- From: Nicholas Doty <npdoty@w3.org>
- Date: Wed, 26 Jun 2013 18:21:21 -0700
- To: "Amy Colando (LCA)" <acolando@microsoft.com>, Brooks Dobbs <brooks.dobbs@kbmg.com>, Alan Chapell <achapell@chapellassociates.com>
- Cc: "public-tracking@w3.org public-tracking@w3.org" <public-tracking@w3.org>
- Message-Id: <6907E31C-530E-4B90-9DCE-0864C73BA365@w3.org>
Hi Amy, Brooks, Alan, I've created issue 209 on the June Compliance product to track this issue. (The group has often considered these sorts of introductions to be editorial, but since we already have two proposals in the queue on this topic I thought it wouldn't hurt to create an issue out of caution.) This wiki page includes the change proposals below, along with the current text in the editors' draft: http://www.w3.org/wiki/Privacy/TPWG/Change_Proposal_Scope Thanks, Nick On Jun 26, 2013, at 5:50 AM, "Amy Colando (LCA)" <acolando@microsoft.com> wrote: > Microsoft has attempted to review the June Draft Compliance Specification within the time allowed by the chairs, and may have additional comments based on issues raised by others. In the meantime, we are submitting our Change Proposals on a Section by Section basis for consideration by TPWG participants. > > SECTION 1: SCOPE > * Virtually the only place that the defined term of "Tracking" is used in the document (besides the title) is in Section 1. The defined term of "Tracking" is very broad and exceeds the scope of third party tracking that the specification addresses. We propose modifying the following sentence by adding "third party" so that readers are aware that the goal behind restrictions on collection and use of data in this specification are primarily third party limitations: > > Do Not Track is designed to provide users with a simple preference expression to allow or limit online THIRD PARTY tracking globally or selectively. On Jun 26, 2013, at 8:56 AM, "Dobbs, Brooks" <Brooks.Dobbs@kbmg.com> wrote: > Alan Chapell and I share the concern that the opening sentence of the June draft is demonstrably inaccurate and is silent on a fundamental element of the spec. > > It currently starts: > > Section 1. Scope > Do Not Track is designed to provide users with a simple preference expression mechanism to allow or limit online tracking globally or selectively. … > > This is inaccurate because there are no compliance requirements to enable the expression of allowance, either selectively or globally. It may have been decided not to mandate DNT:0 as a UA requirement or make UGEs a requirement, but so long as such requirements do not exist, the Scope should not state that it was "designed" to provide them. > > Additionally as the document poses such dramatically different compliance obligations for 1st and 3rd parties, it seems to me to be entirely appropriate to at least mention this fundamental change in what compliance means in the different contexts within the Scope. > > I propose starting as follows: > > 1. Scope > Do Not Track is designed to provide users with a simple preference mechanism to limit online tracking relative to the collector being a 1st or 3rd party to the user. Do Not Track further lays the groundwork for how a user MAY express the allowance of tracking either globally or selectively. … > > To be clear, I am not commenting on the correctness of the 1st/3rd party requirements or the lack of mandate for DNT:0/UGE, but, as the spec currently stands, a change would seem in order. > > -Brooks
Received on Thursday, 27 June 2013 01:21:34 UTC