W3C home > Mailing lists > Public > public-tracking@w3.org > July 2012

Re: Frequency Capping

From: Jonathan Mayer <jmayer@stanford.edu>
Date: Fri, 13 Jul 2012 10:33:43 -0700
To: JC Cannon <jccannon@microsoft.com>
Cc: Tamir Israel <tisrael@cippic.ca>, Shane Wiley <wileys@yahoo-inc.com>, "Roy T. Fielding" <fielding@gbiv.com>, Peter Eckersley <peter.eckersley@gmail.com>, W3C DNT Working Group Mailing List <public-tracking@w3.org>
Message-ID: <EFB9E377DAD04D9CBA072BBF6D027B0C@gmail.com>
As I explained in Bellevue: We've heard from some participants that they can't live without certain business functionality (e.g. frequency capping), and we've heard from other participants that they can't live with certain privacy properties (e.g. ID cookies).  The only remaining solution space is privacy-preserving technologies.  I recognize that's an uncomfortable space—especially for the members of the group who don't have an engineering background.  But if we're going to get Do Not Track done, it's the space we have to explore.

Jonathan


On Friday, July 13, 2012 at 9:57 AM, JC Cannon wrote:

>  
> I don’t feel the purpose of this group is to find technical solutions to each DNT-related privacy issue. There are other groups that can do that. I would hope that we can hammer out the permitted uses list and move on to the next challenge. December will be here soon and I’m hoping for a nice Christmas present. Maybe a pony. J
>  
>  
>   
>  
>  
> JC
>  
>  
>   
>  
>  
> From: Tamir Israel [mailto:tisrael@cippic.ca]  
> Sent: Friday, July 13, 2012 9:33 AM
> To: JC Cannon
> Cc: Shane Wiley; Roy T. Fielding; Peter Eckersley; W3C DNT Working Group Mailing List
> Subject: Re: Frequency Capping
>  
>  
>  
>  
>   
>  
>  
> On 7/13/2012 12:20 PM, JC Cannon wrote:  
>  
>  
> It is not practical to expect many consumers to go through and manage a list of third-party sites. Even the small number of educated users won’t understand all the third parties on a site. Consumers have to feel that when they visit a third-party site that their privacy will be protected and if not, that they have some recourse to address any harm.
>  
>  
>  
> That too : )
>  
>  
>  
>  
>  
>   
>  
>  
> Moreover, I feel we should be addressing whether or not frequency capping is a permitted use and not spending time trying to design it in this working group.
>  
>  
>  
> JC -- I personally don't think it should be a permitted use, primarily because it allows for the possibility of 'tracking' in scenarios where a user has expressed their desire not to be tracked. Some others have expressed strongly their impression that some form of F-capping is necessary even in a DNT-1 state. The hope is that there is a technical solution to resolve this impasse.
>  
> Best,
> Tamir
>  
>  
>  
>  
>  
>   
>  
>  
> JC
>  
>  
>   
>  
>  
> From: Tamir Israel [mailto:tisrael@cippic.ca]  
> Sent: Friday, July 13, 2012 9:01 AM
> To: Shane Wiley
> Cc: Roy T. Fielding; Peter Eckersley; W3C DNT Working Group Mailing List
> Subject: Re: Frequency Capping
>  
>  
>  
>  
>   
>  
>  
> Shane,
>  
> Your brick and mortar example to me highlights very precisely the problem here. The fact that Walmart chooses to carry Raisin Bran in addition to Lucky Charms (no accounting for taste : P) does not initiate any type of interaction between me and Raisin Bran. Just between me and Walmart and, if I'm hungry as I walk past the cereal section, me and Lucky Charms.
>  
> My expression of 'do not track me' should be able to encompass this type of model.
>  
> So, I should be able to say: I don't want to be tracked by anyone, but I'll grant an exception to yahoo and adobe (because I trust them), but not to 'financial-credit-profile-builder' (because I don't trust them). Making a list of third parties easily discoverable won't quite get us there because it targets the first party, whereas the potential bad behaviour and incentives need to be applied to the third parties. Therefore: a.) there is no way for me to communicate to the first party that my problem isn't with 98% of the third parties they're using to monetize, but only with x and y; and b.) there will not be any competitive pressures on particular servers to behave well (maintain anonymous cookie ID, for example).
>  
> Best,
> Tamir
>  
> On 7/12/2012 4:19 PM, Shane Wiley wrote:  
>  
> Tamir,
>   
> You've interacted with those 3rd parties as a part of your interaction with the 1st party -- as that 1st party has partnered with those 3rd parties to provide its services to you (monetization, analytics, content, widgets, etc.).  If a 1st party is transparent about those 3rd parties it works with (and/or highly discoverable through already existing web browser tools), is it fair to say you still have a choice at that point to decide to continue to interact with that 1st party?  If you disagree with a 3rd party's ability to maintain an anonymous cookie ID in relationship to the services its providing to the 1st party, you do not need to interact with that 1st party.  The choice is yours.
>   
> If there were true "harms" involved, then you may look at this through a slight different lens, but that has yet to be established.
>   
> To use a brick-n-mortar example, you do not have a right to require Wal-Mart carry a specific brand of cereal you may really like (your desire vs. their business obligation).  If you're unhappy with Wal-Mart due to this choice, you can decide to not shop at Wal-Mart.
>   
> - Shane
>   
> -----Original Message-----
> From: Tamir Israel [mailto:tisrael@cippic.ca]  
> Sent: Thursday, July 12, 2012 12:56 PM
> To: Roy T. Fielding
> Cc: Peter Eckersley; W3C DNT Working Group Mailing List
> Subject: Re: Frequency Capping
>   
> On 7/12/2012 3:12 PM, Roy T. Fielding wrote:
> > Yes, and it has been rejected many times because the ID cookies are
> > used by other features that won't be turned off by DNT.
>  
>   
> Not so. I have never interacted and have no relationship with third  
> party server X. Why does it need to be able to identify me in any way?
>   
>  
>  
>  
Received on Friday, 13 July 2012 17:34:09 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:44:53 UTC