W3C home > Mailing lists > Public > public-tracking@w3.org > December 2011

Re: [ISSUE-5] What is the definition of tracking?

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Sun, 11 Dec 2011 02:56:48 +0100
To: Kevin Smith <kevsmith@adobe.com>
Cc: "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <6el7e717sdph7s6m9dkm143ihmetmnbmcf@hive.bjoern.hoehrmann.de>
* Kevin Smith wrote:
>I would like to revisit a previously and hotly debated subject.  It has
>been brought up and shelved many times, but I believe it is still the
>core stumbling block to our efforts to progress.

The problem is that the Working Group has so far failed to formulate its
goals. You can look at competing definitions for dnt-relevant tracking,
but you can't say one or the other is more suited to address the problem
the Working Group seeks to address as the problem remains unclear. Your
mail looks at what the goals are, but you do this by talking about the
definition of tracking. I think it's problematic to decide on the goals
by proxy through the definition of dnt-relevant tracking.

>Do Not Cross Track (DNXT henceforth) = Do not share or track data across
>unaffiliated non-commonly branded sites - again with possible
>exceptions.  In this case, exceptions would be much simpler as this
>would apply equally to both 1st and 3rd parties as neither are allowed
>to cross track - all exceptions would be true exceptions to when cross
>tracking is permissible)

Some months ago I suggested on the www-tag mailing list that it might be
easier to start the discussion with a Las Vegas definition: what you do
in one place stays there and will never be associated with what you do
in another place. That is something where I could evaluate a scenario in
some vaguely intuitive manner as it lacks the various technicalities in
your definition, but it's also rather far removed from people's worries.

>The confusion I see in almost every thread is that we *all* say DNT when 
>*most* of us mean DNXT.  In fact, we actually start with DNT but then 
>via an extensive use of increasingly complicated exceptions we change 
>the definition of DNT to mean DNXT and not refer to DNT at all.  This 
>adds a great deal of complexity to all of our decisions.  It's no wonder 
>that new participants and media alike are so confused by much of the 
>existing conversations.  I believe this discrepancy complicates nearly 
>every issue and is the source of many of the cyclical arguments that 
>seem to constantly bog us down.

If the Working Group actually formulated its goals, it would likely turn
out that there are various conflicts, and perhaps tradeoffs need to be
made, say having some exception might make dnt-compliance less meaning-
ful, but might make it easier to adopt it, so on the whole it might be a
win with respect to the group's goals, but the goals being unclear, such
arguments are largely absent so far.

>The possible privacy concern occurs if that weather widget which is 
>embedded in many different sites connects the data it records to a 
>non-siloed visitor id and uses the data collected across those sites to 
>create a profile tracking individual's surfing patterns, user interests, 
>etc.  Hence, the concern is not whether they are a 1st or 3rd party or 
>even whether they are tracking, but rather whether they are using data 
>outside of the context in which it was collected and connecting data 
>from multiple contexts to a single user.

Privacy concerns start long before somebody does something.
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 
Received on Sunday, 11 December 2011 01:57:26 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:44:42 UTC