- From: CVS User jbrookma <cvsmail@w3.org>
- Date: Thu, 16 Jan 2014 22:10:51 +0000
- To: public-tracking-commit@w3.org
Update of /w3ccvs/WWW/2011/tracking-protection/drafts
In directory gil:/tmp/cvs-serv4463/WWW/2011/tracking-protection/drafts
Modified Files:
tracking-compliance.html
Log Message:
definitional changes based on CfOs
--- /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-compliance.html 2013/11/07 03:31:35 1.107
+++ /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-compliance.html 2014/01/16 22:10:51 1.108
@@ -57,8 +57,11 @@
<section id="scope-and-goals">
<h2>Scope</h2>
- <p>Do Not Track is designed to provide users with a simple preference expression mechanism to allow or limit online tracking globally or selectively.</p>
- <p>The specification applies to compliance with requests through user agents that (1) can access the general browsable Web; (2) have a user interface that satisfies the requirements in <a href="http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#determining">Determining User Preference</a> in the [[!TRACKING-DNT]] specification; (3) and can implement all of the [[!TRACKING-DNT]] specification, including the mechanisms for communicating a tracking status, and the user-granted exception mechanism.</p>
+ <p>Do Not Track is designed to provide users with a simple preference expression
+ mechanism to allow or limit online tracking globally or selectively.</p>
+ <p>The specification applies to compliance with requests through user agents
+ that (1) can access the general browsable Web; (2) have a user interface that
+ satisfies the requirements in <a href="http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#determining">Determining User Preference</a> in the [[!TRACKING-DNT]] specification; (3) and can implement all of the [[!TRACKING-DNT]] specification, including the mechanisms for communicating a tracking status, and the user-granted exception mechanism.</p>
<p class="issue" data-number="209" title="Description of scope of specification"></p>
</section>
@@ -86,25 +89,41 @@
<section id="network-transaction">
<h3>Network Transaction</h3>
<p>
- A <dfn>network interaction</dfn> is the set of HTTP requests and
- responses, or any other sequence of logically related network traffic
- caused by a user visit to a single web page or similar single action.
- Page re-loads, navigation, and refreshing of content cause a new
- network interaction to commence.
+ A <dfn>network interaction</dfn> is a single HTTP request and its
+ corresponding response(s): zero or more interim (1xx) responses and
+ a single final (2xx-5xx) response.
</p></section>
+ <section id="user-action">
+ <h3>User Action</h3>
+ <p>
+ A <dfn>user action</dfn> is a deliberate action by the user, via
+ configuration, invocation, or selection, to initiate a network
+ interaction. Selection of a link, submission of a form, and reloading
+ a page are examples of user actions.
+ </p></section>
+
+ <section id="subrequest">
+ <h3>Subrequest</h3>
+ <p>
+ A <dfn>subrequest</dfn> is any network interaction that is not directly
+ initiated by user action. For example, an initial response in a hypermedia
+ format that contains embedded references to stylesheets, images, frame
+ sources, and onload actions will cause a browser, depending on its
+ capabilities and configuration, to perform a corresponding set of automated
+ subrequests to fetch those references using additional network interactions.
+ </p></section>
+
<section id="party">
<h3>Party</h3>
<p>
- A <dfn>party</dfn> is any commercial, nonprofit, or governmental
- organization, a subsidiary or unit of such an organization, or a
- person. For unique corporate entities to qualify as a common party
- with respect to this document, those entities MUST be commonly owned
- and commonly controlled and MUST provide easy discoverability of
- affiliate organizations. A list of affiliates MUST be available
- through a single user interaction from each page, for example, by
- following a single link, or through a single click.
- </p></section>
+ A <dfn>party</dfn> is a natural person, a legal entity, or a set
+ of legal entities that share common owner(s), common controller(s),
+ and a group identity that is easily discoverable by a user. Common
+ branding or providing a list of affiliates that is available via a
+ link from a resource where a party describes DNT practices are examples
+ of ways to provide this discoverability.
+ </p></section>
<section id="service-provider">
<h3>Service Provider</h3>
@@ -128,45 +147,29 @@
<section id="first-party">
<h3>First Party</h3>
<p>
- In the context of a specific network interaction, the <dfn>first
- party</dfn> is the party with which the user intentionally interacts.
- In most cases on a traditional web browser, the first party will be
- the party that owns and operates the domain visible in the address
- bar.
- </p>
- <p>
- The party that owns and operates or has control over a branded or
- labeled embedded widget, search box, or similar service with which a
- user intentionally interacts is also considered a first party. If a
- user merely mouses over, closes, or mutes such content, that is not
- sufficient interaction to render the party a first party.
- </p>
- <p id="multiple-first-parties">
- In most network interactions, there will be only one first party with
- which the user intends to interact. However, in some cases, a resource
- on the Web will be jointly operated by two or more parties, and a user
- would reasonably expect to communicate with all of them by accessing
- that resource. User understanding that multiple parties operate a
- particular resource can, for example, be accomplished through
- inclusion of multiple parties' brands in a domain name, or prominent
- branding on the resource indicating that multiple parties are
- responsible for content or functionality on the resource with which a
- user reasonably would expect to interact by accessing the resource.
- Simple branding of a party, without more, will not be sufficient to
- make that party a first party in any particular network interaction.
+ Within the context of a given user action, a <dfn>first party</dfn>
+ is a party with which the user intends to interact, via one or more
+ network interactions, as a result of making that action. Merely
+ hovering over, muting, pausing, or closing a given piece of content
+ does not constitute a user's intent to interact with another party.
+
+ In some cases, a resource on the Web will be jointly controlled by
+ two or more distinct parties. Each of those parties is considered a
+ first party if a user would reasonably expect to communicate with all
+ of them when accessing that resource. For example, prominent co-branding
+ on the resource might lead a user to expect that multiple parties are
+ responsible for the content or functionality.
</p>
- <p class="issue" data-number="10" title="What is a first party?"></p>
+ <!-- <p class="issue" data-number="10" title="What is a first party?"></p> -->
</section>
<section id="third-party">
<h3>Third Party</h3>
<p>
- A <dfn>third party</dfn> is any party other than a first party,
- service provider, or the user.
- </p>
- <p>
- Whether a party is a first or third party is determined within and
- limited to a specific network interaction.
+ For any data collected as a result of one or more network interactions
+ resulting from a user's action, a <dfn>third party</dfn> is any party
+ other than that user, a first party for that user action, or a service
+ provider acting on behalf of either that user or that first party.
</p></section>
<section id="deidentified">
@@ -193,33 +196,30 @@
<section id="tracking">
<h3>Tracking</h3>
<p>
- <dfn>Tracking</dfn> is the retention or use, after a network
- interaction is complete, of data that are, or can be,
- associated with a specific user, user agent, or device.
+ <dfn>Tracking</dfn> is the collection of data regarding a particular user's activity
+ across multiple distinct contexts and the retention, use, or sharing of data derived
+ from that activity outside the context in which it occurred.
</p>
- <p class="issue" data-number="5" title="What is the definition of tracking?"></p>
+ <!-- <p class="issue" data-number="5" title="What is the definition of tracking?"></p> -->
<p class="issue" data-number="119" title="Specify 'not tracking' or 'None'">This draft does not specify any separate definition for "not tracking".</p>
+ <p class="issue" data-number="240" title="Do we need to define context"></p>
</section>
<section id="collection">
- <h3>Collect, Retain, Use, Share</h3>
+ <h3>Collect, Use, Share, Facilitate</h3>
<p id="def-collection">
- A party <dfn>collects</dfn> data if it receives the data and either shares
- the data with other parties or stores the data for more than a
- transient period.
- </p>
- <p>
- A party <dfn>retains</dfn> data if data remains within a party's
- control beyond the scope of the current network interaction.
- </p>
- <p>
- A party <dfn>uses</dfn> data if the party processes the data for any
- purpose other than either storage or merely forwarding it to another party.
- </p>
- <p>
- A party <dfn>shares</dfn> data if the party enables another party to
- receive or access that data.
+ A party <dfn>collects</dfn> data received in a network interaction if that data
+ remains within the party’s control after the network interaction is complete.<br><br>
+
+ A party <dfn>uses</dfn> data if the party processes the data for any purpose
+ other than storage or merely forwarding it to another party.<br><br>
+
+ A party <dfn>shares</dfn> data if it transfers or provides a copy of data to
+ any other party.<br><br>
+
+ A party <dfn>facilitates</dfn> any other party’s collection of data if it enables
+ such party to collect data and engage in tracking.
</p>
- <p class="issue" data-number="16" title="What does it mean to collect data? (caching, logging, storage, retention, accumulation, profile etc.)"></p>
+ <!-- <p class="issue" data-number="16" title="What does it mean to collect data? (caching, logging, storage, retention, accumulation, profile etc.)"></p> -->
</section>
<section id="graduated-response">
<h3>Graduated Response</h3>
Received on Thursday, 16 January 2014 22:10:52 UTC