W3C home > Mailing lists > Public > public-tracking@w3.org > January 2012

Re: diff of TPE editing since the FPWD

From: Sean Harvey <sharvey@google.com>
Date: Wed, 11 Jan 2012 17:41:46 -0500
Message-ID: <CAFy-vuejXfjLoiKNZ=Hju6bCYNu=k_ZL0enpuakO7C14R2eGaw@mail.gmail.com>
To: Jonathan Mayer <jmayer@stanford.edu>
Cc: Rigo Wenning <rigo@w3.org>, Kevin Smith <kevsmith@adobe.com>, Jeffrey Chester <jeff@democraticmedia.org>, "public-tracking@w3.org" <public-tracking@w3.org>, "Roy T. Fielding" <fielding@gbiv.com>
As I step back and think about it for a moment I feel that the potential
ambiguities around the definition of "cross site tracking" might be less
intractable than those around "first and third party" which is where we've
gotten into a tangle over the past weeks.

Among the many complexities that we've encountered in this respect are that
third party domains are often merely software tool used by first parties,
and that first parties have to be restricted from sharing their data with
third parties. All of this is addressed & defined more cleanly in a "cross
site tracking" paradigm. A good "cross site" definition could simplify
things greatly, close potential loopholes for first parties and build
greater consensus.

Correct me if i'm wrong, but I believe the consensus of the group early on
was to focus on cross-site tracking; part of the problem in definitions
seems to be that we aren't being clear about that.





On Wed, Jan 11, 2012 at 4:37 PM, Jonathan Mayer <jmayer@stanford.edu> wrote:

> I think there's a language ambiguity here.  Some consider "cross-site
> tracking" to be about correlating user actions on unrelated websites.
>  Others consider "cross-site tracking" to be about information practices by
> third-party websites.  In light of the ambiguity, I'd support dropping the
> term from the Preference Expression document and replacing it with
> something more neutral.
>
> Moreover, at a higher level, I don't think compliance policy questions
> belong in that document.  Preference Expression should be a technical
> vehicle for whatever Compliance and Scope specifies - no more and no less.
>  I would support clarifying that principle in the documents and trimming
> the lengthy policy-based introduction from the Preference Expression
> document.
>
> I am very sensitive to Roy's and Kevin's concern that the group not move
> away from its consensus that this standard will impose (almost) no limits
> on first-party conduct.  I believe the current proposals for Compliance and
> Scope accurately reflect that consensus.  To the extent they don't,  debate
> should be held in the context of that document, not surrounding an
> ambiguous turn of phrase elsewhere.
>
> Jonathan
>
> On Jan 11, 2012, at 11:46 AM, Rigo Wenning wrote:
>
> > Kevin,
> >
> > can you explain cross-site tracking by first parties to me? I just point
> out
> > the logic break here. Either we talk about first vs third parties or we
> solely
> > scope the entire exercise and scope to "cross-site tracking".
> >
> > Rigo
> >
> > On Wednesday 11 January 2012 11:13:08 Kevin Smith wrote:
> >> Actually, at least in the early meetings, I believe we had near
> consensus
> >> that the objective of this working group would be focused around
> cross-site
> >> tracking (despite a somewhat confusing name of DNT).  Most of the
> current
> >> issues and discussions are reflective of this direction - such as
> defining
> >> affiliates, 1st vs 3rd parties, and exceptions to when cross-site
> tracking
> >> are permissible such as rate frequency capping.
> >>
> >> If that is still true, I think it's imperative to have it spelled out
> as Roy
> >> has done in the doc to avoid as much confusion as possible.
> >
>
>
>


-- 
Sean Harvey
Business Product Manager
Google, Inc.
212-381-5330
sharvey@google.com
Received on Wednesday, 11 January 2012 22:50:04 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:38:30 UTC