- From: Matthias Schunter (Intel Corporation) <mts-std@schunter.org>
- Date: Thu, 13 Jun 2013 22:37:23 +0200
- To: Craig Spiezle <craigs@otalliance.org>
- CC: 'Chris Mejia' <chris.mejia@iab.net>, public-tracking@w3.org
- Message-ID: <51BA2D83.2070506@schunter.org>
Hi Craig, thanks for clarifying. I personally agree that these questions are the right questions to ask. I also agree with your assessment. However, I am not sure whether can formalise necessary and sufficient conditions under which the use of a tool expresses a preference (i.e., a condition that says "use of a tool is an explicit expression of preference if and only if [text to be added]". Matthias On 13/06/2013 19:24, Craig Spiezle wrote: > > Fair point, but I think we need to look as some criteria > > ·What is the primary utility of a product / add on? > > ·How is it acquire / installed ? (pre-installed vs. purchase or download) > > In the case of a pre-installed browser one might suggest the primary > purpose is web browsing and searching, so for one pre-configured with > DNT=1 in the US is not compliant. It would be hard to conceive the > purchase of such a device was driven by a browser setting. > Conversely if one chooses to install a browser or add-on, not > pre-installed on their device in part due to the prominent positioning > of these privacy focused features(s) on by default one could argue > they made an explicit decision. > > *From:*Chris Mejia [mailto:chris.mejia@iab.net] > *Sent:* Thursday, June 13, 2013 9:09 AM > *To:* Matthias Schunter (Intel Corporation) > *Cc:* public-tracking@w3.org > *Subject:* Re: June Draft of the DNT compliance spec > > Hi Matthias, > > I'm concerned with: > > /"this is a very strong expression of a desire for privacy"/ > > It represents a slippery slope, open to personal interpretation, and a > certain vagueness that's hard to program for-- and thus should not be > in a tech spec. It would leave DNT compliance open for rather loose > interpretation-- and that would be a problem for publishers who are > left to make sense of this spec for their users. > > Here's a tangible and real example/concern, to support my point: > Microsoft is currently running strong television ads in some > jurisdictions around privacy. In some spots, they connect privacy, > even 'tracking protection,' to their IE10 product offering. Does that > make Microsoft's IE10 a "privacy browser", and are we now ok allowing > them to set/send DNT by default and be "compliant" with our spec? I > thought we already agreed, no, that's not ok. > > But if we allow this to be the case, what will keep any browser > company or other UA from simply saying that privacy is a key feature > of their browser and then also setting DNT by default, without any > real user action/understanding of the setting? Nothing. And then > DNT:1 will become ubiquitous, it will harm industry (especially > long-tail small publishers), and so on... > > Chris > > > On Jun 13, 2013, at 10:49 AM, "Matthias Schunter (Intel Corporation)" > <mts-std@schunter.org <mailto:mts-std@schunter.org>> wrote: > > Hi! > > my 2cents: > - From a user expectation point of view, I would expect that > whatever is turned on by private browsing (e.g., turning on DNT;1) > is then undone when I exit this mode (i.e., returning DNT to the > prior state). > > - The original intent (AFAIR) of the language I cited was to allow > installation of privacy tools (such as the anonymous browsing tool > "Tor") > and - since this is a very strong expression of a desire for > privacy - these tools may send DNT;1 by default. > Naturally, these tools MUST still need to implement the > exception API and provide a feature to return from DNT;1 to unset > or DNT;0. > > > Matthias > > On 13/06/2013 16:27, Alan Chapell wrote: > > Thanks Craig - > > I probably wasn't being clear enough in my question. As I > understand it, Safari turns on DNT automatically during a > Private Browsing session. I'm asking if DNT remains on, or is > turned off when the Private Browsing session ends. > > *From: *Craig Spiezle <craigs@otalliance.org > <mailto:craigs@otalliance.org>> > *Date: *Thursday, June 13, 2013 10:18 AM > *To: *Alan Chapell <achapell@chapellassociates.com > <mailto:achapell@chapellassociates.com>>, 'Justin Brookman' > <jbrookman@cdt.org <mailto:jbrookman@cdt.org>>, 'David Singer' > <singer@apple.com <mailto:singer@apple.com>> > *Cc: *'Shane Wiley' <wileys@yahoo-inc.com > <mailto:wileys@yahoo-inc.com>>, 'Peter Swire' > <peter@peterswire.net <mailto:peter@peterswire.net>>, > <public-tracking@w3.org <mailto:public-tracking@w3.org>> > *Subject: *RE: June Draft of the DNT compliance spec > *Resent-From: *<public-tracking@w3.org > <mailto:public-tracking@w3.org>> > *Resent-Date: *Thu, 13 Jun 2013 14:19:33 +0000 > > This is really determined by the browser vendor and or > user setting if "private browsing" (InPrivate, > Incognito...) is a session based or persistent setting. > > *From:*Alan Chapell [mailto:achapell@chapellassociates.com] > *Sent:* Thursday, June 13, 2013 7:07 AM > *To:* Justin Brookman; Craig Spiezle; David Singer > *Cc:* 'Shane Wiley'; 'Peter Swire'; public-tracking@w3.org > <mailto:public-tracking@w3.org> > *Subject:* Re: June Draft of the DNT compliance spec > > Thanks Justin. I was unaware of the Private Browsing feature. > > David, does Private Browsing turn on DNT automatically > during a private browsing session, and then turn it off > automatically once the private browsing session is over? > > *From: *Justin Brookman <jbrookman@cdt.org > <mailto:jbrookman@cdt.org>> > *Date: *Monday, June 10, 2013 12:37 PM > *To: *Craig Spiezle <craigs@otalliance.org > <mailto:craigs@otalliance.org>> > *Cc: *'Shane Wiley' <wileys@yahoo-inc.com > <mailto:wileys@yahoo-inc.com>>, Alan Chapell > <achapell@chapellassociates.com > <mailto:achapell@chapellassociates.com>>, 'Peter Swire' > <peter@peterswire.net <mailto:peter@peterswire.net>>, > <public-tracking@w3.org <mailto:public-tracking@w3.org>> > *Subject: *Re: June Draft of the DNT compliance spec > > Previously, I thought we had agreement that selection > of a special privacy-protective product or setting > could imply consent to send DNT:1 This agreement is > currently reflected in the TPE in Section 3: > http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#determining. > For example, I believe that Safari turns on DNT:1 > whenever someone engages "Private Browsing" mode, > despite no specific language about Do Not Track: > http://www.apple.com/safari/features.html > > However, that language/agreement may have been > subsumed by more recent discussions. > > On Jun 10, 2013, at 11:15 AM, "Craig Spiezle" > <craigs@otalliance.org <mailto:craigs@otalliance.org>> > wrote: > > > > > I apologize for possibly bringing up a closed issue, > but do you see a distinction between a browser or a > privacy / security enhancing product? I agree with > what is proposed by a browser, but see there might be > other scenarios where the consumer is making an > implied decision when acquiring a third party security > / privacy add-on?. > > Conceptually let's call the product Privacy and Data > Protector which by default out of the box offers > "maximized protection of your data collection and > privacy". Could one argue that one who purchases > such a product in effect is making an implied decision > to use such functionality. Better yet Ad-Block Plus? > > *From:*Shane Wiley [mailto:wileys@yahoo-inc.com > <http://yahoo-inc.com>] > *Sent:*Monday, June 10, 2013 7:17 AM > *To:*Alan Chapell; Peter Swire;public-tracking@w3.org > <mailto:public-tracking@w3.org> > *Subject:*RE: June Draft of the DNT compliance spec > > Friendly amendment suggestion: > > "...unless they have otherwise obtained consent from > the user to do so." > > - Shane > > *From:*Alan Chapell > [mailto:achapell@chapellassociates.com] > *Sent:*Monday, June 10, 2013 6:31 AM > *To:*Peter Swire;public-tracking@w3.org > <mailto:public-tracking@w3.org> > *Subject:*Re: June Draft of the DNT compliance spec > > Thanks Peter. I'm still generally uncomfortable that > DNT doesn't place requirements on First Parties. > > One item of particular concern that seems to have > fallen off the radar is the scenario where a party > collects data in a first party context and attempts to > use it in a third party context when DNT is enabled. I > thought there was agreement on this issue. However, I > keep raising it, and it doesn't seem to make it into > the drafts. Perhaps its implied in the language > "... customize the content, services, and advertising > in the context of the first party experience." > However, it is not clear enough, IMHO. > > To address, I offer the following language to Section > 4 (First Party Compliance). The new language is below. > > First Parties /must not/ use data collected while a > First Party when acting as a Third-Party when DNT = 1. > > Nick -- if I need to open up another issue on this, > please let me know. Thanks! > > Alan > > *From:*Peter Swire <peter@peterswire.net > <mailto:peter@peterswire.net>> > *Date:*Monday, June 10, 2013 7:47 AM > *To:*"public-tracking@w3.org > <mailto:public-tracking@w3.org>" > <public-tracking@w3.org <mailto:public-tracking@w3.org>> > *Subject:*June Draft of the DNT compliance spec > *Resent-From:*<public-tracking@w3.org > <mailto:public-tracking@w3.org>> > *Resent-Date:*Mon, 10 Jun 2013 11:47:58 +0000 > > To the Working Group: > > Attached please find a June Draft of the > compliance spec. The spec is also available at: > > http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance-june.html > > This draft builds directly on the Consensus Action > Summary from the Sunnyvale F2F. Working closely > with W3C staff, and based on numerous discussions > with members of the WG, this June Draft is my best > current estimate of a document that can be the > basis for a consensus document in time for Last Call. > > The June Draft includes a number of_grammatical > and stylistic edits_to various provisions of the > previous working drafts. These sorts of edits > were done in hopes of adding clarity and good > writing to the provisions. In the spirit of > humility, W3C staff and I recognize that members > of the WG may spot substantive objections to these > stylistic edits -- let us work within a > constructive spirit of the working group process > to examine and, where appropriate, make changes to > these edits. > > The Draft also addresses the_four task > areas_included in the Consensus Action Summary. > In proposing language in the June Draft, my intent > and belief was to make good substantive judgments > about an_overall package_that may achieve > consensus, as well as item-by-item judgments about > what is substantively most defensible within the > context of the WG. Clearly, the group will need > to work through each piece of the text, members > can suggest alternatives, and we will need to > determine where and whether consensus exists. > > The June Draft contains_normative text but not > non-normative text_. In part, this reflects my > view that we have the best chance to work > constructively on a relatively short amount of > normative text. Proposed non-normative text can be > proposed for provisions in time for Last Call. As > a potentially useful alternative, W3C has various > mechanisms for publishing notes or other documents > that illuminate a standard. The best time for > detailed discussion of most non-normative text > quite possibly will be after Last Call. > > The June Draft discusses_only items that the W3C > WG can address_. Clearly, the actions of others > on these issues may be relevant to the overall > outcome. For instance, the DAA has discussed > changes to its code, including on its market > research and product development exceptions. > There has been discussion of a potentially useful > limit on any blocking of 3d party cookies for > sites that comply withDNT. There may also be new > and useful technical measures that would be > important to the future of advertising in a > privacy-protective manner. The text here, as > indicated, addresses what would be within the > compliance spec itself. > > W3C staff and I are working on further explanatory > materials that will seek to clarify the changes > here, and link the June Draft to the issues on the > WG site. > > The regular call this Wednesday will be an > opportunity for the Group to have an > initialdiscussion of the June Draft. To give > everyone a chance to review this material, we will > not be seeking to close compliance issues during > this Wednesday's calls. > > Thank you, > > Peter > > Prof. Peter P. Swire > > C. William O'Neill Professor of Law > > Ohio State University > > 240.994.4142 > > www.peterswire.net <http://www.peterswire.net> > > Beginning August 2013: > > Nancy J. and Lawrence P. Huang Professor > > Law and Ethics Program > > Scheller College of Business > > Georgia Institute of Technology >
Received on Thursday, 13 June 2013 20:53:05 UTC