- From: Marc Groman <mgroman@networkadvertising.org>
- Date: Sat, 29 Jun 2013 10:49:59 -0400
- To: Dan Auerbach <dan@eff.org>
- Cc: public-tracking@w3.org
- Message-Id: <D29C8D4E-400B-40BF-B551-FEB63667E18B@networkadvertising.org>
Dan, I know that Shane Wiley, Chris Mejia, Heather West, and many others are on vacation all next week as well. We'll discuss these issues on Wednesday, but we agree that there should be an additional opportunity for discussions before decisions are made. As you note, these are important issues and I'm looking forward to working with you and the entire Working Group. Have a great weekend. Marc --- Marc M. Groman Network Advertising Initiative | Executive Director and General Counsel 1634 Eye St. NW, Suite 750 Washington, DC 20006 P: 202-835-9810 | mgroman@networkadvertising.org On Jun 28, 2013, at 11:14 PM, Dan Auerbach wrote: > Hi Peter and everyone, > > I'm unfortunately on vacation next week and won't be available for this call. I have given a lot of thought and energy to the de-identification and unique id issues, so would like the opportunity to further discuss the following week once I'm back before any decisions are made. I will catch up with the minutes. I'd love to get to agreement on these issues, but they are tough and important, so we need to proceed carefully. > > Below are some quick comments addressing some of your questions: > > On 06/28/2013 02:56 PM, Peter Swire wrote: >> To the Working Group: >> >> W3C staff and I express appreciation for the hard and high-quality work that so many of you have put into submitting change proposals to the June Draft. This email alerts you to the initial work plan, for the coming week. We wanted to give you this information as soon as possible, and plan to circulate as soon as we can a more complete work plan through the end of July. >> >> For the call on Wednesday, July 3, we once again may go for up to 120 minutes if ittakes that long to complete the agenda. We will attempt to keep the call to the usual 90 minutes if we can. This email sets forth the current plan for the Wednesday call. >> >> De-identification. >> >> Perhaps not surprisingly in light of all the work done on the issue, the first topic will be to examine and discuss the multiple proposals on de-identification, as well as other provisions relating to identification. >> >> For this discussion, and comments on the list before Wednesday, we will address the change proposals, alphabetically from: Dan Auerbach, Rob van Eijk, Roy Fielding, and Thomas Schauf, as well as the DAA group. >> >> For the discussion, and comments prior to Wednesday, it would be helpful to comment on issues including: (1) how to choose between two- and three-stage proposals; > > I think the 2 stage proposal is simpler. If we move to a 3 stage proposal, the onus is on those advocating for this to (1) properly define the yellow stage, and (2) prove that it is useful to the group to have 3 stages. > > Regarding (1), I do not think it has been sufficiently defined. For example, what is a "suspect query string" in a URL? What are operational controls? What granularity is the geo information that supplants IP address? What rigorously defined properties does a yellow stage possess with respect to risk towards privacy that a red stage lacks? These are hard questions, and I'm not sure we will be able to answer them rigorously enough. > > Regarding (2), I don't think adding a stage has reduced our disagreement, but rather just shifted it. Whereas in the two stage process, we disagreed about the definition of de-identification and how it would apply to non-normative examples, with a three stage process, we now disagree with how much value the yellow stage has. Modulo definitional issues, I'm comfortable with a yellow stage as stated, provided it is used in an incredibly limited way and things move very quickly to green. I suspect that Shane disagrees with this, and thinks there is a lot of value in yellow. Given that we've just shifted disagreement, I'm not sure it's really a step forward. > > Also as a matter of politeness, since we agreed in Sunnyvale that we would come up with a new name for "yellow" given that both "de-identified" and "pseudonymous" were too contentious, I'd appreciate it if we could avoid using the latter two terms when talking about the 3 state proposal. Let's just use the placeholder "yellow" until we agree on what the state should be called. > >> (2) the pros and cons of the DAA proposed changed language, compared to the longstanding focus on language similar to the FTC’s three-part test; (3) clarifying any similarities and differences between Rob’s approach and the other two; and (4) how to think about the use of non-normative text here inaddition to normative text. > On (4), I very much agree with Adrian's comment on a call that if we can't begin to see close to eye to eye with respect to non-normative examples, it would be unwise to fool ourselves into thinking we have agreement. We have a concrete use case that is in contention that doesn't strike me as an edge case: a browsing history tied together by unique identifiers that stretches over a long time span, and has some fields altered, for example IP->Geo. Is this de-identified or not? If we can't answer that question, we don't have a good idea of what we are trying to define by the term. > >> >> Identification and Unique Identifiers. >> >> Another issue on identification and de-identification concerns the June Draft text that “Third parties MUST NOT rely on unique identifiers for users or devices if alternative solutions are reasonably available.” >> >> Amy Colando proposed a change to add “technically feasible” after “reasonably available.” >> >> The DAA group proposed deleting this provision entirely. >> >> For this discussion, it would be helpful to have comments and discussion on issues including: (1) the clarity (or lack thereof) of “reasonably available” and “technically feasible”; (2) evidence that such alternatives are available today or may soon be available; and (3) reasons for or against shifting to alternatives if they become “reasonably available” and/or “technically feasible.” > My biggest problem with this language is the lack of clarity regarding "technically feasible" and "reasonably available", and it's puzzling since no-unique-id solutions exist today. After discussion with various people, I don't think that it's too high a bar to forego the use of unique ids for DNT:1 users, except in one-off situations. For example, large successful ad companies have existed which do not use unique ids. I have yet to hear a compelling need, but for web companies that may have one that hasn't been raised in this working group, they are free to not implement this voluntary tracking standard. > >> >> The DAA Group proposal. >> >> After these discussions, the DAA group is invited to explain to the group its overall proposal for a path forward to Last Call. As I understand it, the DAA group has presented an integrated, overall proposal, where it would support what essentially is a package of proposed changes to the June Draft. >> >> With a presentation of this integrated package, the group can ask questions to clarify the multiple proposed changes, and begin a process of identifying areas where others in the group may agree to the proposal, or an amended version of theproposal, or else articulate reasons why they would not join a consensus on the proposal. >> >> In terms of work leading up to Wednesday’s call, please make proposed language changes directly to the wikis, while explaining the rationale for changes to the full list. >> >> Thank you, and information on other next steps will follow. (I note, however, that I likely will have limited connectivity this weekend.) >> >> Peter >> >> P.S. Please feel free to be working on the other change issues as well, as a way to move forward as effectively as possible. The point of this email is to highlight the group work in the coming days. >> >> >> >> >> >> Prof. Peter P. Swire >> C. William O'Neill Professor of Law >> >> Ohio State University >> 240.994.4142 >> www.peterswire.net >> >> Beginning August 2013: >> Nancy J. and Lawrence P. Huang Professor >> Law and Ethics Program >> Scheller College of Business >> Georgia Institute of Technology >> >
Attachments
- text/html attachment: stored
- image/gif attachment: logo_NAI.gif
Received on Saturday, 29 June 2013 14:50:57 UTC