Re: Draft Text on First Parties and Third Parties (ACTION-34, ISSUE-10, ISSUE-26, ISSUE-88)

Thanks for taking notes. Tom and I will revise the text to incorporate what we heard on today's call. Much of the focus was on the edge cases of mashups and inadvertantly embedded content - which strongly suggests to me that we're very close to consensus.

The two outstanding high-level concerns that I recall are:

1) Are the standards we provide workable in practice? I believe close calls will be very rare, and only companies gaming the margin would have to consider surveying users. Heather was less sure. Heather, could you suggest a few common use cases that lead to a difficult analysis under the draft's standards?

2) Shane suggested (and a few supported) moving to a user-is-able-to-discover-information standard for what's a party and what's a first or third party. Shane, could you briefly sketch what this standard might look like and give a few examples where it would work a different result from our user expectations standard?

Jonathan

On Jan 4, 2012, at 1:27 PM, David Singer <singer@apple.com> wrote:

> Here are my comments/suggestions, after this morning's call.
> 
> 1) section 2.1.  Make clear that the user is a party, or specifically say that the definition defines parties that may be 1st or 3rd.
>   also raise an issue for a clear definition of what falls into the 2nd party?? (e.g. software or other agents acting on the user's behalf??)
> 
> 2) section 2.1.  Consider adding the condition that two separate legal entities cannot be considered a single party (in our context).
> 
> 3) section 2.1.  Add an issue that we may want to strengthen the definition to the point where it is testable.
> 
> 4) section 4.1.  Make the definitions of what is a 1st party a list of conditions, all of which apply.
> 
> 5) section 4.1.  Add to the list of conditions:
>   a) the user must be directly aware of the existence and identity of a separate entity, prior to their interaction.
>   b) the user's makes an independent choice to communicate/interact with the entity.
> 
> Counter-examples to (a) are a weather or other widget with no obvious branding or other evidence to show it came from another organization or entity; the user is not aware of a separate identity behind it.
> Counter-examples to (b) are where sites are mash-ups of unpredictable sources; the user, by visiting the mash-up, chose only the mashing site as the first party; until the user interacts further, the mashed sites are third parties (and rule (a) applies as well - the user must be aware that they are mashed in, and not sourced by the mashing site).
> 
> 
> 
> 
> On Dec 22, 2011, at 15:25 , Jonathan Mayer wrote:
> 
>> Tom and I have worked for several weeks on a comprehensive draft of the sections delineating first parties and third parties.  We attempted to reflect the approaching-consensus discussion at Santa Clara and on the email list.  Our draft includes both operative standards language and non-normative explanation and examples.  The text is formatted with the W3C template to better resemble how it would appear in the final document; please note that this is not an Editor's Draft (as the template might suggest).
>> 
>> Jonathan
>> 
>> <parties-draft-jm-tl.html>
>> 
> 
> David Singer
> Multimedia and Software Standards, Apple Inc.
> 

Received on Wednesday, 4 January 2012 23:45:28 UTC