W3C home > Mailing lists > Public > public-tracking@w3.org > December 2013

Re: Chairs' decisions on Calls for Objection on tracking/party definitions (ISSUE-5, ISSUE-10)

From: Justin Brookman <jbrookman@cdt.org>
Date: Wed, 18 Dec 2013 11:43:26 -0500
Cc: <public-tracking@w3.org>
Message-Id: <4AC3C3F4-6F7E-4681-B6F0-6EA83D5BA876@cdt.org>
To: "Mike O'Neill" <michael.oneill@baycloud.com>
Hi Mike, I appreciate the feedback.  A couple thoughts below (not vetted by other Chairs, so perhaps they disagree with me).  More discussion is welcome.

On Dec 18, 2013, at 11:22 AM, "Mike O'Neill" <michael.oneill@baycloud.com> wrote:

> Justin,
>  
> Here are my immediate thoughts on the basis of the chairs’ decision.
>  
> It is not correct that “the Working Group’s understanding [is] that Do Not Track is not fundamentally intended to limit data collection and use by first parties”. The long standing intention is that DNT should limit the use of collected data by first parties by at least not permitting sharing of it with other parties.

Yes, but that language is just designed to prevent workarounds to the standard by which parties could still do cross-site tracking.  It doesn't envision any limitations on what the first party can do with the data itself for its own purposes, nefarious or benign.  Option B runs counter to that notion.

>  
> My objection was to the ambiguity of Option A which can be read as allowing activity data being collected and retained by anyparty (i.e. third-parties or first-parties), if it was derived solely from within that context. This immediately requires the definition of not only “contexts” but also the definition of data that has been tainted through its association with other contexts, and this could further delay the process of getting to LC.

We will be discussing whether we need to define or further describe context on the call today.  It would be very helpful if you could present specific textual proposals, though we're not going to adopt a definition of context that radically changes the definition we just agreed to.  I think that data that has been "tainted through its associations with other contexts" would constitute tracking under our definition, though if you want to suggest refining language, I'll bring it to the group to consider.

To be clear, not saying you should have textual proposals by noon EST today!  But as we move the new issue through the process, specific ideas (as early as possible!) would be appreciated.

>  
> This problem arises from trying to smuggle a particular compliance interpretation into the definition of tracking. A better way might be to have non-normative text saying that the DNT header (with the UGE API) has been designed to be primarily a cross-domain signalling mechanism which can be overridden by assumed consent in specific situations as described in the relevant compliance document, or by actual consent signalled by other mechanisms.

We are not trying to smuggle any compliance notions into the definition of tracking!  We are merely trying to articulate what the signal is designed to convey, and to whom.  The consensus of this group has been that the signal is not designed to tell first parties to not collect data about them.  For that reason, there were stronger objections to Option B.  I'm not entirely sure I understand the non-normative text you're suggesting, but if it's intended to say that DNT is meant to be a cross-domain signal to turn off first party data collection and use, I do not think that would be consistent with the group's decision (and I would argue long-standing agreement) on this issue.

>  
>  
> Mike
>  
>  
>  
> From: Justin Brookman [mailto:jbrookman@cdt.org] 
> Sent: 18 December 2013 03:43
> To: public-tracking@w3.org (public-tracking@w3.org)
> Subject: Chairs' decisions on Calls for Objection on tracking/party definitions (ISSUE-5, ISSUE-10)
>  
> Hello all, we announced the results of the Calls for Objection on tracking and party definitions on last week's call --- the chairs decided that Option A on both had the least strong objections, and would be added as definitions to both the TPE and TCS.  I'm attaching brief explanatory memoranda on both ISSUES that address the group members' substantive objections in some more detail.  I don't expect to discuss the merits of these issues on the call tomorrow, though if there are questions about what the decisions mean for the work going forward, feel free to bring them up!  Thanks again to all for their contributions and hard work on finalizing the TPE document for last call; I do believe the end is in sight.
>  
>  
Received on Wednesday, 18 December 2013 16:44:03 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:45:20 UTC