Re: Issue-17, Issue-51 First party obligations

to my mind the first party should not be using any third party data for
targeting in a DNT-on context, and I thought that was stated elsewhere in
the email chain, though I can go back and check.




On Tue, Nov 29, 2011 at 12:26 PM, David Wainberg <dwainberg@appnexus.com>wrote:

>  This raises an interesting issue with how this is going to work. If the
> user engaged DNT after the data was collected, we probably have consensus
> that prior collected data should not be used. However, if the user had DNT
> at the time the data was collected, but granted an exception to DNT, the
> data is ok to be used. The problem is, how does the 1st party know the
> difference? It will fall on the 3rd party to honor the user's choices, and
> the 1st party will have to trust them.
>
>
>
> On 11/29/11 9:50 AM, Jeffrey Chester wrote:
>
> If a DNT system is to work, it must address how first party sites
> incorporate third party data and also use ad exchanges.  If a user has said
> they do not want to be tracked via a third party data service, such as
> eXelate, BlueKai or Experian (for example) then such user data should not
> be automatically imported or used by the First party site.  Sites
> increasingly mix in-house data with third party targeting data.  A user
> should have reasonable control of this process under DNT.
>
>
>
>   Jeffrey Chester
>  Center for Digital Democracy
> 1621 Connecticut Ave, NW, Suite 550
> Washington, DC 20009
>  www.democraticmedia.org
>
>  On Nov 28, 2011, at 7:59 PM, JC Cannon wrote:
>
>   John,****
> ** **
> I believe we are already in agreement that DNT will not apply to 1st party
> sites. I understand the need to clarify that 3rd-party sharing will be
> limited to certain exceptions, but I don’t want to revisit something we
> have already agreed on.****
> ** **
>  JC****
> Twitter <http://twitter.com/jccannon7>****
>  ** **
>  *From:* John Simpson [mailto:john@consumerwatchdog.org<john@consumerwatchdog.org>
> ]
> *Sent:* Monday, November 28, 2011 4:47 PM
> *To:* <public-tracking@w3.org> (public-tracking@w3.org)
> *Subject:* Issue-17, Issue-51 First party obligations****
>  ** **
> Colleagues,****
>  ** **
>  I've been thinking a bit more about the idea of "1st Party" obligations
> if we use the frame of a 1st Party and 3rd Party distinction.  It seems
> clear to me that there is consensus that the 1st Party must not share data
> (some will say there are exceptions) with a 3rd party when DNT is enabled.
> ****
>  ** **
>  It does seem to me there are further obligations.  When I go to a 1st
> party  site and interact with it, I assume it is using my information for
> that transaction.  If I****
>  have DNT enabled, I don't have ANY expectation that it will continue to
> use that information beyond that transaction.  The site should ask me if it
> can continue to store the information and use it beyond that specific visit
> to the site.****
>  ** **
>  In other words from my perspective as a user, a 1st Party site should
> treat me as if I had cleared all my cookies the next time I visit the site
> if I have DNT enabled.****
>  ** **
>  When DNT is enabled, a 1st party should treat each session with a user
> as an entirely new session unless it has been given permission to store his
> information and use it again.****
>  ** **
>  73s,****
>  John****
>   ----------****
>  John M. Simpson****
>  Consumer Advocate****
>  Consumer Watchdog****
>  1750 Ocean Park Blvd. ,Suite 200****
>  Santa Monica, CA,90405****
>  Tel: 310-392-7041****
>  Cell: 310-292-1902****
>  www.ConsumerWatchdog.org****
>  john@consumerwatchdog.org****
>   ** **
>
>
>


-- 
Sean Harvey
Business Product Manager
Google, Inc.
212-381-5330
sharvey@google.com