- From: CVS User npdoty <cvsmail@w3.org>
- Date: Wed, 09 Apr 2014 02:54:32 +0000
- To: public-tracking-commit@w3.org
Update of /w3ccvs/WWW/2011/tracking-protection/drafts
In directory gil:/tmp/cvs-serv27415
Modified Files:
tracking-compliance.html
Log Message:
at chairs' request, made updates to Compliance draft to harmonize definitions from WG decisions; also editorial changes, attempt to address issue-221
--- /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-compliance.html 2014/01/27 01:55:34 1.109
+++ /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-compliance.html 2014/04/09 02:54:32 1.110
@@ -146,21 +146,21 @@
<section id="first-party">
<h3>First Party</h3>
- <p>
- Within the context of a given user action, a <dfn>first party</dfn>
- is a party with which the user intends to interact, via one or more
- network interactions, as a result of making that action. Merely
- hovering over, muting, pausing, or closing a given piece of content
- does not constitute a user's intent to interact with another party.
-
- In some cases, a resource on the Web will be jointly controlled by
- two or more distinct parties. Each of those parties is considered a
- first party if a user would reasonably expect to communicate with all
- of them when accessing that resource. For example, prominent co-branding
- on the resource might lead a user to expect that multiple parties are
- responsible for the content or functionality.
- </p>
- <!-- <p class="issue" data-number="10" title="What is a first party?"></p> -->
+ <p>
+ With respect to a given user action, a <dfn>first party</dfn>
+ is a party with which the user intends to interact, via one or more
+ network interactions, as a result of making that action. Merely
+ hovering over, muting, pausing, or closing a given piece of content
+ does not constitute a user's intent to interact with another party.
+ </p>
+ <p>
+ In some cases, a resource on the Web will be jointly controlled by
+ two or more distinct parties. Each of those parties is considered a
+ first party if a user would reasonably expect to communicate with
+ all of them when accessing that resource. For example, prominent
+ co-branding on the resource might lead a user to expect that
+ multiple parties are responsible for the content or functionality.
+ </p>
</section>
<section id="third-party">
@@ -196,30 +196,32 @@
<section id="tracking">
<h3>Tracking</h3>
<p>
- <dfn>Tracking</dfn> is the collection of data regarding a particular user's activity
- across multiple distinct contexts and the retention, use, or sharing of data derived
- from that activity outside the context in which it occurred.
- </p>
- <!-- <p class="issue" data-number="5" title="What is the definition of tracking?"></p> -->
- <p class="issue" data-number="119" title="Specify 'not tracking' or 'None'">This draft does not specify any separate definition for "not tracking".</p>
- <p class="issue" data-number="240" title="Do we need to define context"></p>
+ <dfn>Tracking</dfn> is the collection of data regarding a particular
+ user's activity across multiple distinct contexts and the retention,
+ use, or sharing of data derived from that activity outside the
+ context in which it occurred.
+ A <dfn>context</dfn> is a set of resources that are controlled by
+ the same party or jointly controlled by a set of parties.
+ </p>
</section>
<section id="collection">
<h3>Collect, Use, Share, Facilitate</h3>
- <p id="def-collection">
- A party <dfn>collects</dfn> data received in a network interaction if that data
- remains within the party’s control after the network interaction is complete.<br><br>
-
- A party <dfn>uses</dfn> data if the party processes the data for any purpose
- other than storage or merely forwarding it to another party.<br><br>
-
- A party <dfn>shares</dfn> data if it transfers or provides a copy of data to
- any other party.<br><br>
-
- A party <dfn>facilitates</dfn> any other party’s collection of data if it enables
+ <p>
+ A party <dfn>collects</dfn> data received in a network interaction if that data
+ remains within the party’s control after the network interaction is complete.
+ </p>
+ <p>
+ A party <dfn>uses</dfn> data if the party processes the data for any purpose
+ other than storage or merely forwarding it to another party.
+ </p>
+ <p>
+ A party <dfn>shares</dfn> data if it transfers or provides a copy of data to
+ any other party.
+ </p>
+ <p>
+ A party <dfn>facilitates</dfn> any other party’s collection of data if it enables
such party to collect data and engage in tracking.
- </p>
- <!-- <p class="issue" data-number="16" title="What does it mean to collect data? (caching, logging, storage, retention, accumulation, profile etc.)"></p> -->
+ </p>
</section>
<section id="graduated-response">
<h3>Graduated Response</h3>
@@ -237,6 +239,7 @@
<section id="user-agent-compliance">
<h3>User Agent Compliance</h3>
<p class="issue" data-number="205" title="user agent compliance requirements; connections to TPE"></p>
+ <p class="note">Much of this is duplicative of requirements in the [[TRACKING-DNT]] specification. Can we harmonize the two? For example: by removing this section and just including a normative reference and a summary of the requirements; or by reducing this section to any requirements beyond those in [[TRACKING-DNT]].</p>
<p>
A user agent MUST offer users a minimum of two alternative choices for a Do Not Track general preference: unset or DNT: 1. A user agent MAY offer a third alternative choice: DNT: 0.
</p>
@@ -276,61 +279,49 @@
<section id="first-party-compliance">
<h3>First Party Compliance</h3>
<p>
- If a first party receives a DNT:1 signal the first party MAY engage in its normal collection and
- use of data. This includes the ability to customize the content,
- services, and advertising in the context of the first party experience.
+ With respect to a given user action, a first party to that action which receives a <code>DNT:1</code> signal MAY collect and use data received from those network interactions. This includes customizing content, services and advertising with respect to those user actions.
</p>
<p>
- The first party MUST NOT share data about this network interaction with
- third parties who could not collect the data
- themselves under this recommendation. Data about the interaction MAY be shared with service providers acting on behalf of the first party.
+ A first party to a given user action MUST NOT share data about those network interactions with third parties to that action who are prohibited from collecting data from those network interactions under this recommendation. Data about the interaction MAY be shared withh service providers acting on behalf of the first party.
</p>
<p>
- A first party MAY elect to follow the rules defined here for third parties.
+ A first party to a given user action MAY elect to follow the rules defined under this recommendation for third parties.
</p>
+ <p class="note">Given WG decision on ISSUE-241, how should a first party to an action indicate to the user that it is electing to follow third-party rules? Should we suggest using "N" or some other tracking status code?</p>
<p class="issue" data-number="170" title="Definition of and what/whether limitations around data append and first parties"></p>
</section>
<section id="third-party-compliance">
<h3>Third Party Compliance</h3>
<p class="issue" data-number="203" title="Use of 'tracking' in third-party compliance"></p>
<p>
- If a third party receives a DNT: 1 signal, then:
+ When a third party to a given user action receives a <code>DNT:1</code> signal in a related network interaction:
</p>
<ol start="1">
- <li>the third party MUST NOT collect, retain, share, or use data
- related to the network interaction as part of which it received the DNT:
- 1 signal outside of the permitted uses as defined within this recommendation
- and any explicitly-granted exceptions provided in accordance with the
- requirements of this recommendation;</li>
-
- <li>the third party MUST NOT use data about previous network
- interactions in which it was a third party, outside of the permitted
- uses as defined within this recommendation and any explicitly-granted
- exceptions, provided in accordance with the requirements of this
- recommendation.</li>
+ <li>that party MUST NOT collect, share, or use data
+ related to that interaction;</li>
+ <li>that party MUST NOT use data about previous network
+ interactions in which it was a third party.</li>
</ol>
<p>
- The third party MAY nevertheless collect, use, and retain such
- data for the set of permitted uses described below.
- </p>
+ A third party to a given user action MAY nevertheless collect and use such
+ data when:
+ </p>
+ <ol start="1">
+ <li>a user has explicitly-granted an exception, as described below;</li>
+ <li>data is collected for the set of permitted uses described below;</li>
+ <li>or, the data is de-identified as defined in this recommendation.</li>
+ </ol>
<p>
- Outside the permitted uses listed below, the third party MUST NOT
- collect, retain, share, or associate with the network interaction
- identifiers that identify the specific user, user agent, or device. For
- example, a third party that does not require unique user identifiers for
- one of the permitted uses must not place a unique identifier in cookies
+ Outside the permitted uses and explicitly-granted exceptions listed below,
+ a third party to a given user action MUST collect, share, or associate with related
+ network interactions any identifiers that identify a specific user, user agent, or device.
+ For example, a third party that does not require unique user identifiers for
+ one of the permitted uses MUST NOT place a unique identifier in cookies
or other browser-based local storage mechanisms.
</p>
<p>
- Third parties that disregard a DNT signal MUST signal so to the user
- agent, using the response mechanism defined in the [[!TRACKING-DNT]]
- specification.
- </p>
- <p>
- When a third party receives a DNT:1 signal, that third party MAY
- nevertheless collect, retain, share or use data related to that network
- interaction if the data is de-identified as defined in this
- specification.
+ A third party to a given user action that disregards a DNT signal MUST indicate so to the user
+ agent, using the response mechanism defined in the [[!TRACKING-DNT]] recommendation.
</p>
<p>
It is outside the scope of this specification to control short-term,
@@ -339,34 +330,33 @@
user or otherwise alter an individual user’s user experience outside the
current network interaction. For example, the contextual customization
of ads shown as part of the same network interaction is not restricted
- by DNT: 1.
+ by a <code>DNT:1</code> signal.
</p>
<p class="issue" data-number="134" title="Would we additionally permit logs that are retained for a short enough period?"></p>
<p class="issue" data-number="204" title="Definitions of collection / retention and transience / network interaction"></p>
- <p>
- It is outside the scope of this specification to control the collection
- and use of de-identified data.
- </p>
- <section id="geolocation">
- <h3>Third Party Geolocation Compliance</h3>
- <p>
- If a third party is part of a network interaction with a DNT: 1 signal, then geolocation data MUST NOT
- be used in that interaction at any level more granular than postal code, unless specific consent has been
- granted for the use of more granular location data.
- </p>
- <p class="issue" data-number="202" title="Limitations on geolocation by third parties"></p>
- </section>
+
+ <section id="geolocation">
+ <h3>Third Party Geolocation Compliance</h3>
+ <p>
+ If a third party to a given user action receives a
+ <code>DNT:1</code> signal in a related network interaction, then that
+ party MUST NOT use geolocation data in that interaction at any level more
+ granular than postal code, unless specific consent has been granted
+ for the use of more granular location data.
+ </p>
+ <p class="issue" data-number="202" title="Limitations on geolocation by third parties"></p>
+ </section>
- <section id="permitted-use-requirements">
+ <section id="permitted-use-requirements">
<h4>General Principles for Permitted Uses</h4>
<p>
- Some collection, retention and use of data is permitted,
- notwithstanding DNT: 1, as enumerated below. Different permitted
+ Some collection and use of data by third parties to a given user action is permitted,
+ notwithstanding receipt of <code>DNT:1</code> in a network interaction, as enumerated below.
+ Different permitted
uses may differ in their permitted items of data collection,
- retention times, and consequences. In all cases, collection,
- retention, and use of data must be reasonably necessary and
- proportionate to achieve the purpose for which it is specifically
+ retention times, and consequences. In all cases, collection and use of data must be reasonably
+ necessary and proportionate to achieve the purpose for which it is specifically
permitted; unreasonable or disproportionate collection, retention,
or use are not “permitted uses”.
</p>
@@ -374,7 +364,7 @@
<section id="no-secondary-uses">
<h5>No Secondary Uses</h5>
<p>
- Third Parties MUST NOT use data retained for permitted uses for
+ A party MUST NOT use data collected for permitted uses for
purposes other than the permitted uses for which each datum was
permitted to be collected.
</p>
@@ -383,29 +373,30 @@
<section id="data-minimization-and-transparency">
<h5>Data Minimization, Retention and Transparency</h5>
<p>
- Data retained by a party for permitted uses MUST be limited to
- the data reasonably necessary for such permitted uses. Such data
- MUST NOT be retained any longer than is proportionate to and
- reasonably necessary for such permitted uses.
+ Data collected by a party for permitted uses MUST be limited to
+ the data reasonably necessary for such permitted uses. Such data
+ MUST NOT be retained any longer than is proportionate to and
+ reasonably necessary for such permitted uses.
</p>
<p>
- Third parties MUST provide public transparency of the time periods
+ A party MUST provide public transparency of the time periods
for which data collected for permitted uses are retained. The
- third party MAY enumerate different retention periods for
+ party MAY enumerate different retention periods for
different permitted uses. Data MUST NOT be used for a permitted
use once the data retention period for that permitted use has
expired. After there are no remaining permitted uses for given
data, the data MUST be deleted or de-identified.
</p>
<p>
- Third parties MUST make reasonable data minimization efforts to ensure that only the data necessary for the permitted use is retained, and MUST NOT rely on unique identifiers for users or devices if alternative solutions are reasonably available.
+ A party that collects data for a permitted use MUST make reasonable data minimization efforts to ensure that only the data necessary for the permitted use is retained, and MUST NOT rely on unique identifiers if alternative solutions are reasonably available.
</p>
<p class="issue" data-number="199" title="Limitations on the use of unique identifiers"></p>
+ <p class="issue" data-number="233" title="Data Minimization, Retention and Transparency">Should we use "minimized" rather than "limited" in this section?</p>
</section>
<section id="no-personalization">
<h5>No Personalization</h5>
<p>
- Data retained for permitted uses MUST NOT be used to alter a
+ A party that collects data for a permitted use MUST NOT use that data to alter a
specific user's online experience based on multi-site activity,
except as specifically permitted below.
</p>
@@ -413,12 +404,12 @@
<section id="reasonable-security">
<h5>Reasonable Security</h5>
<p>
- Third parties MUST use reasonable technical and organizational
+ A party that collects data for a permitted use MUST use reasonable technical and organizational
safeguards to prevent further processing of data retained for
permitted uses. While physical separation of data maintained for
permitted uses is not required, best practices SHOULD be in place
to ensure technical controls ensure access limitations and
- information security. Third parties SHOULD ensure that the access
+ information security. That party SHOULD ensure that the access
and use of data retained for permitted uses is auditable.
</p>
</section>
@@ -431,17 +422,17 @@
<section id="frequency-capping">
<h4>Frequency Capping</h4>
<p>
- Regardless of DNT signal, data MAY be collected, retained and used to limit
+ Regardless of the tracking preference expressed, data MAY be collected, retained and used to limit
the number of times that a user sees a particular advertisement, often called
<dfn>frequency capping</dfn>, as long as the data retained do not reveal the user’s
- browsing history. Parties MUST NOT construct profiles of users or user behaviors based
+ browsing history. A party MUST NOT construct profiles of users or user behaviors based
on their ad frequency history, or otherwise alter the user’s experience.
</p></section>
<section id="financial-logging">
<h4>Financial Logging</h4>
<p>
- Regardless of DNT signal, data MAY be collected, retained and used for
+ Regardless of the tracking preference expressed, data MAY be collected and used for
<dfn>billing and auditing</dfn> related to the current network interaction and
concurrent transactions. This may include counting ad impressions to unique visitors,
verifying positioning and quality of ad impressions and auditing compliance with this
@@ -450,8 +441,8 @@
<section id="security">
<h4>Security</h4>
- <p>Regardless of the tracking preference expressed, data MAY be collected,
- retained, and used to the extent reasonably necessary to detect security
+ <p>Regardless of the tracking preference expressed, data MAY be collected
+ and used to the extent reasonably necessary to detect security
incidents, protect the service against malicious, deceptive, fraudulent,
or illegal activity, and prosecute those responsible for such activity,
provided that such data is not used for operational behavior
@@ -474,7 +465,7 @@
<section id="debugging">
<h4>Debugging</h4>
<p>
- Regardless of DNT signal, data MAY be collected, retained and used for
+ Regardless of the tracking preference expressed, data MAY be collected, retained and used for
<dfn>debugging purposes</dfn> to identify and repair errors that impair existing intended
functionality.
</p>
@@ -491,22 +482,22 @@
<section id="user-granted-exceptions">
<h2>User-Granted Exceptions</h2>
<p>
- When a user sends a DNT: 0 signal, the user is expressing a preference
+ When a user sends a <code>DNT:0</code> signal, the user is expressing a preference
for a personalized experience. This signal indicates explicit consent
for data collection, retention, processing, disclosure, and use by the
recipient of this signal to provide a personalized experience for the
user. This recommendation places no restrictions on data collected
- from requests received with DNT: 0.
+ from requests received with <code>DNT:0</code>.
</p>
<p>
- A party may engage in practices otherwise proscribed
+ A party MAY engage in practices otherwise proscribed
by this recommendation if the user has given explicit and informed consent.
- This consent may be obtained through the API defined in the
- companion [[!TRACKING-DNT]] document, or a party may
- also obtain <dfn>out of band</dfn> consent to disregard a Do Not Track
+ This consent MAY be obtained through the API defined in the
+ companion [[!TRACKING-DNT]] document, or a party MAY
+ obtain <dfn>out of band</dfn> consent to disregard a Do Not Track
preference using a different technology. If a party is relying on
out of band consent to disregard a Do Not Track preference, the
- party must indicate this consent to the user agent as described in
+ party MUST indicate this consent to the user agent as described in
the companion [[!TRACKING-DNT]] document.
</p>
</section>
@@ -546,7 +537,7 @@
<section>
<h3>Legal Compliance</h3>
<p>
- Notwithstanding anything in this recommendation, parties MAY collect, use, share, and retain data required to comply with applicable laws, regulations, and judicial processes.
+ Notwithstanding anything in this recommendation, a party MAY collect, use, and share data required to comply with applicable laws, regulations, and judicial processes.
</p>
</section>
<section id="acknowledgements" class='appendix'>
Received on Wednesday, 9 April 2014 02:54:34 UTC