- From: Rob van Eijk <rob@blaeu.com>
- Date: Thu, 11 Oct 2012 17:04:00 +0200
- To: <public-tracking@w3.org>
Hi Rachel, It would be interesting to run the same test, on a slightly changed widget that starts with a different default, i.e. users need to opt-in instead of opt-out. Do you have any nombers/results on such an approach as well? Regards, Rob Rachel Thomas schreef op 2012-10-11 16:28: > As promised, here are the links to the TRUSTe pilot I mentioned in my > note below: > > · Press Release: Consumers Find Behavioral Advertising Choices > Compelling with TRUSTe TRUSTed Ads Privacy Platform > > http://www.truste.com/about-TRUSTe/press-room/news_truste_PCH_TrustedAds_results > [20] > > · Full Results: Trusted Ads – OBA Notice and Choice > > http://www.truste.com/pdf/TRUSTe-OBA-Behavioral-Advertising-Opt-Out.pdf > [21] > > Very best, > > Rachel > > FROM: Jonathan Mayer [mailto:jmayer@stanford.edu] > SENT: Wednesday, October 10, 2012 4:43 PM > TO: Rachel Thomas > CC: Jeffrey Chester; public-tracking@w3.org > SUBJECT: Re: ACTION-267 - Propose first/third party definitions from > existing DAA documents > > Rachel, > > This information is helpful, thanks. Two quick followup questions. > > First, is the TRUSTe pilot report available somewhere? It would be > helpful to better understand the methodology and results. For > example, > it's difficult to estimate the proportion of users who clicked > through > the ad notice from the passage you provided. > > Second, about what proportion of web users are presently taking > advantage of the DAA program's choice mechanism? Again, it's hard to > get a sense from the numbers below. > > Thanks, > > Jonathan > > On Wednesday, October 10, 2012 at 12:55 PM, Rachel Thomas wrote: > >> Hi Jeff – It actually wasn’t me to whom you directed this >> question during the briefing that DMA recently hosted for you and >> other consumer groups (in conjunction with the NTIA multistakeholder >> process). You were in conversation with my colleague, Sarah Hudgins >> from IAB, who was presenting an update regarding the DAA program. >> We’re both brunettes, and you’re not the first to confuse us. J >> Regardless, I would like to correct the record regarding testing of >> the DAA program… >> >> THE DAA ICON PROGRAM IMPLEMENTATION WAS CONSUMER-TESTED PRIOR TO ITS >> LAUNCH – AND WITH VERY POSITIVE RESULTS. TRUSTe ran a pilot of the >> icon implementation (serving via a “widget” that launches from a >> clickable icon placed on adjacent to advertisements or in the >> header/footer of pages). The pilot ran for approximately six months >> in market, and was executed with Comcast.net [1] and PCHLotto.com >> [2]. TRUSTe reported positive findings in November 2011, including: >> >> 1. Consumers engaged more with Ad Notice [the icon implementation] >> outside the Privacy Policy. Over the 6 months 2.5 more people >> engaged with the ad notice than the privacy policy. >> >> 2. Consumer education, notice and choice were effective to build >> consumer trust with online behavioral advertising. During the pilot, >> over 80% of visitors did not make any changes to their preferences; >> only 1% chose to opt-out of OBA. Over 55% of feedback respondents >> found the Notice helpful. >> >> MUCH MORE COMPELLING, I WOULD ARGUE, IS THE FACT THAT – SINCE THE >> DAA PROGRAM’S LAUNCH IN 2010 – MORE THAN 16 MILLION CONSUMERS >> HAVE VISITED THE DAA SITES TO LEARN ABOUT THEIR ADVERTISING DATA >> CHOICES, AND, TO DATE, MORE THAN 1 MILLION CONSUMERS HAVE TAKEN >> ACTION TO EXERCISE THEIR CHOICE ABOUT HOW ADVERTISERS WILL USE THEIR >> DATA. >> >> Hard to argue that the design and usability of the DAA program is >> “inadequate” with 16 million consumers served to date. >> >> Very best, as always, >> >> Rachel >> >> FROM: Jeffrey Chester [mailto:jeff@democraticmedia.org [3]] >> SENT: Wednesday, October 10, 2012 11:52 AM >> TO: Thomas Roessler; Aleecia McDonald; Matthias Schunter >> CC: Rachel Thomas; Craig Spiezle; public-tracking@w3.org [4]; Kimon >> Zorbas >> SUBJECT: Re: ACTION-267 - Propose first/third party definitions from >> existing DAA documents >> >> I have to say I am dismayed that colleagues from the US online >> marketing community are trying to replace the W3C multistakeholder >> process with a system devised exclusively by the online ad industry. >> As I mentioned during last week's f2f, NGOs and other civil society >> groups across the Atlantic have criticized the DAA system as >> inadequate. Leading computer science and other researchers have also >> repeatedly shown how lacking and ineffective it is. Indeed, just two >> weeks ago in DC I asked Ms. Thomas if there had been any testing >> done for design and usability of the system--including by >> independent bodies. The answer was basically there was no such >> usability and independent review. As we all know, the user >> experience online is tested and "optimized" to move them through a >> digital data collection funnel-- in order to achieve the required >> "conversion." Until such independent testing of the DAA system to >> show that it can effectively inform and empower online users about >> their privacy choices-- in the face of a purposefully powerful and >> designed interactive experience--the W3C would be remiss adopting it >> in all or in part. >> >> In addition, yesterday's announcement by the DAA that it would, in >> essence, condone a boycott of DNT requests from users relying on the >> IE browser (or other browsers adopting privacy by design >> frameworks), suggests there is a political motivation that should be >> addressed by the group and W3C (inc. Mr. Berners-Lee). Instead of >> developing the best technical standard through expert and objective >> international standards work, we appear to now confront a political >> agenda designed to maintain the data collection and user targeting >> status quo. The W3C needs to do better than be silent about these >> recent developments. >> >> Jeffrey Chester >> >> Center for Digital Democracy >> >> 1621 Connecticut Ave, NW, Suite 550 >> >> Washington, DC 20009 >> >> www.democraticmedia.org [5] >> >> www.digitalads.org [6] >> >> 202-986-2220 >> >> On Oct 10, 2012, at 10:57 AM, Kimon Zorbas wrote: >> >> Dear all, >> >> to add some European flavour, here what we use in our OBA Framework, >> matching European law. We call First Parties "Web Site Operators". >> W3C can of course use this wording, we have the full rights to it. >> >> Third Party >> >> An entity is a Third Party to the extent that it engages in Online >> Behavioural Advertising on a web site or web sites other than a web >> site or web sites it or a an entity under Common Control owns or >> operates. >> >> Web Site Operator >> >> A Web Site Operator is the owner, controller or operator of the web >> site with which the web user interacts. >> >> Control >> >> Control of an entity means that another entity (1) holds a majority >> of the voting rights in it, or (2) is a member of it and has the >> right to appoint or remove a majority of its board of directors, or >> (3) is a member of it and controls alone, pursuant to an agreement >> with other members, a majority of the voting rights in it, or (4) >> has placed obligations upon or otherwise controls the policies or >> activities of it by way of a legally binding contract, or (5) >> otherwise has the power to exercise a controlling influence over the >> management, policies or activities of it, and “Controlled” shall >> be construed accordingly. >> >> Common Control >> >> Entities or web sites under Common Control include ones which >> Control, for example parent companies, are Controlled by, such as >> subsidiaries, or are under common Control, such as group companies. >> They also include entities that are under a written agreement to >> process data for the controlling entity or entities, and do such >> processing only for and on behalf of that entity or entities and not >> for their own purposes or on their own behalf. >> >> For other UA, we capture them through the following wording: >> >> To the extent that Companies collect and use data via specific >> technologies or practices that are intended to harvest data from all >> or substantially all URLs traversed by a particular computer or >> device across multiple web domains and use such data for OBA, they >> should first obtain Explicit Consent. >> >> Kind regards, >> >> Kimon >> >> FROM: Rachel Thomas <RThomas@the-dma.org [7]> >> DATE: Wednesday 10 October 2012 16:48 >> TO: Craig Spiezle <craigs@otalliance.org [8]>, >> "public-tracking@w3.org [9]" <public-tracking@w3.org [10]> >> SUBJECT: RE: ACTION-267 - Propose first/third party definitions from >> existing DAA documents >> RESENT-FROM: <public-tracking@w3.org [11]> >> RESENT-DATE: Wednesday 10 October 2012 16:43 >> >> Hi Craig, great question – let me try to clarify with some >> additional info from the DAA principles. Below is the definition of >> “affiliate” as well as some commentary on the definition from >> the DAA’s Self-Regulatory Principles for Online Behavioral >> Advertising. (Also, please note that while there is not an explicit >> definition of “affiliate” included in the DAA’s >> Self-Regulatory Principles for Multi-Site Data, the same definition >> applies in that context as well). >> >> AFFILIATE >> >> DEFINITION: An Affiliate is an entity that Controls, is Controlled >> by, or is under common Control with, another entity. >> >> COMMENTARY (RELATING TO DEFINITIONS OF BOTH “AFFILIATE” AND >> “CONTROL”): These terms set an objective test to separate >> related First Party entities from Third Parties and others. An >> Affiliate is defined as an entity that Controls, is Controlled by, >> or is under common Control with, another entity. The definition of >> Control sets out two alternative tests, which reflect a commonly >> understood definition of a single entity. The first alternative >> looks to whether one entity is under significant common ownership >> with the other entity. The second alternative looks to whether one >> entity has the power to exercise a controlling influence over the >> management or policies of the other. In addition, each entity must >> be subject to Online Behavioral Advertising policies that are not >> materially inconsistent with the other entity’s Online Behavioral >> Advertising policies. The combination of Control and governance by >> similar Online Behavioral Advertising policies renders the two >> entities Affiliates of each other. >> >> The tests for Control are unrelated to brand names. As a result, >> different brands, if they otherwise meet one of the tests for >> Control, would be treated as Affiliates rather than Third Parties. >> >> The starting point for whether two or more affiliated >> consumer-facing Web sites constitute a First Party under the >> Principles is whether the Web sites are the same company. The use of >> the term Affiliate is intended to allow affiliated companies that >> are in the same corporate family to share information within that >> family as if they are the same company, thereby benefitting from >> their collective assets. The treatment of Affiliates is not intended >> to create a means for companies that are in reality unrelated in >> corporate structure (and, therefore, that consumers would never >> expect would be sharing information,) to avoid providing the choice >> required under these Principles. In many cases companies can readily >> be transparent either in branding on the Web sites or through >> clarity in the privacy notices of their particular Affiliates. >> Assuming an entity otherwise meets the standard set forth in the >> definition of Control, such practices would clearly satisfy and >> permit inclusion in the definition of Affiliate. However, such >> branding on a Web site or inclusion in a privacy notice is not >> required under the Principles as in some instances the complexity of >> corporate affiliates driven by corporate legal principles pose >> practical operational challenges. >> >> And very best, >> >> Rachel >> >> FROM: Craig Spiezle [mailto:craigs@otalliance.org [12]] >> SENT: Tuesday, October 09, 2012 11:58 PM >> TO: Rachel Thomas; public-tracking@w3.org [13] >> SUBJECT: RE: ACTION-267 - Propose first/third party definitions from >> existing DAA documents >> >> This is helpful. >> >> Just so we are all on the same page can you clarify affiliate vs. >> non-affiliate. Is it correct to assume affiliate means a wholly >> owned entity? >> >> So a Third Party who collects data from an affiliate is not a third >> party. So this would or could mean a totally separate brand which >> the user has no knowledge of? >> >> Thanks >> >> FROM: Rachel Thomas [mailto:RThomas@the-dma.org] [14] >> SENT: Tuesday, October 09, 2012 1:16 PM >> TO: public-tracking@w3.org [15] >> SUBJECT: ACTION-267 - Propose first/third party definitions from >> existing DAA documents >> >> Folks – As promised, I am submitting the Digital Advertising >> Alliance (DAA) definitions of “first party” and “third >> party” for consideration / inclusion in section 3.5 [16] (“First >> and Third Parties”) of the W3C TPWG "Tracking Compliance and >> Scope” document. Below are both formal definitions and related >> commentary from the DAA Self-Regulatory Principles for Multi-Site >> Data [17]. >> >> FIRST PARTY >> >> DEFINITION: A First Party is the entity that is the owner of the Web >> site or has Control over the Web site with which the consumer >> interacts and its Affiliates. >> >> COMMENTARY: The actions of agents and other entities that similarly >> perform business operations of First Parties are treated as if they >> stand in the shoes of First Parties under these Principles and thus >> such actions are not included in Multi-Site Data. >> >> THIRD PARTY >> >> DEFINITION: An entity is a Third Party to the extent that it >> collects Multi-Site Data on a non-Affiliate’s Web site. >> >> COMMENTARY: As described in the OBA Principles, in certain >> situations where it is clear that the consumer is interacting with a >> portion of a Web site that is being operated by a different entity >> than the owner of the Web site, the different entity would not be a >> Third Party for purposes of the Principles, because the consumer >> would reasonably understand the nature of the direct interaction >> with that entity. The situation where this occurs most frequently >> today is where an entity through a “widget” or “video >> player” enables content on a Web site and it is clear that such >> content and that portion of the Web sites is provided by the other >> entity and not the First Party Web site. The other entity (e.g. the >> “widget” or “video player”) is directly interacting with the >> consumer and, from the consumer’s perspective, acting as a First >> Party. Thus, it is unnecessary to apply to these activities the >> Principles governing data collection and use by Third Parties with >> which the consumer is not directly interacting. >> >> Very best, >> >> Rachel >> >> RACHEL NYSWANDER THOMAS >> >> Vice President, Government Affairs >> >> Direct Marketing Association >> >> (202) 861-2443 office >> >> (202) 560-2335 cell >> >> rthomas@the-dma.org [18] >> >> JOIN US AT DMA2012 CONFERENCE AND EXHIBITION >> >> The Global Event for Real-Time Marketers >> >> October 13-18, 2012 | Las Vegas, NV >> >> REGISTER NOW & SAVE UP TO $200 |www.dma12.org [19] > > > > Links: > ------ > [1] http://Comcast.net > [2] http://PCHLotto.com > [3] mailto:jeff@democraticmedia.org > [4] mailto:public-tracking@w3.org > [5] http://www.democraticmedia.org > [6] http://www.digitalads.org > [7] mailto:RThomas@the-dma.org > [8] mailto:craigs@otalliance.org > [9] mailto:public-tracking@w3.org > [10] mailto:public-tracking@w3.org > [11] mailto:public-tracking@w3.org > [12] mailto:craigs@otalliance.org > [13] mailto:public-tracking@w3.org > [14] mailto:[mailto:RThomas@the-dma.org] > [15] mailto:public-tracking@w3.org > [16] > > http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance.html#first-third-parties > [17] > > https://www.aboutads.info/resource/download/Multi-Site-Data-Principles.pdf > [18] mailto:rthomas@the-dma.org > [19] http://www.dma12.org/ > [20] > > http://www.truste.com/about-TRUSTe/press-room/news_truste_PCH_TrustedAds_results > [21] > http://www.truste.com/pdf/TRUSTe-OBA-Behavioral-Advertising-Opt-Out.pdf
Received on Thursday, 11 October 2012 15:04:30 UTC