such as an increase in fraudulent activity originating from a particular network or IP address range resulting in increased logging of data relating to transactions from that specific range of IP addresses as opposed to increased logging for all users in general.
>>> +				</p>
>>> +			</section>
>>> 	</section> <!-- end definitions -->
>>> 	<section id="user-agent-compliance">
>>>     <h3>User Agent Compliance</h3>
>>>       <p class="issue" data-number="205" title="user agent compliance requirements; connections to TPE"></p>
>>> 			<p>
>>> -				A user agent MUST offer users a minimum of two alternative choices for a Do Not Track preference: unset or DNT: 1. A user agent MAY offer a third alternative choice: DNT: 0.
>>> +				A user agent MUST offer users a minimum of two alternative choices for a Do Not Track general preference: unset or DNT: 1. A user agent MAY offer a third alternative choice: DNT: 0.
>>> 			</p>
>>> 			<p>
>>> 				If the user's choice is DNT:1 or DNT:0, the tracking preference is <dfn>enabled</dfn>; otherwise, the tracking preference is <dfn>not enabled</dfn>.
>>> @@ -239,7 +245,7 @@
>>> 					when DNT is enabled, some data may still be collected and used for certain purposes, and a description of such purposes; and
>>> 				</li>
>>> 				<li>
>>> -					if a user affirmatively allows a particular party to collect and use information about web viewing activities, enabling DNT will not limit collection and use from that party.
>>> +					if a user affirmatively allows a particular party to collect and use data about web viewing activities, enabling DNT will not limit collection and use from that party.
>>> 				</li>
>>> 			</ol>
>>> 			<p>
>>> @@ -256,16 +262,16 @@
>>>     <h3>First Party Compliance</h3>
>>>     <p>
>>>       If a first party receives a DNT:1 signal the first party MAY engage in its normal collection and
>>> -      use of information. This includes the ability to customize the content,
>>> +      use of data. This includes the ability to customize the content,
>>>       services, and advertising in the context of the first party experience.
>>>     </p>
>>>     <p>
>>> -      The first party MUST NOT pass information about this network interaction to
>>> +      The first party MUST NOT share data about this network interaction with
>>>       third parties who could not collect the data
>>> -      themselves under this standard. Information about the transaction MAY be passed on to service providers acting on behalf of the first party
>>> +      themselves under this recommendation. Data about the transaction MAY be shared with service providers acting on behalf of the first party.
>>>     </p>
>>> 		<p>
>>> -			First parties MAY elect to follow third party practices.
>>> +			A first party MAY elect to follow the rules defined here for third parties.
>>> 		</p>
>>> 		<p class="issue" data-number="170" title="Definition of and what/whether limitations around data append and first parties"></p>
>>> 	</section>
>>> @@ -276,23 +282,21 @@
>>>       If a third party receives a DNT: 1 signal, then:
>>>     </p>
>>>     <ol start="1">
>>> -      <li>the third party MUST NOT collect, retain, share, or use information
>>> +      <li>the third party MUST NOT collect, retain, share, or use data
>>>       related to the network interaction as part of which it received the DNT:
>>> -      1 signal outside of the permitted uses as defined within this standard
>>> +      1 signal outside of the permitted uses as defined within this recommendation
>>>       and any explicitly-granted exceptions provided in accordance with the
>>> -      requirements of this standard;</li>
>>> +      requirements of this recommendation;</li>
>>> 
>>> -      <li>the third party MUST NOT use information about previous network
>>> +      <li>the third party MUST NOT use data about previous network
>>>       interactions in which it was a third party, outside of the permitted
>>> -      uses as defined within this standard and any explicitly-granted
>>> +      uses as defined within this recommendation and any explicitly-granted
>>>       exceptions, provided in accordance with the requirements of this
>>> -      standard.</li>
>>> +      recommendation.</li>
>>>     </ol>
>>> 		<p>
>>> 			The third party MAY nevertheless collect, use, and retain such
>>> -      information for the set of permitted uses described below. Further,
>>> -      parties MAY collect, use, and retain such information in order to comply
>>> -      with applicable laws, regulations, and judicial processes.
>>> +      data for the set of permitted uses described below.
>>> 		</p>
>>> 		<p>
>>> 			Outside the permitted uses listed below, the third party MUST NOT
>>> @@ -315,8 +319,8 @@
>>> 		</p>
>>> 		<p>
>>> 			It is outside the scope of this specification to control short-term,
>>> -      transient collection and use of data, so long as the information is not
>>> -      transmitted to a third party and is not used to build a profile about a
>>> +      transient collection and use of data, so long as the data is not
>>> +      shared with a third party and is not used to build a profile about a
>>>       user or otherwise alter an individual user’s user experience outside the
>>>       current network interaction. For example, the contextual customization
>>>       of ads shown as part of the same network interaction is not restricted
>>> @@ -412,7 +416,7 @@
>>>       <section id="frequency-capping">
>>>       <h4>Frequency Capping</h4>
>>> 			<p>
>>> -				Regardless of DNT signal, information MAY be collected, retained and used to limit
>>> +				Regardless of DNT signal, data MAY be collected, retained and used to limit
>>> 				the number of times that a user sees a particular advertisement, often called
>>> 				<dfn>frequency capping</dfn>, as long as the data retained do not reveal the user’s
>>> 				browsing history. Parties MUST NOT construct profiles of users or user behaviors based
>>> @@ -422,7 +426,7 @@
>>> 			<section id="financial-logging">
>>> 			<h4>Financial Logging</h4>
>>> 			<p>
>>> -				Regardless of DNT signal, information MAY be collected, retained and used for
>>> +				Regardless of DNT signal, data MAY be collected, retained and used for
>>> 				<dfn>billing and auditing</dfn> related to the current network interaction and
>>> 				concurrent transactions. This may include counting ad impressions to unique visitors,
>>> 				verifying positioning and quality of ad impressions and auditing compliance with this
>>> @@ -436,16 +440,20 @@
>>> 				fraudulent or malicious activity</dfn>, parties MAY collect, retain, and use data regardless
>>> 				of a DNT signal. This includes data reasonably necessary for enabling authentication/verification,
>>> 				detecting hostile and invalid transactions and attacks, providing fraud prevention, and maintaining
>>> -				system integrity. In the context of this specific permitted use, this information MAY be used to
>>> +				system integrity. In the context of this specific permitted use, this data MAY be used to
>>> 				alter the user's experience in order to reasonably keep a service secure or prevent fraud.
>>> 			</p>
>>> 			<p class="issue" data-number="24" title="Possible exemption for fraud detection and defense"></p>
>>> +  			<section id="security-graduated" class="informative">
>>> +  				<h4>Graduated Responses for Security</h4>
>>> +  				When feasible, a <a>graduated response</a> to a detected security incident is preferred over widespread data collection. An example would be recording all use from a given IP address range, regardless of DNT signal, if the party believes it is seeing a coordinated attack on its service (such as click fraud) from that IP address range. Similarly, if an attack shared some other identifiable fingerprint, such as a combination of user agent string and other protocol information, the party could retain logs on all transactions matching that fingerprint until it can be determined that they are not associated with such an attack or such retention is no longer necessary to support prosecution.
>>> +  			</section>
>>> 			</section>
>>> 			
>>> 			<section id="debugging">
>>> 			<h4>Debugging</h4>
>>> 			<p>
>>> -				Regardless of DNT signal, information MAY be collected, retained and used for
>>> +				Regardless of DNT signal, data MAY be collected, retained and used for
>>> 				<dfn>debugging purposes</dfn> to identify and repair errors that impair existing intended
>>> 				functionality.
>>> 			</p>
>>> @@ -470,14 +478,14 @@
>>>       from requests received with DNT: 0.
>>>     </p>
>>>     <p>
>>> -      The operator of a website may engage in practices otherwise proscribed
>>> -      by this standard if the user has given explicit and informed consent.
>>> +      A party may engage in practices otherwise proscribed
>>> +      by this recommendation if the user has given explicit and informed consent.
>>>       This consent may be obtained through the API defined in the
>>> -      companion [[!TRACKING-DNT]] document, or an operator of a website may
>>> +      companion [[!TRACKING-DNT]] document, or a party may
>>>       also obtain <dfn>out of band</dfn> consent to disregard a Do Not Track
>>> -      preference using a different technology. If an operator is relying on
>>> +      preference using a different technology. If a party is relying on
>>>       out of band consent to disregard a Do Not Track preference, the
>>> -      operator must indicate this consent to the user agent as described in
>>> +      party must indicate this consent to the user agent as described in
>>>       the companion [[!TRACKING-DNT]] document.
>>>     </p>
>>> </section>
>>> @@ -510,10 +518,16 @@
>>> 	<section>
>>> 		<h3>Unknowing Collection</h3>
>>> 		<p>
>>> -			If a party learns that it possesses information in violation of this standard, it MUST, where reasonably feasible, delete or de-identify that information at the earliest practical opportunity, even if it was previously unaware of such information practices despite reasonable efforts to understand its information practices.
>>> +			If a party learns that it possesses data in violation of this recommendation, it MUST, where reasonably feasible, delete or de-identify that data at the earliest practical opportunity, even if it was previously unaware of such information practices despite reasonable efforts to understand its information practices.
>>> 		</p>
>>> 		<p class="issue" data-number="208" title="Requirements on unknowing collection, retention and use"></p>
>>> 	</section>
>>> +	<section>
>>> +	  <h3>Legal Compliance</h3>
>>> +	  <p>
>>> +	    Notwithstanding anything in this recommendation, parties may collect, use, share, and retain data required to comply with applicable laws, regulations, and judicial processes.
>>> +	  </p>
>>> +	</section>
>>>   <section id="acknowledgements" class='appendix'>
>>>     <h1>Acknowledgements</h1>
>>>     <p>
>
Received on Tuesday, 1 October 2013 05:23:23 UTC