Re: ACTION-297: Update minimization text from Roy T. Fielding on 2012-10-24 (public-tracking@w3.org from October 2012)

From: Roy T. Fielding <fielding@gbiv.com>
Date: Wed, 24 Oct 2012 09:18:08 -0700
To: David Wainberg <david@networkadvertising.org>
Cc: "public-tracking@w3.org Working Group" <public-tracking@w3.org>
Message-Id: <C9FA09D7-0C78-471B-91C7-159B3D4F6A62@gbiv.com>
Hi David,

The purpose of saying "A third party MUST ..." is that requirements
should be readable in isolation.  In other words, I should be able
to extract just the definitions and the RFC2119 sentences and have
a complete list of requirements that are properly targeted to
who/what is being constrained.

Otherwise, I would agree with you.

....Roy


On Oct 24, 2012, at 7:06 AM, David Wainberg wrote:

> Hi Roy,
> 
> Quick question. Why specify third party at all? Third party status adheres based on and within the context of a specific request. Outside of that there is data collected in a third party context or data collected in a first party context. The minimization requirements apply based on the status at the time the data was collected, not on the nature of the party. Data retained for permitted uses is implicitly data collected in a third party context. That seems like adequate qualification, and by dropping "third" from other places in the text, we avoid some potential ambiguity.
> 
> Data retained by a party for permitted uses MUST be limited to the
>   data reasonably necessary for such permitted uses, and MUST be
>   retained no longer than is reasonably necessary for such permitted
>   uses. A party MUST make reasonable data minimization efforts
>   to ensure that only data necessary for each permitted use is
>   retained. A party MUST provide public transparency of their
>   data retention period for each permitted use. Once a retention
>   period for a given use has expired, the data MUST NOT be used for
>   that permitted use; when there are no remaining permitted uses for
>   some data, that data MUST either be deleted or rendered unlinkable.
> 
> 
> 
> 
> 
> On 10/8/12 3:39 AM, Roy T. Fielding wrote:
>> During the Amsterdam F2F, I took on an action to update the text on
>> minimization so that it refers to data collected per context rather
>> than the party nature of the collector, since minimization is applied
>> long after the interaction in which a given server might have been
>> a first or third party.
>> 
>> The WD text said
>> 
>>    6.1.2.2 Data Minimization and Transparency
>> 
>>    A third party MUST ONLY retain information for a Permitted Use for as long
>>    as is reasonably necessary for that use. Third parties MUST make
>>    reasonable data minimization efforts to ensure that only the data
>>    necessary for the permitted use is retained. A third party MUST provide
>>    public transparency of their data retention period. The third party MAY
>>    enumerate each individually if they vary across Permitted Uses. Once the
>>    period of time for which you have declared data retention for a given use,
>>    the data MUST NOT be used for that permitted use. After there are no
>>    remaining Permitted Uses for given data, the data must be deleted or
>>    rendered unlinkable.
>> 
>> but appears to have been updated since then to say
>> 
>>    6.1.1.2 Data Minimization and Transparency
>> 
>>    Data retained by a party for permitted uses MUST be limited to the
>>    data reasonably necessary for such permitted uses, and MUST be
>>    retained no longer than is reasonably necessary for such permitted
>>    uses. Third parties MUST make reasonable data minimization efforts
>>    to ensure that only the data necessary for the permitted use is
>>    retained. A third party MUST provide public transparency of their
>>    data retention period. The third party MAY enumerate each individually
>>    if they vary across Permitted Uses. Once the period of time for which
>>    you have declared data retention for a given use has expired, the
>>    data MUST NOT be used for that permitted use. After there are no
>>    remaining Permitted Uses for given data, the data must be deleted
>>    or rendered unlinkable.
>> 
>> However, now that I've had sufficient sleep and can see that this
>> section is inside third-party compliance, I believe that the change
>> to the first sentence is sufficient to cover my concern. Thanks!
>> 
>> But, while I am here, I suggest the paragraph be tweaked as follows
>> for consistency:
>> 
>>    Data retained by a party for permitted uses MUST be limited to the
>>    data reasonably necessary for such permitted uses, and MUST be
>>    retained no longer than is reasonably necessary for such permitted
>>    uses. A third party MUST make reasonable data minimization efforts
>>    to ensure that only data necessary for each permitted use is
>>    retained. A third party MUST provide public transparency of their
>>    data retention period for each permitted use. Once a retention
>>    period for a given use has expired, the data MUST NOT be used for
>>    that permitted use; when there are no remaining permitted uses for
>>    some data, that data MUST either be deleted or rendered unlinkable.
>> 
>> Cheers,
>> 
>> ....Roy
>> 
>> 
> 
>
Received on Wednesday, 24 October 2012 16:18:39 UTC