- From: Alan Chapell <achapell@chapellassociates.com>
- Date: Thu, 11 Oct 2012 16:17:35 -0400
- To: Jeffrey Chester <jeff@democraticmedia.org>
- CC: <public-tracking@w3.org>, Jonathan Mayer <jmayer@stanford.edu>
- Message-ID: <CC9CA017.23322%achapell@chapellassociates.com>
Actually, Jeff, my statement says a great deal about my view of the clarity of scope and overall progress of this particular working group. But that isn't exactly anything new. I suppose I can't stop you from attempting to misrepresent my views and reading much more into my statements you've already demonstrated that you're a rather creative guy. (: Since we're putting things on the record ‹ is it fair to say that you are unable to come up with a set of tangible, real world examples of harms that this group is tailored to address? I've asked a number of times. Please answer that question on the record with real examples. From: Jeffrey Chester <jeff@democraticmedia.org> Date: Thursday, October 11, 2012 4:08 PM To: Alan Chapell <achapell@chapellassociates.com> Cc: <public-tracking@w3.org>, Jonathan Mayer <jmayer@stanford.edu> Subject: Re: Third-Party Web Tracking: Policy and Technology Paper outlining harms of tracking > Thanks Alan for putting this on the record. You "struggle to find the harm > that this group is attempting to address." This clearly says a great deal > about your view of privacy and contemporary online marketing data collection > practices. Such a perspective, which appears to be shared by the DAA/US, > raises questions about how the group can accomplish its critical task in a > meaningful manner. But I still have hopes that we can develop a consensus > that moves us ahead. > > Jeff > > > > > Jeffrey Chester > Center for Digital Democracy > 1621 Connecticut Ave, NW, Suite 550 > Washington, DC 20009 > www.democraticmedia.org <http://www.democraticmedia.org> > www.digitalads.org <http://www.digitalads.org> > 202-986-2220 > > On Oct 11, 2012, at 3:33 PM, Alan Chapell wrote: > >> Hi Jeff - >> >> It is significantly more productive to tie it back to what harms are >> purportedly going to be addressed by the DNT standard. >> >> As I'm providing input into Permitted Uses, I've argued for some flexibility >> so as to avoid putting third parties in a position where they are conflicting >> either with DNT or another competing standard. This argument has received >> some pushback. Some in the group believe that DNT should just trump all >> competing or conflicting standards - which I believe is impractical. >> >> As a result, I've asked you, Jonathan and others for some real-life examples >> on the harms they are trying to minimize so that I can help tailor Permitted >> Uses to address those harms. Thus far, I've received information on a) harms >> that are out of the scope of DNT, b) high level examples that are incredibly >> vague to as to make it almost impossible to find practical approaches to >> address the purported harms in our work here. If this is all they can offer, >> well then it might be time to remove those objections to flexibility in >> Permitted Users so the group can move forward productively. >> >> So I'm not sure why you're asking me this question. I struggle to find the >> harm that this group is attempting to address. You and your colleagues are >> the ones telling the world the the proverbial sky is falling. And if the >> professionals who have made these issues their life's work are unable to >> provide specific, real world examples, please point me to those who areŠ >> >> >> >> From: Jeffrey Chester <jeff@democraticmedia.org> >> Date: Thursday, October 11, 2012 1:19 PM >> To: Alan Chapell <achapell@chapellassociates.com> >> Cc: <public-tracking@w3.org>, Jonathan Mayer <jmayer@stanford.edu> >> Subject: Re: Third-Party Web Tracking: Policy and Technology Paper outlining >> harms of tracking >> >>> Alan. Could you please clarify. Are you saying that you and/or your >>> clients believe that the loss of privacy from contemporary digital marketing >>> practices is not a "harm." This will help in the discussion. >>> >>> Regards, >>> >>> Jeff >>> >>> >>> >>> >>> Jeffrey Chester >>> Center for Digital Democracy >>> 1621 Connecticut Ave, NW, Suite 550 >>> Washington, DC 20009 >>> www.democraticmedia.org <http://www.democraticmedia.org/> >>> www.digitalads.org <http://www.digitalads.org/> >>> 202-986-2220 >>> >>> On Oct 10, 2012, at 4:55 PM, Alan Chapell wrote: >>> >>>> Hi Jonathan - >>>> >>>> In addition to my questions below, I'm curious whether your research has >>>> documented specific examples of these harms occurring in the real world? >>>> >>>> Thanks again, >>>> >>>> Alan >>>> >>>> From: Alan Chapell <achapell@chapellassociates.com> >>>> Date: Saturday, October 6, 2012 5:14 AM >>>> To: <public-tracking@w3.org>, Jonathan Mayer <jmayer@stanford.edu> >>>> Subject: Third-Party Web Tracking: Policy and Technology Paper outlining >>>> harms of tracking >>>> >>>>> Hi Jonathan - >>>>> >>>>> A few days ago, you invited me (via IRC) to review your recent paper which >>>>> among other items outlines some of the potential harms of tracking. >>>>> (See https://www.stanford.edu/~jmayer/papers/trackingsurvey12.pdf) >>>>> >>>>> Thanks As you may have noticed, I've been asking a number of folks in >>>>> the WG for examples of harms and haven't received very much information in >>>>> response. So I want to applaud your effort to help provide additional >>>>> information and to facilitate a dialog. That said, I want to make sure I >>>>> understand your thinking here or at least help clarify some of the >>>>> distinctions you may be drawing. >>>>> >>>>> I'm curious whether your position is that those harms are equally apparent >>>>> in a first party setting where a first party utilizes their own data for >>>>> ad targeting across the internet? For example, in your scenario where "an >>>>> actor that causes harm to a consumer." Is that not also possible in a >>>>> first party context? Does the first party not have both "the means", "the >>>>> access" and at least potentially, the ability to take the "action" that >>>>> causes the harms you lay out? (e.g., "Publication, a less favorable offer, >>>>> denial of a benefit, or termination of employment. Last, a particular harm >>>>> that is inflicted. The harm might be physical, psychological, or >>>>> economic.") >>>>> Do you believe that a direct relationship between consumers and first >>>>> party websites completely mitigates that risk of harm even where the >>>>> first parties have significant stores of personally identifiable data? >>>>> >>>>> Has your position evolved over the past few months? Correct me if I'm >>>>> mistaken, but I believe that one of the proposals offered by Mozilla / >>>>> Stanford and EFF sought to address forms of first party tracking. Do I >>>>> have that correct? >>>>> >>>>> Thanks I look forward to hearing your thoughts. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Excerpt from your paper for the convenience of others. >>>>> >>>>> >>>>> "When considering harmful web tracking scenarios, we find it helpful to >>>>> focus on four variables. First, an actor that causes harm to a consumer. >>>>> The actor might, for example, be an authorized employee, malicious >>>>> employee, competitor, acquirer, hacker, or government agency. Second, a >>>>> means of access that enables the actor to use tracking data. The data >>>>> might be voluntarily transferred, sold, stolen, misplaced, or accidentally >>>>> distributed. Third, an action that harms the consumer. The action could >>>>> be, for example, publication, a less favorable offer, denial of a benefit, >>>>> or termination of employment. Last, a particular harm that is inflicted. >>>>> The harm might be physical, psychological, or economic. >>>>> The countless combinations of these variables result in countless possible >>>>> bad outcomes for consumers. To ex- emplify ourthinking, here is one >>>>> commonly considered scenario: A hacker (actor) breaksinto a tracking >>>>> company (means of access) and publishes its tracking information (action), >>>>> causing some embarrassing fact about the consumer to become known and >>>>> inflicting emotional distress (harm).9 >>>>> Risks associated with third-party tracking are heightened by the lack of >>>>> market pressure to exercise good security and privacy practices. If a >>>>> first-party website is untrustworthy, users may decline to visit it. But, >>>>> since users are unaware of the very existence of many third-party >>>>> websites, they cannot reward responsible sites and penalize irresponsible >>>>> sites.10" >>>>> >>>>> >>> >
Received on Thursday, 11 October 2012 20:18:21 UTC