Summary of First Party vs. Third Party Tests

(ACTION-25)

As I understand it, there are four camps on how to distinguish between first parties and third parties.

1) Domain names (e.g. public suffix + 1).

2) Legal business relationships (e.g. corporate ownership + affiliates).

3) Branding.

4) User expectations.

Here are some examples that show the boundaries of these definitions.

Example: The user visits Example Website at example.com.  Example Website embeds content from examplestatic.com, a domain controlled by Example Website and used to host static content.

Discussion: Content from the examplestatic.com domain is first-party under every test save the first.

Example: Example Website (example.com) strikes a deal with Example Affiliate (affiliate.com), an otherwise unrelated company, to share user data.  The user visits Example Website, and it embeds content from Example Affiliate.

Discussion: Content from Example Affiliate is third-party under every test save the second.

Example: Example Website embeds a widget from Example Social Aggregator.  The widget includes a prominent logo for Example Social Aggregator, though a user is unlikely to recognize it.

Discussion: Content from Example Social Aggregator is third-party under every test save the third.

Received on Saturday, 29 October 2011 05:11:54 UTC