Re: Proposed Text for Local Law and Public Purpose

Ed,

I think your assumption may have 2 flaws:

  1.  Opt_Out IS NOT equivalent to DNT, even at a per event level
  2.  A system that can correct for a historic e.g. 1% OPT_OUT may not have statistical corrections which can accommodate e.g. 40% such limitations

Let's just think through what any accreditation service, be they MRC, ABC or anyone else, is trying to do.

They are attempting to reliably indicate that some counting of ads was actually consumed or displayed to or made available to (insert term here) to "quality" recipients.  Now, to your linkability question – yes "quality" probably is an indication that they are a "real" person.  So MRC or any audit company doesn't need an identified list of individuals who saw the million ads, but in many ways what they are saying is that these e.g. million impressions have enough linkability to them that I can assure you that they aren't "low quality" i.e. not a person.  Without direct knowledge of MRC's secret sauce, I am sure that IP address plays a role in this as a primary source and that IP is very likely still used even where the cookie reads Opt_Out.  I would note that even Opt_Outs might play a role in determining quality.  If a million impressions came from the same IP address all with the same Opt_Out cookie value in a short period of time you can assume machine activity.  If only 1% of the million impressions in the same short period have an Opt_Out and the other 99% have a random cookie distribution the odds of it being a valid proxy server increase (yes obviously UA and other header info come in, but you see my point).

Again, I am not being coy about what the MRC needs.  I just don't know.  I also don't know what the XYZ Click Fraud team needs, but I would suggest that both play a huge role in keeping the ecosystem going, and absent specific knowledge of what they need, I think there is much we can infer from what they are set out to do.  To Chris's point, if we need this specific knowledge, we should ask them.  Taking away the folks who certify scales is not good for the commodities market!

-Brooks


--

Brooks Dobbs, CIPP | Chief Privacy Officer | KBM Group | Part of the Wunderman Network
(Tel) 678 580 2683 | (Mob) 678 492 1662 | kbmg.com
brooks.dobbs@kbmg.com

[cid:E8456E7B-9FE2-467C-85EE-F81C1175BD61]

This email – including attachments – may contain confidential information. If you are not the intended recipient,
 do not copy, distribute or act on it. Instead, notify the sender immediately and delete the message.

From: Ed Felten <ed@felten.com<mailto:ed@felten.com>>
Date: Thursday, October 25, 2012 8:37 AM
To: "public-tracking@w3.org<mailto:public-tracking@w3.org>" <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Subject: Re: Proposed Text for Local Law and Public Purpose
Resent-From: <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Resent-Date: Thursday, October 25, 2012 8:38 AM

Since nobody in this group seemed to have an answer to my question about whether the MRC documents require collection of linkable data, I did some investigation myself.   I came to the conclusion that the MRC document does not require ad networks to collect linkable information about opted-out users

My conclusion is based on the assumption that the current opt-out practices of large ad networks are consistent with any MRC obligations they might have.  There are multiple ad networks that cease information collection (except possibly for basic HTTP log info) when users exercise an opt-out.   If this behavior is consistent with any MRC requirements, then it must be the case that MRC does not require these companies to collect more data.

I also note that these companies generally show ads to opted-out users.  So (again assuming that the companies are not currently violating MRC requirements) the showing of ads must not trigger any MRC requirement to collect data.

On Tue, Oct 23, 2012 at 5:59 PM, Ed Felten <ed@felten.com<mailto:ed@felten.com>> wrote:
Jonathan's argument, as I understand it, was that the MRC documents do not require companies to collect linkable data about every consumer.   Do you disagree with that?   Do you have a citation in the documents to the contrary?


On Tue, Oct 23, 2012 at 5:49 PM, Chris Mejia <chris.mejia@iab.net<mailto:chris.mejia@iab.net>> wrote:
Jonathan,

I sit on the MRC's Digital Audit Review Committee.  As such, I have attended countless MRC audits, and am asked to apply the MRC guidelines to the audited companies— I do this, every week.  Unless you are accusing me of lying or not being qualified (please be transparent and direct if you are), then I am attesting to the fact that data retention, of any data that relates to the bought/billed unit (impression, click, action, etc.) is required per the guidelines.  The issue is by no means closed, nor are you qualified to close it.

If you want to provide evidence to the contrary, please contact the MRC yourself and do your homework.  You are a Stanford grad student, representing Stanford University in this forum— I can only assume that conducting thorough primary research is still something valued at your institution.  So if you believe you are right (and I am wrong), then do the real primary research (call the MRC, interview them, etc.) and provide concrete evidence to discredit my testimony as an expert in this domain.  But simply reading a document online and pulling parts of it out of context to suit your ill-placed argument, is not only detrimental to this working group's mission, it reflects poorly on the institution you are representing.

Finally, I'd like to know who your academic  advisor is, or the official at Stanford who supervises your contribution to the W3C?  Since your membership to this forum seems to be associated with your student affiliation at Stanford University, I'd be interested in understanding whether your views and actions here are those of the University, or just yourself as a private citizen?


Chris Mejia | Digital Supply Chain Solutions | Ad Technology Group | Interactive Advertising Bureau - IAB

From: Jonathan Mayer <jmayer@stanford.edu<mailto:jmayer@stanford.edu>>
Date: Tuesday, October 23, 2012 2:14 PM
To: "Dobbs, Brooks" <Brooks.Dobbs@kbmg.com<mailto:Brooks.Dobbs@kbmg.com>>
Cc: Kimon Zorbas - IAB Europe <vp@iabeurope.eu<mailto:vp@iabeurope.eu>>, Jeffrey Chester <jeff@democraticmedia.org<mailto:jeff@democraticmedia.org>>, "Amy Colando (LCA)" <acolando@microsoft.com<mailto:acolando@microsoft.com>>, Richard Weaver - ComScore <rweaver@comscore.com<mailto:rweaver@comscore.com>>, "John Simpson ," <john@consumerwatchdog.org<mailto:john@consumerwatchdog.org>>, W3C DNT Working Group Mailing List <public-tracking@w3.org<mailto:public-tracking@w3.org>>

Subject: Re: Proposed Text for Local Law and Public Purpose
Resent-From: W3C DNT Working Group Mailing List <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Resent-Date: Tuesday, October 23, 2012 2:15 PM

Here's my concrete proposal: The MRC issue should be CLOSED.  As always, if a working group member produces new information, we should take it into account.

Background: The MRC issue was RAISED many months ago.  We still haven't been presented with an iota of evidence that the MRC guidelines require collection of user data.  A plain reading of the MRC Minimum Standards cuts against that view.  So does a plain reading of the draft MRC guidelines on digital video.

The issue appears to rest on a fundamental misunderstanding of the MRC guidelines.  The MRC, in general, specifies *how* a user's behavior is measured.  It does not address *whether* the behavior is measured in the first place.

I agree with Brooks—much of the MRC's language is antiquated or domain-specific.  But, for our purposes, the import seems reasonably clear.  And to the extent our plain reading is inaccurate, again, working group members are welcome to present that new information.

Jonathan


On Tuesday, October 23, 2012 at 9:14 AM, Dobbs, Brooks wrote:

Jonathan,

I have no objection to, and indeed it does make sense to, learn(ing) what MRC actually requires.  In the meantime, while we agree that the full extent of what is required is not yet yet fully understood, it is helpful to avoid misleading folks that a standard which speaks to diaries, busy signals and facsimiles and was started in the 60s has specifically anticipated DNT signals at the rate likely to be seen by default settings; it hasn't.

-Brooks

--

Brooks Dobbs, CIPP | Chief Privacy Officer |KBM Group| Part of the Wunderman Network
(Tel) 678 580 2683<tel:678%20580%202683> | (Mob) 678 492 1662<tel:678%20492%201662> | kbmg.com<http://kbmg.com>
brooks.dobbs@kbmg.com<http://brooks.dobbs@kbmg.com>

[cid:3FE3F56F-47AE-4C14-80C0-93F86B31630A]

This email – including attachments – may contain confidential information. If you are not the intended recipient,
 do not copy, distribute or act on it. Instead, notify the sender immediately and delete the message.

From: Jonathan Mayer <jmayer@stanford.edu<mailto:jmayer@stanford.edu>>
Date: Tuesday, October 23, 2012 11:49 AM
To: Brooks Dobbs <brooks.dobbs@kbmg.com<mailto:brooks.dobbs@kbmg.com>>
Cc: Kimon Zorbas <vp@iabeurope.eu<mailto:vp@iabeurope.eu>>, Jeffrey Chester <jeff@democraticmedia.org<mailto:jeff@democraticmedia.org>>, "Amy Colando (LCA)" <acolando@microsoft.com<mailto:acolando@microsoft.com>>, "Richard Weaver (Comscore)" <rweaver@comscore.com<mailto:rweaver@comscore.com>>, "John Simpson ," <john@consumerwatchdog.org<mailto:john@consumerwatchdog.org>>, "public-tracking@w3.org<mailto:public-tracking@w3.org>" <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Subject: Re: Proposed Text for Local Law and Public Purpose

Brooks,

Some members of the working group have claimed they require a Do Not Track exemption to accommodate the MRC Minimum Standards for content measurement.  The nation is that the MRC Minimum Standards *require* some data collection about users.  Before even considering such an exemption, it seems prudent to validate the premise—we should look into whether the MRC Minimum Standards actually require any data collection.

I agree that the MRC's document reads antiquated in many places.  That should come as little surprise—it traces back to 1964.  (Latest version: December 2011.)  The document explicitly does not, however, limit itself to old technology.  In the provision we're discussing, it talks about "diaries" and "tape records" (hah!), but it also includes "other primary sources of audience data."  (It seemed to me uncontroversial to elide "diaries" and "tape records" to save the group a few moments of reading.)  Since the working group members who invoke MRC consistently cite an eleven-month source data retention requirement, and this is the only eleven-month source data retention requirement in the document, it seems reasonable to conclude this is the relevant provision.

So no, no straw man here.  I'm attempting to honestly unpack the claim that the MRC Minimum Standards require data collection about users.  It seems to me that, in a plain reading, they do not.  Until a working group member produces evidence otherwise, we should be safe in dropping the proposed "relevant self-regulatory verification requirements" exemption.

Jonathan



On Tuesday, October 23, 2012 at 6:58 AM, Dobbs, Brooks wrote:

Jonathan,

Did you really just accuse someone of creating a straw man and then raise this as an example?

Let's go back and add the actual words left out by your ellipsis:

  1.  Each rating service shall maintain, for at least eleven months from the end of the period covered by the report, all diaries and interviews (or a complete facsimile thereof), tape records and/or other primary sources of audience data. These shall include material actually used in the preparation of published rating reports as well as material collected but not used. In addition, each service shall maintain records of:

B) All unsuccessful attempts to obtain information, including- but not limited to - refusals, not at home, cases requiring further discussion and/or correspondence (e.g., with another member of the household), busy signals (phone), and returns from postal authorities.

It is pretty clear from reading this in full context that this has nothing to do with web measurement (diaries, interviews, tape records were conveniently redacted).  Even the language about unsuccessful attempts is unrelated.  DNT ad calls are real ad calls that result in ad responses – there is nothing "unsuccessful" about them.

So none of that is meant to defend or degrade the MRC.  I have no idea if they are secretly plotting to disenfranchise the hispanic community.  Maybe they are and that should be dealt with outside this group.  I do know they provide measurement validation services that allow the entire ad economy to work (not just Behavioral).  Per my previous post – and to mix metaphors – if no one trusts the scales no one is paying for advertising.  It has been said before, but is obviously worth repeating, upsetting core measurement of a multi-tens of billion dollar ecosystem doesn't seem consistent with the charter and is not an acceptable outcome.

-Brooks


--

Brooks Dobbs, CIPP | Chief Privacy Officer |KBM Group| Part of the Wunderman Network
(Tel) 678 580 2683<tel:678%20580%202683> | (Mob) 678 492 1662<tel:678%20492%201662> | kbmg.com<http://kbmg.com>
brooks.dobbs@kbmg.com<http://brooks.dobbs@kbmg.com>

[cid:D3014C17-A4EC-4276-BF26-9B425800CDF0]

This email – including attachments – may contain confidential information. If you are not the intended recipient,
 do not copy, distribute or act on it. Instead, notify the sender immediately and delete the message.

From: Jonathan Mayer <jmayer@stanford.edu<mailto:jmayer@stanford.edu>>
Date: Tuesday, October 23, 2012 1:41 AM
To: Kimon Zorbas <vp@iabeurope.eu<mailto:vp@iabeurope.eu>>
Cc: Jeffrey Chester <jeff@democraticmedia.org<mailto:jeff@democraticmedia.org>>, "Amy Colando (LCA)" <acolando@microsoft.com<mailto:acolando@microsoft.com>>, Brooks Dobbs <brooks.dobbs@kbmg.com<mailto:brooks.dobbs@kbmg.com>>, "Richard Weaver (Comscore)" <rweaver@comscore.com<mailto:rweaver@comscore.com>>, "John Simpson ," <john@consumerwatchdog.org<mailto:john@consumerwatchdog.org>>, "public-tracking@w3.org<mailto:public-tracking@w3.org>" <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Subject: Re: Proposed Text for Local Law and Public Purpose

This is our second trip through the purported MRC justification.  In our last visit, I pointed out that the MRC guidelines anticipate that not all users will have data collected.

On Thursday, September 27, 2012 at 6:18 PM, Jonathan Mayer wrote:

The MRC document explicitly accommodates consumers opting out of data collection.  Page 8:
Each rating service shall maintain, for at least eleven months from the end of the period covered by the report, all . . . primary sources of audience data. These shall include material actually used in the preparation of published rating reports as well as material collected but not used. In addition, each service shall maintain records of:
. . .
b. All unsuccessful attempts to obtain information, including- but not limited to - refusals . . . .
Until a working group member can furnish an MRC or MRC-like *requirement* that users have their browsing histories collected, this entire conversation seems moot.

Jonathan


On Monday, October 22, 2012 at 11:33 AM, Kimon Zorbas wrote:
In Europe, we have Jics, industry committees, that run measurement in (as far as I know) each country.
There is no agreed standard across Europe.
Sometimes they use their own technology (less often) sometimes partner with companies such as Nielsen, comscore, Gemius, spring, etc. I am by no means as expert on Jics. Unlike the MRC, Jics do not certify but mandate / run the measurement, which de facto becomes THE standard in those countries.

Colleagues from comscore / Nielsen might be better placed to respond.

Kimon

----- Reply message -----
From: "Jeffrey Chester" <jeff@democraticmedia.org<mailto:jeff@democraticmedia.org>>
To: "Kimon Zorbas" <vp@iabeurope.eu<mailto:vp@iabeurope.eu>>
Cc: "Amy Colando (LCA)" <acolando@microsoft.com<mailto:acolando@microsoft.com>>, "Dobbs, Brooks" <Brooks.Dobbs@kbmg.com<mailto:Brooks.Dobbs@kbmg.com>>, "Richard Weaver (Comscore)" <rweaver@comscore.com<mailto:rweaver@comscore.com>>, "John Simpson ," <john@consumerwatchdog.org<mailto:john@consumerwatchdog.org>>, "public-tracking@w3.org<mailto:public-tracking@w3.org>" <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Subject: Proposed Text for Local Law and Public Purpose
Date: Mon, Oct 22, 2012 8:22 pm



Kimon:    Our measurement companies in US are not congressional chartered.  Can you send the names of the organizations you have in mind?


Jeffrey Chester
Center for Digital Democracy
1621 Connecticut Ave, NW, Suite 550
Washington, DC 20009
www.democraticmedia.org<http://www.democraticmedia.org>
www.digitalads.org<http://www.digitalads.org>
202-986-2220<tel:202-986-2220>

On Oct 22, 2012, at 2:08 PM, Kimon Zorbas wrote:

I also would like to point out that measurement in Europe works somehow different with respect to organisational setup. We would like those entities,not setup by the equivalent of European or national Congress, to be reflected in the text. Would anyone have an issue?

Kind regards,
Kimon


----- Reply message -----
From: "Amy Colando (LCA)" <acolando@microsoft.com<mailto:acolando@microsoft.com>>
To: "Dobbs, Brooks" <Brooks.Dobbs@kbmg.com<mailto:Brooks.Dobbs@kbmg.com>>, "Jeffrey Chester" <jeff@democraticmedia.org<mailto:jeff@democraticmedia.org>>, "Richard Weaver (Comscore)" <rweaver@comscore.com<mailto:rweaver@comscore.com>>
Cc: "John Simpson ," <john@consumerwatchdog.org<mailto:john@consumerwatchdog.org>>, "public-tracking@w3.org<mailto:public-tracking@w3.org>" <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Subject: Proposed Text for Local Law and Public Purpose
Date: Mon, Oct 22, 2012 6:30 pm



You beat me to it Brooks. I'll just add my own analogy that MRC accreditation is a way of ensuring accurate and consistent counting methodologies of clicks and impressions, which form the basis for calculating the amount that advertisers are billed and sites are paid. The analogy that springs to mind is the state agencies that certify that gas stations are measuring gallons of gas accurately and billing consumers accordingly.

The reason that you see so many companies on the MRC accreditation page is that this certification as to accuracy of measurement is vitally important for providing online advertising services, whether targeted or untargeted. I believe your reference to Hispanic measurement refers perhaps to demographics in relation to TV geo advertising markets; if so, I don't understand the relevance to our discussion.

Sent from my Windows Phone
________________________________
From: Dobbs, Brooks
Sent: 10/22/2012 9:12 AM
To: Jeffrey Chester; Weaver, Richard
Cc: John Simpson ,; Amy Colando (LCA); public-tracking@w3.org<mailto:public-tracking@w3.org>
Subject: Re: Proposed Text for Local Law and Public Purpose

Jeff,

I think you are missing the MRC's role in the ecosystem here.  We may even need to do a 101 on the ad serving economy as compared to a more tangible industry -  say pork bellies in the commodities market.  If this is obvious, please forgive the review, but I think an analogy is helpful here.

If I spend $150k on 200k lbs of frozen pork bellies at 75 cents a pound a huge tractor trailer(s) show up and I see frozen pork bellies.  I can further weigh them on an NTEP certified scale, and if it turns out that only 180k lbs are there I can negotiate a $15k discount.  We can agree on this because even though the bellies were weighed at my facility, they scales where certified by an organization both buyer and seller trust.

If alternatively, I spend $150k on 10k CPMs of advertising on Big1stParty.com<http://Big1stParty.com> at $15/CPM targeted to IP addresses in the Spokane WA area from 4pm to 7pm local time – where's the beef?  I live in Atlanta.  If the ad buy was delivered correctly, I should see exactly ZERO of the ads.  How then does the purchaser have confidence that all 10k CPMs occurred?  Advertisers have this confidence because they traditionally pay on numbers that their system records, a log of "quality" deliveries.  But the obvious question is then – what about the seller?  How does he have confidence in the buyer's numbers?  Couldn't the buyer have just thrown away 5k impressions as invalid so as to avoid paying for them?  MRC is the answer here.  MRC will give both parties confidence that they have a common frame of reference from which to conduct business.  The buyer (and/or seller) will have his system MRC certified and there is an agreed upon counting standardto use as a basis for payment.

If you are suggesting that accommodating MRC audits shouldn't play a role in these discussions, the argument is akin to saying no one should certify scales in the commodities market.

-Brooks
--

Brooks Dobbs, CIPP | Chief Privacy Officer |KBM Group| Part of the Wunderman Network
(Tel) 678 580 2683<tel:678%20580%202683> | (Mob) 678 492 1662<tel:678%20492%201662> | kbmg.com<http://kbmg.com>
brooks.dobbs@kbmg.com

<image[50].png>

This email – including attachments – may contain confidential information. If you are not the intended recipient,
 do not copy, distribute or act on it. Instead, notify the sender immediately and delete the message.

From: Jeffrey Chester <jeff@democraticmedia.org<mailto:jeff@democraticmedia.org>>
Date: Saturday, October 20, 2012 4:49 PM
To: "Weaver, Richard" <rweaver@comscore.com<mailto:rweaver@comscore.com>>
Cc: John Simpson <john@consumerwatchdog.org<mailto:john@consumerwatchdog.org>>, Amy Colando <acolando@microsoft.com<mailto:acolando@microsoft.com>>, "public-tracking@w3.org<mailto:public-tracking@w3.org>" <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Subject: Re: Proposed Text for Local Law and Public Purpose
Resent-From: <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Resent-Date: Saturday, October 20, 2012 4:50 PM

Thanks.  I hope we aren't suggesting that somehow industry set guidelines for its own MRC should in any way impact our work to provide user choice in a meaningful manner for DNT.  The MRC is a media/industry industry run initiative, involved in a wide range of TV and online measurement tools that play a key role in the user targeting experience:  http://mediaratingcouncil.org/Accredited%20Services.htm

Companies involved with the Council include Google, Disney, Adobe, comScore, AOL, Microsoft, Yahoo, etc.   I suggest that it's guidelines do not reflect the privacy concerns addressed by this group.  The history of ratings, as many of us know, has been quite controversial (such as Hispanic measurement).  Congress has been critical of many of the industry practices.    Is someone suggesting that there be a data retention source period for one year or more to please the MRC?




Jeffrey Chester
Center for Digital Democracy
1621 Connecticut Ave, NW, Suite 550
Washington, DC 20009
www.democraticmedia.org<http://www.democraticmedia.org/>
www.digitalads.org<http://www.digitalads.org/>
202-986-2220<tel:202-986-2220>

On Oct 17, 2012, at 5:26 PM, Weaver, Richard wrote:




I hope Chris Mejia won’t mind that I’m cutting and pasting his previous description of MRC:


According to the Media Rating Council (MRC), the normal retention period for "source data" required for industry accreditation of third-party audience estimates is 1-year, as documented in their published standards: "Minimum Standards for Media Rating Research" (available for download at http://mediaratingcouncil.org/MRC%20Standards.htm).  Depending on the case however (and on a case-by-case basis), special concessions may be made outside of this standard from time to time as deemed appropriate by the CPAs/auditor and the MRC.

About the MRC, their mission and authority:
In the early 1960’s a U.S. Congressional Committee held hearings on the purpose and accuracy of audience research and considered regulation related to the TV and Radio industries.  These public hearings are commonly referred to as the “Harris Committee Hearings on Broadcast Ratings.”  After investigation and extensive testimony the Committee determined that Industry self-regulation, including independent audits of rating services was preferable to government intervention.  The Harris Committee hearings resulted in the formation of an Industry-funded organization to review and accredit audience rating services called the Broadcast Rating Council (now referred to as the MRC).

Aligned with the actions deemed necessary by the House Committee, the activities of the MRC include:

  *   The establishment and administration of Minimum Standards for rating operations;
  *   The accreditation of rating services on the basis of information submitted by such services; and
  *   Auditing, through independent CPA firms, of the activities of the rating services.


The Media Rating Council seeks to improve the quality of audience measurement by rating services and to provide a better understanding of the applications (and limitations) of rating information.  The Bylaws of the MRC document the organization’s mission as: “to secure for the media industry and related users audience measurement services that are valid, reliable and effective; to evolve and determine minimum disclosure and ethical criteria for media audience measurement services; and to provide and administer an audit system designed to inform users as to whether such audience measurements are conducted in conformance with the criteria and procedures developed.”  This mission was established with the support of the House Committee.

More on the MRC at http://mediaratingcouncil.org/History.htm






Richard Weaver Deputy Privacy Officer | comScore, Inc. (NASDAQ:SCOR)
o +1 (703) 438-2354<tel:%2B1%20%28703%29%20438-2354> | rweaver@comscore.com<mailto:rweaver@comscore.com>
...........................................................................................................



Introducing Mobile Metrix 2.0 - The next generation of mobile behavioral measurement
www.comscore.com/MobileMetrix<http://www.comscore.com/Products_Services/Product_Index/Mobile_Metrix_2.0>




From: John Simpson [mailto:john@consumerwatchdog.org]
Sent: Wednesday, October 17, 2012 5:14 PM
To: Amy Colando
Cc: public-tracking@w3.org<mailto:public-tracking@w3.org>
Subject: Re: Proposed Text for Local Law and Public Purpose

I'm sorry, maybe I missed something -- it certainly wouldn't be the first time -- but what is MRC accreditation?


----------
John M. Simpson
Consumer Advocate
Consumer Watchdog
2701 Ocean Park Blvd., Suite 112
Santa Monica, CA,90405
Tel: 310-392-7041<tel:310-392-7041>
Cell: 310-292-1902<tel:310-292-1902>
www.ConsumerWatchdog.org<http://www.ConsumerWatchdog.org/>
john@consumerwatchdog.org<mailto:john@consumerwatchdog.org>

On Oct 17, 2012, at 1:46 PM, Amy Colando (LCA) wrote:


Hi John.

This was intended to address the MRC accreditation scenario that was previously raised.

From: John Simpson [mailto:john@consumerwatchdog.org]
Sent: Wednesday, October 17, 2012 1:19 PM
To: Amy Colando (LCA)
Cc: public-tracking@w3.org<mailto:public-tracking@w3.org>
Subject: Re: Proposed Text for Local Law and Public Purpose

Amy,

A clarifying question: Can you please give a use case for what sort of data would be collected for "relevant self-regulatory requirements"?
Thanks,
John

----------
John M. Simpson
Consumer Advocate
Consumer Watchdog
2701 Ocean Park Blvd., Suite 112
Santa Monica, CA,90405
Tel: 310-392-7041<tel:310-392-7041>
Cell: 310-292-1902<tel:310-292-1902>
www.ConsumerWatchdog.org<http://www.ConsumerWatchdog.org/>
john@consumerwatchdog.org<mailto:john@consumerwatchdog.org>

On Oct 17, 2012, at 8:05 AM, Amy Colando (LCA) wrote:



Apologies that I have lost track of Action number, which I will look up later.  Many thanks to Vinay, MeMe and David W. for assisting with this text.

6.1.1.9 Compliance with Local Law and Public Purpose

Normative: Regardless of DNT signal, information MAY be collected, retained, used and shared for complying with applicable laws, regulations, legal obligations and other public purposes, including, but not limited to, intellectual property protection, delivery of emergency services, and relevant self-regulatory verification requirements.

Non-normative: This specification does not purport to require parties to breach existing contractual obligations.  At the same time, it is expected that parties implementing this specification should not enter into new contractual obligations that have the effect of circumventing specification requirements. This specification recognizes that there are legitimate self-regulatory regimes that both protect consumer interests and govern certain data practices, and the specification does not intend to conflict with these regimes. However, parties should whenever possible adhere to the letter and spirit of this specification, and should not look to such regimes as merely a means to circumvent the specification.