- From: David Wainberg <dwainberg@appnexus.com>
- Date: Thu, 3 Oct 2013 09:34:37 -0400
- To: Rob Sherman <robsherman@fb.com>
- CC: Tracking Protection Working Group <public-tracking@w3.org>
- Message-ID: <524D726D.1010006@appnexus.com>
Hi Rob,
On 2013-10-02 11:08 PM, Rob Sherman wrote:
> but my point is that it's not good
> policy to make a general assumption that it's never expected to use data
> across multiple sites and to limit functionality on the basis of that
> assumption.
I think I agree about the possibilities of use of data from a first
party context in a third party context. But there would have to be
limitations, since, as you point out, not every case is acceptable.
>
> More broadly, this proposal is at odds with one of the basic goals that
> I've heard articulated by many in this group: that DNT should, subject to
> permitted uses, consent, legal compliance, etc., operate to prevent
> retention of identifiable browsing history across websites by third
> parties.
I would restate this slightly: The concern is about /collection or
use////in a third party context/. It's confusing to talk about parties,
since parties can be either first or third. There are not clearly
delineated species of companies. It's the context that matters. Using
context, it becomes so much easier to define the rules according to the
contexts, in a very understandable way. Using your point above to
illustrate -- just as an example -- we could define a rule for data that
is collected in a first party context and used in a third party context:
| Collection | Use | Rules |
+------------------------------------------------------------------------------------+
| 1st | 3rd | data may be used by the party (or by its service
provider)
| on its own behalf to provide a service or
information to a user |
-David
>
Received on Thursday, 3 October 2013 13:35:13 UTC