- From: Sean Harvey <sharvey@google.com>
- Date: Tue, 29 Nov 2011 11:09:34 -0500
- To: Jeffrey Chester <jeff@democraticmedia.org>
- Cc: JC Cannon <jccannon@microsoft.com>, John Simpson <john@consumerwatchdog.org>, "<public-tracking@w3.org> (public-tracking@w3.org)" <public-tracking@w3.org>
- Message-ID: <CAFy-vucsNx-vx6F32b_6b_Eihon-Cd5kZdqm_TbA03Bp6u+=pw@mail.gmail.com>
Hi Jeff, On the point below I think you are expressing the majority opinion of the group, and that everyone is largely saying the same thing. If anyone disagrees, please speak up because this is I think the understanding the editors were under based on all of the previous discussions on the email chains and the in-person meetings. My current understanding based on the dialogue we've had thus far is that first parties are not allowed to pass DNT-on user info to a third party data provider, or leverage third party data in the customization of the ad unit for a DNT-on user. The key point is that "third party" is not limited to the "third party" that the browser sees, e.g. a third party domain relative to the web page's base URL. And in fact in some cases a "third party" may be a first party, i.e. a Facebook like button after it has been clicked/"liked". Given the extensive conversation we've had on this topic to date, I do believe this is everyone's understanding already. Please speak up if I am mistaken. With respect to Mr. Simpson's statement, I do not believe that this has been the understanding of the group to date. For example, if I as a voracious nytimes.com reader have DNT on, the consensus to date of the group had been prior to Mr. Simpson's email been that the New York Times can still know who I am, but that they cannot pass this information on to third party advertising/data partners, and that those who advertise on the New York Times are not allowed to collect my user data. I'm not suggesting we can't re-open this conversation, merely stating the status of the conversations of this committee to date. sean On Tue, Nov 29, 2011 at 9:50 AM, Jeffrey Chester <jeff@democraticmedia.org>wrote: > If a DNT system is to work, it must address how first party sites > incorporate third party data and also use ad exchanges. If a user has said > they do not want to be tracked via a third party data service, such as > eXelate, BlueKai or Experian (for example) then such user data should not > be automatically imported or used by the First party site. Sites > increasingly mix in-house data with third party targeting data. A user > should have reasonable control of this process under DNT. > > > > Jeffrey Chester > Center for Digital Democracy > 1621 Connecticut Ave, NW, Suite 550 > Washington, DC 20009 > www.democraticmedia.org > > On Nov 28, 2011, at 7:59 PM, JC Cannon wrote: > > John,**** > ** ** > I believe we are already in agreement that DNT will not apply to 1st party > sites. I understand the need to clarify that 3rd-party sharing will be > limited to certain exceptions, but I don’t want to revisit something we > have already agreed on.**** > ** ** > JC**** > Twitter <http://twitter.com/jccannon7>**** > ** ** > *From:* John Simpson [mailto:john@consumerwatchdog.org] > *Sent:* Monday, November 28, 2011 4:47 PM > *To:* <public-tracking@w3.org> (public-tracking@w3.org) > *Subject:* Issue-17, Issue-51 First party obligations**** > ** ** > Colleagues,**** > ** ** > I've been thinking a bit more about the idea of "1st Party" obligations if > we use the frame of a 1st Party and 3rd Party distinction. It seems clear > to me that there is consensus that the 1st Party must not share data (some > will say there are exceptions) with a 3rd party when DNT is enabled.**** > ** ** > It does seem to me there are further obligations. When I go to a 1st > party site and interact with it, I assume it is using my information for > that transaction. If I**** > have DNT enabled, I don't have ANY expectation that it will continue to > use that information beyond that transaction. The site should ask me if it > can continue to store the information and use it beyond that specific visit > to the site.**** > ** ** > In other words from my perspective as a user, a 1st Party site should > treat me as if I had cleared all my cookies the next time I visit the site > if I have DNT enabled.**** > ** ** > When DNT is enabled, a 1st party should treat each session with a user as > an entirely new session unless it has been given permission to store his > information and use it again.**** > ** ** > 73s,**** > John**** > ----------**** > John M. Simpson**** > Consumer Advocate**** > Consumer Watchdog**** > 1750 Ocean Park Blvd. ,Suite 200**** > Santa Monica, CA,90405**** > Tel: 310-392-7041**** > Cell: 310-292-1902**** > www.ConsumerWatchdog.org**** > john@consumerwatchdog.org**** > ** ** > > > -- Sean Harvey Business Product Manager Google, Inc. 212-381-5330 sharvey@google.com
Received on Tuesday, 29 November 2011 16:10:06 UTC