- From: イアンフェッティ <ifette@google.com>
- Date: Thu, 21 Jun 2012 12:01:48 -0700
- To: "public-tracking@w3.org Group WG" <public-tracking@w3.org>
- Message-ID: <CAF4kx8fOi782pYP9Xzc5HPGSpR_iFwfVafku4K5yboj+krFxEQ@mail.gmail.com>
Here's the slide we (MeMe+Ian) presented from our group in Thursday's f2f. Rather than re-stating everything we said in the room, I will simply point to the part of the scribed notes discussing our presentation: http://www.w3.org/2012/06/21-dnt-irc#T18-39-20 (starting where JC scribes "Meme: We decided that a flowchart was an effective way to present our work") Our scribing from the breakout small group session itself was a bit random (we tried to pull it together to the slide we presented), but for posterity it's included below. *W3C Start with a particular permitted use; third-party use of data attached to an identifier What are the responsibilities for first, third and outsourced parties? Approaches we just discussed: [10:05am] suegl left the chat room. (Ping timeout) [10:06am] efelten left the chat room. (Ping timeout) [10:06am] aleecia: No data collection [10:06am] aleecia: Aggregate at the time of collection (OPT-OUT) [10:06am] aleecia: Unidentifiable information after collection [10:06am] aleecia: Siloing of data to a specific party [10:06am] aleecia: Retention limits [10:06am] aleecia: Use limitations [10:06am] aleecia: Security [10:06am] aleecia: Billing / financial [10:06am] aleecia: Frequency capping [10:06am] aleecia: Debugging [10:06am] egrant joined the chat room. [10:06am] aleecia: Transparency [10:06am] aleecia: Internal legal / business controls [10:06am] Chapell left the chat room. (Ping timeout) [10:06am] aleecia: Internal technical controls [10:06am] justin_ left the chat room. (Ping timeout) [10:06am] aleecia: Auditing [10:06am] aleecia: Disallowing specific (hard-coded) technologies (e.g. LSOs) [10:06am] aleecia: Active v. passive collection [10:06am] vincent joined the chat room. [10:07am] aleecia: Double-keyed cookies on the browser side [10:07am] aleecia: Double-keyed cookies on the server side What are the resp of first, third, and outsource parties? looking for different approaches cxQ's to answer how well advance privacy - what are the actual concerns of users and how do each of these tools address those concerns - Profiling across the web - Uses of data that will have adverse impact (employment, insurance, credit) - Leaks of data (breach, subpoena, …) How hard to implement - small first parties - large first parties - large third parties Likely to satisfy US reg, EU reg Discussion: What are the actual harms to users? Just related to use? Discrimination, insurance, offers, etc. ND: trying to bridge with advocates, regulators, the public on collection/retention limits Bryan: Is unlinkable data actually valuable to OBA/others? valuable for analytics may not matter what the individual is re-targeting or re-messaging based on some other action from the Web but we have agreement on not doing this kind of profiling already is product improvement still possible even with non-DNT users? Nick: Is there anything we can do on collection/retention? I hear from regulators that anything we could do here would be huge. Euan: I don’t think we can do that, varies so much in the world. MeMe: Didn’t Shane’s proposal get this? Euan, Ian: Transparency, but no hard limits. Joanne Furtsch: Accountability Vincent T: Nick: User doesn’t really have a choice in terms of third parties, you don’t know what third parties will be on the site. without blocking tools, which is something we’re trying to avoid MeMe: How can third parties help? Vincent: DNT with restrictions on third parties could help MeMe: Then third parties have to do something different with the data, what exactly Nick: maybe we can convince that if data is retained for some purposes, and won’t be retained beyond X... MeMe: Is this “DNT:1 for third parties means you’re collecting only the following (limited) information Nick: Recognize data is retained and internally siloed and only used for purpose X? Ian: isn’t that shane’s proposal? Joanne: Think we’re closer on the two viewpoints, really how to get away from being overly perscriptive on permitted uses. Defining what is reasonable that will satisfy both sides. Lot of agreement around permitted uses (generally) and that data does need to be retained, devil’s in the details. Nick: for frequency capping, some companies might retain a history of where you saw an ad in order to stop showing you the same ad in Keep My Opt Outs, you’re warned that you may see the same ad more frequently, because some companies have accepted that they’ll remove an identifier that they would otherwise use for freq. capping Ian: we might remove one identifier (for behavioral marketing) but keep another identifier that we use for other purposes but many companies apparently removed the identifier they used for freq. capping Bryan: maintain identifiers within one ad network but not shared across ad networks in order to implement freq. capping across networks Euan: ad networks and ad exchanges might in some cases share data in order to implement freq. capping of a campaign across these networks Nick: and it might be possible to limit sharing this data what are the 5 FTC goals? (we call over Ed) all trackers (universal) easy to use persistent choice all forms of tracking not just do not target, but also do not collect with narrow exceptions Ian: use W3C mechanism/expression/and response and attach DAA/self-reg principles Ed: could get you many, but not Do Not Collect vs. Do Not Target MeMe: but showing the ad requires the collection Ed: there are some permitted uses, ought to be narrow/limited collection and retention shrink wrapped around those uses do you need to keep it as long just for financial logging? Ian: if I’m required by a contract to keep data for ad impression logging silo it, goes a long way towards reaching those goals Ed: fruitful discussion to have Aleecia: could have text, non-normative non-normative examples to avoid people just saying they need to keep it forever Ian: what is strictly necessary for those accounting purposes, those security purposes Joanne: parameters around which you can retain that information how to do the siloing auditing, internal controls have something collaborative with business, something that works for business the people who would lose would be outside of this room, like users want business to succeed and do something around privacy MeMe: flow-chart, show an ad that isn’t targeted (and then collection and retention only necessary for showing that ad) Euan: offline data also a concern for advocates? http://my.adobe.acrobat.com/meme*
Attachments
- application/pdf attachment: DNT_Grand_Compromise.pdf
Received on Thursday, 21 June 2012 19:02:20 UTC