Re: Third parties should not pretend to be first parties

This brings in a wholesale set of outside data practices for targeting, I presume.  With DNT:1 enabled, it should limit what outside data sources can be used by first parties.  


Jeffrey Chester
Center for Digital Democracy
1621 Connecticut Ave, NW, Suite 550
Washington, DC 20009
www.democraticmedia.org
www.digitalads.org
202-986-2220

On Feb 29, 2012, at 7:58 PM, Roy T. Fielding wrote:

> On Feb 29, 2012, at 4:10 PM, Tom Lowenthal wrote:
> 
>> The aim is to prohibit anyone who isn't a first party from using the
>> first-party options in the URI/Tk header, which even outsourced service
>> providers shouldn't do. Perhaps we should add more detail to the
>> outsourcing exception to deal with this case?
> 
> I've never understood why outsourced services should be considered
> a different party if they adhere to the "acting as a first-party"
> constraints.  They are, by contract and by practice and by view
> of the user, the same party -- the only reason they differ at all
> is because of the ownership/control definition in first-party.
> If we just add outsourcing (or data processor) to the first-party
> definition, we are done.
> 
> ....Roy
> 
> 

Received on Thursday, 1 March 2012 01:05:18 UTC