RE: Issue-39: Tracking of Geographic Data

Tom,

I'm fine with this text (especially the reverse IP address look-up example) but want to call-out a possible hole in the logic.  For a party to have access to precise geo-location data (Zip4 or GPS) the user would have already given permission to this type of data collection/use (either directly in a declared form for Zip4 or via a mobile OS permission for mobile scenarios).  This permission would trump DNT as an "out of band" permission.  I would ask that we add a statement to this reality but wanted to check my logic with you first prior to offering draft text.

Thoughts?

- Shane

-----Original Message-----
From: Tom Lowenthal [mailto:tom@mozilla.com] 
Sent: Friday, February 03, 2012 6:34 PM
To: Lauren Gelman
Cc: Justin Brookman; public-tracking@w3.org
Subject: Re: Issue-39: Tracking of Geographic Data

ACTION-65 ISSUE-39

Proposed text. Compare with text currently in
[S-4.1.2](http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance.html#third-party-compliance)

~~~~
### Compliance by a third party {#third-party-compliance}

If the operator of a third-party domain receives a communication to which a [DNT-ON] header is attached:

1. that operator MUST NOT collect or use information related to that communication outside of the explicitly expressed exceptions as defined within this standard; 2. that operator MUST NOT use information about previous communications in which the operator was a third party, outside of the explicitly expressed exceptions as defined within this standard; 3. that operator [MUST NOT or SHOULD NOT] retain information about previous communications in which the operator was a third party, outside of the explicitly expressed exceptions as defined within this standard.

#### Non-Normative Discussion

It is acceptable to use data sent as part of this particular network interaction when composing a response to a [DNT-ON] request, but it is not acceptable to store that data any longer than needed to reply. For instance, it would be appropriate to use an IP address to guess which country a user is in, to avoid showing them an advertisement for products or services unavailable where they live.

When using request-specific information to compose a reply, some levels of detail may feel invasive to users, and may violate their expectations about Do Not Track. These sorts of detailed assessments should be avoided.

*Reasonable behavior*: A user visits you from an IP address which a general geo-IP database suggests is in the NYC area, where it is 6pm on a Friday. You choose to show an advertisement for theaters and restaurants in the area.

*Invasive behavior*: A user visits you from an IP address which suggests that they are in a particular ZIP+4, which has a distinctive demographic profile. Their user-agent indicates that they are a Mac user, further narrowing their expected profile. You serve them an ad for business within a few blocks of them which specializes in items which their expected profile indicates they may enjoy.

In this example, even though the decision about which ad to serve was based exclusively on request specific information, but was still tailored to a highly-specific user profile. In particular, the estimation of a user's location to within a single ZIP+4 may make a user feel that they are being followed closely, even if the decision was made on the fly, and the information was only held ephemerally.

~~~

Received on Monday, 6 February 2012 15:41:38 UTC