- From: Mike O'Neill <michael.oneill@baycloud.com>
- Date: Thu, 20 Jun 2013 22:21:10 +0100
- To: "Nicholas Doty" <npdoty@w3.org>
- Cc: <public-tracking@w3.org>
- Message-ID: <009801ce6dfc$163e4950$42badbf0$@baycloud.com>
Hi Nick, Here are my change proposals to the TPC June Draft. Mike 1. Scope Replace the term user-granted exception with user-granted tracking consent throughout the document. Justification. The word exception has a particular meaning in the context of software program flow and will be confusing here particularly when JavaScript issues are discussed. It is also not always an exception to a DNT general preference because it can be specified when the general preference is unset. 2. Definitions In paragraph 5 a new item 3. 3. has no independent right to use or share the data. Justification. The current wording is too broad especially when applied to data sharing. It could be read as saying that data could be shared in order for "correct operation" which could be construed to be for almost any purpose. The ability to use a third party for security and integrity etc. is already covered by item 2 "and used as directed by that client". This is important because the use of persistent identifiers in first-party contexts will take over the tracking role from third-party cookies and there will be pressure for them to be shared to support cross-domain tracking. A new set of definitions for persistent identifiers and duration. The term unique user identifier should be replaced by persistent identifier throughout the document. A persistent identifier is an arbitrary value held in the User-Agent whose purpose is to identify the User-Agent in subsequent transactions to a particular web domain. It may be encoded for example as the name or value attribute of an HTTP cookie, as an item in localStorage or recorded in some way in the cache. The duration of a persistent identifier is the maximum period of time it will be retained in the User-Agent. This could be implemented for example using the Expires or Max-Age attributes of an HTTP cookie so that it is automatically deleted by the User-Agent after the specified time period is exceeded. Justification. The original name in the TPC was persistent identifier which is a better term, though it still needs defining. An identifier may not need to be unique in order for it to be used for tracking, but it would have to be persistent. We should qualify permitted uses so the duration of any persistent identifiers is purpose limited. 3. User Agent Compliance In paragraph 1 replace Do Not Track preference with Do Not Track general preference Justification. This is to differentiate the DNT:0 case which could be optional for a general preference but required for a site-specific tracking consent indication i.e. created as a result of calling the API. A new paragraph 3. A user agent MUST have a default tracking preference of unset (not enabled) unless a specific tracking preference is implied by the decision to use that agent, or another default preference is needed in order to comply with applicable laws, regulations and judicial processes. Justification. The original wording in the TPE, allowing the choice of a privacy oriented user-agent, was better so why lose it, and it is possible that rights-based jurisdictions like the EU with an assumed right to privacy may require user-agents be supplied with DNT set by default. In paragraph 4. Remove MUST ensure that the tracking preference choices describe the parties to whom DNT applies Justification. This is unclear. If it is about the difference between first and third parties then it is irrelevant in Europe. 4. First Party Compliance Replace sentence 1 to paragraph 1 with: If a first party receives a DNT:1 signal it may react to it as if it were a third-party as described in section 5 below, for example in order to comply with applicable laws, regulations and judicial processes. Otherwise it MAY engage in its normal collection and use of information. Remove paragraph 3. Justification. First-parties may be required to follow third-party procedures, or may elect to off their own bat. 5. Third Party Compliance In paragraph 1 in both items 1 and 2 remove and any explicitly-granted exceptions. Justification. A UGE (or tracking consent) will result in DNT:0 anyway so this does not apply here. Remove paragraphs 5 and 7. Justification. No data should be collected when DNT is set unless it is for a permitted use. If "and otherwise be linked to" ends up being removed from the definition of de-identified data then this could create a gaping hole in the standard. 5.1.2 Data Minimisation, Retention and Transparency New paragraph 4. If persistent identifiers are used then their duration should be limited to the maximum necessary for such permitted use. Justification. If a permitted use requires a persistent identifier then it does not need to exist beyond the purpose of the permitted use. For example if it is necessary to detect unique visitors for frequency capping the duration could be no more than some number of minutes. 5.2 Permitted Uses Add a new paragraph 5. If a persistent identifier is required for any permitted use, for example in order to identify a unique visitor for billing or frequency capping purposes, the duration of the persistent identifier should be limited to the maximum necessary for such permitted use. Justification. Same as above.
Received on Thursday, 20 June 2013 21:22:12 UTC