Re: compliance section 2: scope & goals

I find that to be a very odd definition of "tracking".  Unless you actually
crawl through the data to "track" the behavior of one or more users, you
are not "tracking".  Collection and retention creates a pool of data that
could be used to accomplish tracking, but do not constitute "tracking".

--ronan


On Wed, Apr 17, 2013 at 1:54 PM, Aleecia M. McDonald <aleecia@aleecia.com>wrote:

> I am very close to being able to live with Justin's text, which is:
>
>         "Tracking" is understood by this standard as the collection and
> retention of data across multiple parties' domains or services in a form
> such that it can be attributed to a specific user, user agent, or device.
>
> My objection is to how we definitionally claim that first parties do not
> track. As I have said repeatedly, I find that intellectually dishonest.
> Certainly it violates users' understanding of tracking as well. However, I
> readily and cheerfully acknowledge the group is at long-standing view that
> very, very little is asked of first parties. I would address that in scope
> rather than definition, which works neatly with the section title.
>
> (A) I propose something along these lines:
>
>         "Tracking" is understood by this standard as the collection and
> retention of data by domains or services in a form such that it can be
> attributed to a specific user, user agent, or device. First parties can and
> do track users under this standard; they need only follow Section 4 in
> order to comply.
>
> This is not meant to be a large change or to change substance. It just
> turns the definition into something I can read aloud with a straight face.
>
> (B) To address concerns Roy has raised in the past, I support (but can
> live without) text that addresses "of course we don't mean routers." This
> could look something like:
>
>         "Tracking" is understood by this standard as the collection and
> retention of data by domains or services in a form such that it can be
> attributed to a specific user, user agent, or device, exempting any
> technical storage or access for the sole purpose of carrying out or
> facilitating the transmission of a communication over an electronic
> communications network. First parties can and do track users under this
> standard; they need only follow Section 4 in order to comply.
>
> (That additional text should look familiar: Art 5(3).)
>
> Something like (A) is important to me, and I will keep objecting until I
> am blue in the face. In contrast, I think (B) helps avoid confusion in
> later sections of the specifications and is a generally good addition, but
> at present I would not object if it were absent.
>
>         Aleecia
> /* Do we use the word "standard" here? Perhaps "recommendation" or
> "texts"? */
>

Received on Wednesday, 17 April 2013 18:09:02 UTC