W3C home > Mailing lists > Public > public-tracking@w3.org > October 2011

RE: Proposed definition of 1st parties

From: Shane Wiley <wileys@yahoo-inc.com>
Date: Fri, 28 Oct 2011 08:40:29 -0700
To: Jeffrey Chester <jeff@democraticmedia.org>, Matthias Schunter <mts@zurich.ibm.com>
CC: "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <63294A1959410048A33AEE161379C8023D034FF358@SP2-EX07VS02.ds.corp.yahoo.com>

For the most part I believe there is agreement on the stance you provide below.  Once a 1st party receives the DNT signal from a user they should no longer share historical or real-time information about that user's web activity with a 3rd party (with the exception where a 3rd party is working solely on the behalf of the 1st party and will not have an independent right to use this data elsewhere - for example, a 3rd party web analytics provider that silos each customer's site analytics).  

- Shane

Shane Wiley
VP, Privacy & Data Governance

-----Original Message-----
From: Jeffrey Chester [mailto:jeff@democraticmedia.org] 
Sent: Wednesday, October 26, 2011 10:48 AM
To: Matthias Schunter
Cc: public-tracking@w3.org
Subject: Re: Proposed definition of 1st parties

Apologies for entering the conversation late, and for being uninformed about the original definition.

Given that today most major first party sites have contracts with third parties--including data providers--so they can incorporate outside profiling data on their users for internal targeting (and also perhaps sell it on exchanges and through other brokers) shouldn't users be assured [via the definition] that no exchange of data is occurring between the first and third parties?

On Oct 26, 2011, at 1:25 PM, Matthias Schunter wrote:

> Hi Folks,
> enclosed is the proposal on a definition of 1st parties as indicated
> on the call.
> An assumption is that FIRST PARTIES and AFFILIATES will later need to
> satisfy relaxed requirements compared to THIRD PARTIES.
> The goals of the def are:
> - Not to fix the mechanisms.
> - To put the burden of proof/implementation/mechanism/design
>   on the parties that want to fall under the exemptions.
> Regards,
> matthias
> A FIRST PARTY MUST be able to reliably determine that
> - The user has explicitly visited a web-site of this party
> - That the user has consciously and willingly interacted with it
> An AFFILIATE MUST be able to reliably determine
> [criteria defined elsewhere: suggestions were
>   - co-branding
>   - co-ownership
>   - same origin...]
> All other parties SHOULD be considered THIRD PARTY.
> -- 
> Dr. Matthias Schunter, MBA
> IBM Research - Zurich, Switzerland
> Ph. +41 (44) 724-8329,  schunter(at)acm.org
> PGP 989A A3ED 21A1 9EF2 B005 8374 BE0E E10D
> VCard: http://www.schunter.org/schunter.vcf
Received on Friday, 28 October 2011 15:41:16 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:38:26 UTC