Re: Action 229 - Data Append Definition

Under the EFF/Mozilla/Stanford compromise proposal, all but one of these use cases might not require an additional (and potentially quite broad) data append exception.

Example 1: Much like widgets are promoted to first party status once the user "meaningfully" interacts with them, Nike could become a first party once the user submits his or her shoe purchase information.

Example 3: A company that provides a geocoding API might qualify as a service provider.

Example 4: Same as Example 3, but with an IP geolocation API.  Coarse first-party IP geolocation is explicitly allowed.

Example 5: A user can always grant permission for a particular information practice, like the opt-in demographic sharing in this example.


On Tuesday, September 4, 2012 at 10:21 PM, Chris Pedigo wrote:

> Hello all.  In an effort to focus our conversation about whether “data append” practices should be allowed/disallowed in the standard, I was tasked with providing a crisp definition of “data append.”  I’ve also included a few use cases which I hope will further help the discussion.
>   
> Potential definition of Data Append:  the act of adding new information acquired from a third party to information collected about a website visitor.   
>   
> Use Cases:  Current business practices that would qualify as a “data append” vary greatly in scope, utility and function.  For example:
>   
> 1)      Firstparty.com (http://Firstparty.com) partners with Nike.  When a customer buys a Nike shoe, they get 6 months free of a health-related service on the firstparty.com (http://firstparty.com).  The customer must visit firstparty.com (http://firstparty.com) and enter a code to receive the service.  When the customer visits Firstparty.com (http://Firstparty.com), they enter the code which firstparty.com (http://firstparty.com) matches up to the sale of the Nike shoe.  The process of matching up a code with the offline sale would be considered a data append.  With restrictions on data append, DNT:1 users would not be able to participate in promotional campaigns.
>    
> 2)      Firstparty.com (http://Firstparty.com) has a large database of customers.  Occasionally, they buy data from a third party to clean up the database (purge bad email addresses, correct address information, etc).  This would be considered a data append.
>    
> 3)      A user wants to create an account on Firstparty.com (http://Firstparty.com).  They type in their address and firstparty.com (http://firstparty.com) uses a third party data provider to automatically fill-in the zip code.  That would be a data append.    
>   
> 4)      Firstparty.com (http://Firstparty.com) sells flowers via business relationships with florists around the country.  When the user visits the site, firstparty.com (http://firstparty.com) might use a third party that matches the user’s IP address with the user’s likely location within a metropolitan area.  The location information is then used to customize the inventory available to that customer.  This practice would also be a data append.
>   
> 5)      Firstparty.com (http://Firstparty.com) might acquire data from a third party about the demographics and behavior of firstparty.com (http://firstparty.com)’s users.  The third party collected the data after users opted in.  This would be considered a data append despite the fact that users opted in to the third party data collection.
>   
>   
> Chris Pedigo
> VP, Government Affairs
> Online Publishers Association
> (202) 744-2967
>   
>  
>  
>  
>  

Received on Tuesday, 4 September 2012 21:24:26 UTC