Summary of First Party vs. Third Party Tests


As I understand it, there are four camps on how to distinguish between first parties and third parties.

1) Domain names (e.g. public suffix + 1).

2) Legal business relationships (e.g. corporate ownership + affiliates).

3) Branding.

4) User expectations.

Here are some examples that show the boundaries of these definitions.

Example: The user visits Example Website at  Example Website embeds content from, a domain controlled by Example Website and used to host static content.

Discussion: Content from the domain is first-party under every test save the first.

Example: Example Website ( strikes a deal with Example Affiliate (, an otherwise unrelated company, to share user data.  The user visits Example Website, and it embeds content from Example Affiliate.

Discussion: Content from Example Affiliate is third-party under every test save the second.

Example: Example Website embeds a widget from Example Social Aggregator.  The widget includes a prominent logo for Example Social Aggregator, though a user is unlikely to recognize it.

Discussion: Content from Example Social Aggregator is third-party under every test save the third.

Received on Saturday, 29 October 2011 05:11:54 UTC