This brings in a wholesale set of outside data practices for targeting, I presume. With DNT:1 enabled, it should limit what outside data sources can be used by first parties.
Jeffrey Chester
Center for Digital Democracy
1621 Connecticut Ave, NW, Suite 550
Washington, DC 20009
www.democraticmedia.org
www.digitalads.org
202-986-2220
On Feb 29, 2012, at 7:58 PM, Roy T. Fielding wrote:
> On Feb 29, 2012, at 4:10 PM, Tom Lowenthal wrote:
>
>> The aim is to prohibit anyone who isn't a first party from using the
>> first-party options in the URI/Tk header, which even outsourced service
>> providers shouldn't do. Perhaps we should add more detail to the
>> outsourcing exception to deal with this case?
>
> I've never understood why outsourced services should be considered
> a different party if they adhere to the "acting as a first-party"
> constraints. They are, by contract and by practice and by view
> of the user, the same party -- the only reason they differ at all
> is because of the ownership/control definition in first-party.
> If we just add outsourcing (or data processor) to the first-party
> definition, we are done.
>
> ....Roy
>
>