- From: Jonathan Robert Mayer <jmayer@stanford.edu>
- Date: Wed, 4 Jan 2012 15:42:17 -0800 (PST)
- To: David Singer <singer@apple.com>
- Cc: "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
- Message-Id: <B4460444-0E4A-4AB6-B7BF-B7F5D8BA8582@stanford.edu>
Thanks for taking notes. Tom and I will revise the text to incorporate what we heard on today's call. Much of the focus was on the edge cases of mashups and inadvertantly embedded content - which strongly suggests to me that we're very close to consensus. The two outstanding high-level concerns that I recall are: 1) Are the standards we provide workable in practice? I believe close calls will be very rare, and only companies gaming the margin would have to consider surveying users. Heather was less sure. Heather, could you suggest a few common use cases that lead to a difficult analysis under the draft's standards? 2) Shane suggested (and a few supported) moving to a user-is-able-to-discover-information standard for what's a party and what's a first or third party. Shane, could you briefly sketch what this standard might look like and give a few examples where it would work a different result from our user expectations standard? Jonathan On Jan 4, 2012, at 1:27 PM, David Singer <singer@apple.com> wrote: > Here are my comments/suggestions, after this morning's call. > > 1) section 2.1. Make clear that the user is a party, or specifically say that the definition defines parties that may be 1st or 3rd. > also raise an issue for a clear definition of what falls into the 2nd party?? (e.g. software or other agents acting on the user's behalf??) > > 2) section 2.1. Consider adding the condition that two separate legal entities cannot be considered a single party (in our context). > > 3) section 2.1. Add an issue that we may want to strengthen the definition to the point where it is testable. > > 4) section 4.1. Make the definitions of what is a 1st party a list of conditions, all of which apply. > > 5) section 4.1. Add to the list of conditions: > a) the user must be directly aware of the existence and identity of a separate entity, prior to their interaction. > b) the user's makes an independent choice to communicate/interact with the entity. > > Counter-examples to (a) are a weather or other widget with no obvious branding or other evidence to show it came from another organization or entity; the user is not aware of a separate identity behind it. > Counter-examples to (b) are where sites are mash-ups of unpredictable sources; the user, by visiting the mash-up, chose only the mashing site as the first party; until the user interacts further, the mashed sites are third parties (and rule (a) applies as well - the user must be aware that they are mashed in, and not sourced by the mashing site). > > > > > On Dec 22, 2011, at 15:25 , Jonathan Mayer wrote: > >> Tom and I have worked for several weeks on a comprehensive draft of the sections delineating first parties and third parties. We attempted to reflect the approaching-consensus discussion at Santa Clara and on the email list. Our draft includes both operative standards language and non-normative explanation and examples. The text is formatted with the W3C template to better resemble how it would appear in the final document; please note that this is not an Editor's Draft (as the template might suggest). >> >> Jonathan >> >> <parties-draft-jm-tl.html> >> > > David Singer > Multimedia and Software Standards, Apple Inc. >
Received on Wednesday, 4 January 2012 23:45:28 UTC