Re: made by the user

To provide some context, this language dates at least as far back as the October 2012 Working Draft of the Compliance doc. I believe the intent was to define the concept of requests made by the user to include HTTP requests -- like loading widgets or web pages. We might casually say that a user (through a user agent) made a request to load an ad, even though a user didn't specifically have knowledge of the URL of the ad iframe or the set of HTTP steps.

That being said, neither the editors' draft nor the June draft make any normative use of "made by the user". Instead, our drafts have referred to "network transaction" or "network interaction". Definitions of first/third party have included concepts of user intention or expectation (what I take Chris to be referring to below) but not with the "made by" terminology. I suspect we can leave this to the editors or return to it during cleanup, but we may be able to remove this phrase definition if it isn't used.


On Jun 13, 2013, at 7:26 AM, Chris Mejia <> wrote:

> With respect to:
> "A user is an individual human. When user agent software accesses online resources, whether or not the user understands or has specific knowledge of a particular request, that request is "made by the user."
> I believe there is a fundamental disconnect in the definition of "made by the user".  If the user is an individual HUMAN, yet has no specific knowledge of a particular request, then that request can't possibly be made by the user/a human.  If the user/human has no specific knowledge of a particular request, that request does NOT represent a user/human interaction-- it would rather represent a device/technilogical interaction.
> Chris

Received on Friday, 14 June 2013 01:24:02 UTC