W3C home > Mailing lists > Public > public-tracking@w3.org > October 2011

RE: Proposed definition of 1st parties

From: Shane Wiley <wileys@yahoo-inc.com>
Date: Wed, 26 Oct 2011 11:28:18 -0700
To: Matthias Schunter <mts@zurich.ibm.com>
CC: "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <63294A1959410048A33AEE161379C8023D034FEF73@SP2-EX07VS02.ds.corp.yahoo.com>
I find the simpler "1st Party" vs. "3rd Party" distinction easier to work around versus adding a net new designation of "Affiliate" that may not be equal to either of those conditionally.  I would rather a stance of "An Affiliate will be considered a 1st party in the following situations: common branding, common privacy policy, common TOS control, [etc.] and is a considered a 3rd party in all other situations".

- Shane

-----Original Message-----
From: Matthias Schunter [mailto:mts@zurich.ibm.com] 
Sent: Wednesday, October 26, 2011 10:57 AM
To: Shane Wiley
Cc: public-tracking@w3.org
Subject: Re: Proposed definition of 1st parties

Hi Shane,


my purpose was to define the terms
 FIRST_PARTY
 AFFILIATE

In a separate discussion, we need to define what subset of the
'relaxed requirements' that we define for FIRST PARTIES should also
hold for the AFFILIATEs. Currently, I assumed that both fall under the
same relaxations. However, we may find cases where both groups should
be handled differently.


Regards,
matthias




On 10/26/2011 7:38 PM, Shane Wiley wrote:
> Matthias,
> 
> I agree with the proposal if FIRST PARTIES = AFFILIATES in this definition.  That appears to be "open" from the language below:
> 
> A FIRST PARTY MUST be able to reliably determine that
>  - The user has explicitly visited a web-site of this party
>  - That the user has consciously and willingly interacted with it
> 
> An AFFILIATE MUST be able to reliably determine
>  [criteria defined elsewhere: suggestions were
>    - co-branding
>    - co-ownership
>    - same origin...]
> 
> All other parties SHOULD be considered THIRD PARTY.
> 
> - Shane
> 
> Shane Wiley
> VP, Privacy & Data Governance
> Yahoo!
> 
> -----Original Message-----
> From: public-tracking-request@w3.org [mailto:public-tracking-request@w3.org] On Behalf Of Matthias Schunter
> Sent: Wednesday, October 26, 2011 10:25 AM
> To: public-tracking@w3.org
> Subject: Proposed definition of 1st parties
> 
> Hi Folks,
> 
> 
> enclosed is the proposal on a definition of 1st parties as indicated
> on the call.
> 
> An assumption is that FIRST PARTIES and AFFILIATES will later need to
> satisfy relaxed requirements compared to THIRD PARTIES.
> 
> The goals of the def are:
>  - Not to fix the mechanisms.
>  - To put the burden of proof/implementation/mechanism/design
>    on the parties that want to fall under the exemptions.
> 
> 
> Regards,
> matthias
> 
> 
> A FIRST PARTY MUST be able to reliably determine that
>  - The user has explicitly visited a web-site of this party
>  - That the user has consciously and willingly interacted with it
> 
> An AFFILIATE MUST be able to reliably determine
>  [criteria defined elsewhere: suggestions were
>    - co-branding
>    - co-ownership
>    - same origin...]
> 
> All other parties SHOULD be considered THIRD PARTY.
> 
> 

-- 
Dr. Matthias Schunter, MBA
IBM Research - Zurich, Switzerland
Ph. +41 (44) 724-8329,  schunter(at)acm.org
PGP 989A A3ED 21A1 9EF2 B005 8374 BE0E E10D
VCard: http://www.schunter.org/schunter.vcf
Received on Wednesday, 26 October 2011 18:28:49 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:44:41 UTC