- From: Jonathan Mayer <jmayer@stanford.edu>
- Date: Tue, 4 Sep 2012 23:23:14 +0200
- To: Chris Pedigo <CPedigo@online-publishers.org>
- Cc: "public-tracking@w3.org" <public-tracking@w3.org>
- Message-ID: <99370A1C8DD54AFAAFCAEEA06038D743@gmail.com>
Under the EFF/Mozilla/Stanford compromise proposal, all but one of these use cases might not require an additional (and potentially quite broad) data append exception. Example 1: Much like widgets are promoted to first party status once the user "meaningfully" interacts with them, Nike could become a first party once the user submits his or her shoe purchase information. Example 3: A company that provides a geocoding API might qualify as a service provider. Example 4: Same as Example 3, but with an IP geolocation API. Coarse first-party IP geolocation is explicitly allowed. Example 5: A user can always grant permission for a particular information practice, like the opt-in demographic sharing in this example. On Tuesday, September 4, 2012 at 10:21 PM, Chris Pedigo wrote: > Hello all. In an effort to focus our conversation about whether “data append” practices should be allowed/disallowed in the standard, I was tasked with providing a crisp definition of “data append.” I’ve also included a few use cases which I hope will further help the discussion. > > Potential definition of Data Append: the act of adding new information acquired from a third party to information collected about a website visitor. > > Use Cases: Current business practices that would qualify as a “data append” vary greatly in scope, utility and function. For example: > > 1) Firstparty.com (http://Firstparty.com) partners with Nike. When a customer buys a Nike shoe, they get 6 months free of a health-related service on the firstparty.com (http://firstparty.com). The customer must visit firstparty.com (http://firstparty.com) and enter a code to receive the service. When the customer visits Firstparty.com (http://Firstparty.com), they enter the code which firstparty.com (http://firstparty.com) matches up to the sale of the Nike shoe. The process of matching up a code with the offline sale would be considered a data append. With restrictions on data append, DNT:1 users would not be able to participate in promotional campaigns. > > 2) Firstparty.com (http://Firstparty.com) has a large database of customers. Occasionally, they buy data from a third party to clean up the database (purge bad email addresses, correct address information, etc). This would be considered a data append. > > 3) A user wants to create an account on Firstparty.com (http://Firstparty.com). They type in their address and firstparty.com (http://firstparty.com) uses a third party data provider to automatically fill-in the zip code. That would be a data append. > > 4) Firstparty.com (http://Firstparty.com) sells flowers via business relationships with florists around the country. When the user visits the site, firstparty.com (http://firstparty.com) might use a third party that matches the user’s IP address with the user’s likely location within a metropolitan area. The location information is then used to customize the inventory available to that customer. This practice would also be a data append. > > 5) Firstparty.com (http://Firstparty.com) might acquire data from a third party about the demographics and behavior of firstparty.com (http://firstparty.com)’s users. The third party collected the data after users opted in. This would be considered a data append despite the fact that users opted in to the third party data collection. > > > Chris Pedigo > VP, Government Affairs > Online Publishers Association > (202) 744-2967 > > > > >
Received on Tuesday, 4 September 2012 21:24:26 UTC