- From: Dan Auerbach <dan@eff.org>
- Date: Tue, 19 Mar 2013 15:46:30 -0700
- To: public-tracking@w3.org
- Message-ID: <5148EAC6.7050203@eff.org>
Thanks for sending out the text, John. I think it would be conceptually clean if the "data append" discussion were to also cover linking of data received as a first party with data received as a third party. Here's a concrete example. ExampleSocial has widgets embedded on other sites all over the web. A user who is signed into ExampleSocial may ordinarily get a personalized experience when browsing ("omg, here are your friends who also love justinbiebertotallyrules.com"). For DNT:1 users with no site exception for ExampleSocial, we must ensure that ExampleSocial cannot link the data it has received as a third-party with first party data. In other words, even if ExampleSocial receives a session cookie (or tracking cookie), is it NOT allowed to use that cookie to retrieve personal information in order to display a personalized widget on justinbiebertotallyrules.com, or in any way link any information from the request it receives on the third party site with first-party data. If we forbid ExampleSocial this linking, we of course will have forbidden data append in this instance. Dan PS Miraculously, justinbiebertotallyrules.com doesn't appear to be a registered domain. Yet. On 03/19/2013 03:10 PM, Jeffrey Chester wrote: > DNT should halt the practice of digital data append data chaining that > is now the norm in the industry. First and third parties have > seamlessly integrated real-time and complex forms of data append--used > for profiling, tracking, offers, etc. DNT:1 should signal to First > parties: No append without informed prior consent. Otherwise DNT > will be meaningless. > > > > > Jeffrey Chester > Center for Digital Democracy > 1621 Connecticut Ave, NW, Suite 550 > Washington, DC 20009 > www.democraticmedia.org <http://www.democraticmedia.org> > www.digitalads.org <http://www.digitalads.org> > 202-986-2220 > > On Mar 19, 2013, at 3:19 PM, Chris Pedigo wrote: > >> John, I continue to have many concerns about a “data append” >> restriction. Below, I have addressed what I perceive to be two >> concerns raised by proponents of a Data Append restriction. But, I >> am curious to know if you have additional concerns or comments. >> >> 1) Concern: In the process of a 1^st party acquiring data, the >> 1^st party may inadvertently share data with a third party (namely >> that a DNT:1 user visited the 1^st party’s site). >> >> I believe the standard already addresses this concern as 1^st >> parties are prohibited from sharing data with a 3^rd party that it >> could not otherwise collect for its independent use. Indeed, many >> “data appends” are conducted today using a double blind approach so >> that the 3^rd party never sees the 1^st party data. In some cases, >> the 3^rd party may see the data, but it would be contractually >> prohibited from using the data for its own use. Thus, it could >> qualify under the service provider provision (contract + no >> independent right to use data). Regardless of today’s practices, the >> prohibition on 1^st parties sharing data would address this concern. >> >> 2) Concern: 1^st parties should be prohibited from building >> profiles about its users. >> >> My concern with this kind of prohibition is that it would be >> completely inappropriate and out of scope for DNT. In a world where >> 1^st parties cannot share data and 3^rd parties cannot collect data >> about DNT:1 users, there are only certain kinds of data sets that >> would remain available to be appended – publicly available data, data >> collected with consent, off-line data and pre-DNT data. I think >> there is broad agreement that none of these data sets should be >> restricted by DNT. Moreover, we have already largely exempted 1^st >> parties from DNT, because consumers have different expectations with >> regard to 1^st parties. They have a direct relationship with the >> 1^st party since they chose to visit the site and consumers have >> fundamental choices about the sites they can visit (or not visit). >> >> Also, let’s take this one step further – what happens after a >> publisher has learned more about its audience? Under the rules of >> DNT, it still cannot share data about DNT:1 users. So, how would a >> publisher use this appended data set for its internal purposes? >> There are a few ways it would be used – 1^st party marketing, >> audience measurement and content personalization are the primary >> purposes. IMO, none of these uses violate a user’s expectations. >> >> In summary, I think DNT is useful because it provides a clean, easy >> way to express a preference with regard to 3^rd party data >> collection. We should remain focused on providing this basic >> functionality. >> >> >> *From:* Ian Fette (イアンフェッティ) [mailto:ifette@google.com] >> *Sent:* Tuesday, March 19, 2013 1:05 PM >> *To:* David Singer >> *Cc:* Working Group >> *Subject:* Re: DNT:1 and "data append" >> >> David, >> >> John's text was explicitly proposing restrictions on first parties. >> ("A 1st Party MUST NOT...") >> >> >> >> On Mon, Mar 18, 2013 at 6:16 PM, David Singer <singer@apple.com >> <mailto:singer@apple.com>> wrote: >> >> On Mar 18, 2013, at 15:52 , Ian Fette (イアンフェッティ) >> <ifette@google.com <mailto:ifette@google.com>> wrote: >> >> >> Presumably there would be some carve-outs here? E.g. if you come to >> my site with DNT1 and buy something with me, >> >> then the site just became a first party (unless somehow the user can >> buy without knowingly interacting with the site…), and there are few >> rules for you... >> >> John, can you back up a bit and remind me what the scenario is that >> troubles you, and then I can try to be more helpful... >> >> >> I'm going to share identifiable information with FedEx so that they >> can deliver your product... >> >> >> >> On Mon, Mar 18, 2013 at 3:44 PM, John Simpson >> <john@consumerwatchdog.org <mailto:john@consumerwatchdog.org>> wrote: >> Colleagues, >> >> I wanted to propose some privacy friendly text that would cover the >> "data append" situation when DNT:1 is sent. I think others are >> working on possible language, but I wanted to make my proposed >> language available for consideration and discussion. >> >> Normative >> When DNT:1 is received: >> >> -- A 1st Party MUST NOT share share identifiable data with another party. >> -- A 1st Party MUST NOT combine identifiable data from another party >> with data it has collected while a 1st Party. >> >> >> Cheers, >> John >> >> --------- >> John M. Simpson >> Privacy Project Director >> Consumer Watchdog >> 2701 Ocean Park Blvd., Suite 112 >> Santa Monica, CA, 90405 >> Tel: 310-392-7041 <tel:310-392-7041> >> Cell: 310-292-1902 <tel:310-292-1902> >> www.ConsumerWatchdog.org <http://www.consumerwatchdog.org/> >> john@consumerwatchdog.org <mailto:john@consumerwatchdog.org> >> >> >> >> >> >> >> >> >> >> >> David Singer >> Multimedia and Software Standards, Apple Inc. >> > -- Dan Auerbach Staff Technologist Electronic Frontier Foundation dan@eff.org 415 436 9333 x134
Received on Tuesday, 19 March 2013 22:46:59 UTC