- From: Roy T. Fielding <fielding@gbiv.com>
- Date: Sun, 4 Mar 2012 15:36:02 -0800
- To: Tracking Protection Working Group WG <public-tracking@w3.org>
Color me frustrated. The definition for tracking provided in the
Compliance document is not distinguishable from any request to a
third-party site while rendering a page, nor does it reflect what
a common user's expectation would be for that term, nor does it
reflect any of the regulatory descriptions of the term.
Here is the current definition:
=========
3.7 Tracking
Tracking is the collection or use of user data via either a
unique identifier or a correlated set of data points being
used to approximate a unique identifier, in a context other
than "first party" as defined in this document. This includes:
• a party collecting data across multiple websites,
even if it is a first party in one or more (but not all)
of the multiple contexts
• a third party collecting data on a given website
• a first party sharing user data collected from a DNT-on
user with third parties "after the fact".
Examples of tracking use cases include:
• personalized advertising
• cross-site analytics or market research that has not been de-identified
• automatic preference sharing by social applications
=========
The WG needs a definition that only applies to the act of tracking,
since otherwise the entire Web (every image, CDN, stylesheet, etc.)
is a false positive. The WG needs a definition that is specific and
consistent with user expectations, since otherwise "allow tracking"
fails as a mechanism for consent.
Here is my proposed replacement text:
=========
Tracking is defined as following or identifying a user, user agent,
or device across multiple visits to a site (time) or across multiple
sites (space).
Mechanisms for performing tracking include but are not limited to:
• assigning a unique identifier to the user, user agent, or device
such that it will be conveyed back to the server on future visits;
• personalizing references or referral information such that they will
convey the user, user agent, or device identity to other sites;
• correlating data provided in the request with identifying data
collected from past requests or obtained from a third party; or,
• combining data provided in the request with de-identified data
collected or obtained from past requests in order to re-identify
that data or otherwise associate it with the user, user agent,
or device.
A preference of "Do Not Track" means that the user does not want
tracking to be engaged for this request, including any mechanism
for performing tracking, any use of data retained from prior tracking,
and any retention or sharing of data from this request for the purpose
of future tracking, beyond what is necessary to enable:
1) the limited exemptions defined in section XX;
2) the first-party (and third-parties acting as the first-party)
to provide the service intentionally requested by the user; and
3) other services for which the user has provided prior,
specific, and informed consent.
=========
I believe this new definition of tracking and the corresponding
definition of "Do Not Track" will allow us to move beyond the
arguments over broad exemptions and instead focus on transparency
and individual control. It allows the user to clearly state that
they don't want tracking outside the first-party context and
don't want any of the data retention/sharing effects of tracking.
The tracking status resource can convey exactly what tracking is
performed by a site, if any, for a given resource and DNT value,
including what limited exemptions are applicable. Users (through
user agent choice or configuration) can decide what services to use,
or avoid, based on that transparency and not just a single on/off bit.
It separates the act of tracking from the mechanisms for doing
tracking and the kinds of data retained from tracking. The former
is far easier to define in general, and the latter two will change
over time as technologies change.
It allows a first-party service (including its outsourced
contractors) to perform the service intentionally requested
by the user, which may include personalization, analytics,
or social networking as appropriate for that service, since
otherwise a DNT enabled user would be constantly interrupted
by consent dialogs just to do what they had already requested.
A first-party might change their service upon receipt of DNT,
such as by disabling social networking features, but that is
presumed to be governed by the nature of the first-party
service and the privacy options configured directly with
that first-party.
It also recognizes that the user can provide prior consent
for some services that will override the DNT signal, via
mechanisms outside the scope of this standard, such as
for paid audience survey tracking or content-by-subscription.
Such an override, if active for the user, would be reflected
in the tracking status response.
I would like to see this new text as at least an option in
the upcoming compliance WD. Also, IMO, the definitions of
user, user agent, device, and tracking should be moved up to
the start of the first section, or the detailed explanation
of things like "first-party" moved into a later section, so
that the details don't overwhelm the purpose of this document.
Cheers,
Roy T. Fielding <http://roy.gbiv.com/>
Principal Scientist, Adobe Systems <http://adobe.com/enterprise>
Received on Sunday, 4 March 2012 23:36:25 UTC