Re: [meetings] Agenda Request - Review Working Group Charter Changes (#52) from Aram Zucker-Scharff via GitHub on 2022-06-27 (public-patcg@w3.org from June 2022)

From: Aram Zucker-Scharff via GitHub <sysbot+gh@w3.org>
Date: Mon, 27 Jun 2022 17:23:21 +0000
To: public-patcg@w3.org
Message-ID: <issue_comment.created-1167643492-1656350599-sysbot+gh@w3.org>

Since @joshuakoran is a new participant in this thread I wanted to quickly make some comments to focus on his input: 

> The Charter could be improved by ensuring not all B2B processing for digital advertising must be exclusively bundled within user agent consumer software
> a. Charter: “Ways in which new features might enable inappropriate processing include (but are not limited to) enabling of [cross-site or cross context recognition](https://w3ctag.github.io/privacy-principles/#hl-recognition-cross-site) of users or enabling [same-site or same-context recognition](https://w3ctag.github.io/privacy-principles/#hl-recognition-same-site) of users across the clearing of state.”
> b. “Inappropriate” processing should indeed be the focus, rather than which organization is doing such inappropriate processing, as the above quote implies. So long as the recipient system that appropriately processes data (such as this data poses low privacy risks to individuals), there should be alternate mechanisms for web authors and media owners to work with partners of their choice, rather than relying exclusively on user agents for such processing.

Inappropriate is indeed the focus. I'm unclear on your objection here. This does not require or suggest that there is an exclusive reliance on user agents. That said, this is a W3C group so any standards we write are intended to be implemented by user agents and this limits our capacity to discuss proposals that exist entirely outside of the scope of user agent APIs. 

> If a user agent (or operating system) is to responsibly process cross-site or cross context information for digital advertising (such as frequency capping and attribution), it would be useful to ensure how such processing is improving end user privacy [...]
> c. The Charter could be improved by clarifying how other entities can rely on similar mechanisms as contemplated by user agents or operating systems to reduce the risk to specific individuals associated with the collection and processing of personal data.

The Charter is intended to establish the work mode, process, and scope of proposals considered. It's not the role of a charter to provide informational instruction on how particular user agents or OSs work, though we would invite fact sheets and documents on those topics in the WG or CG. 

With these responses in mind, if you agree with my points here, I think that addresses any objections to the charter remaining from Criteo? @joshuakoran please let me know if this has clarified the issue and dealt with the objections you've stated. 

-- 
GitHub Notification of comment by AramZS
Please view or discuss this issue at https://github.com/patcg/meetings/issues/52#issuecomment-1167643492 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 27 June 2022 17:23:23 UTC