Re: DNT:1 and "data append" from Alan Chapell on 2013-03-27 (public-tracking@w3.org from March 2013)

From: Alan Chapell <achapell@chapellassociates.com>
Date: Wed, 27 Mar 2013 11:23:49 -0400
To: Jeffrey Chester <jeff@democraticmedia.org>
CC: "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
Message-ID: <CD78855D.2DE8F%achapell@chapellassociates.com>
Thanks Jeff. GEO location lookup is certainly one real-time use of
information for ad targeting. I would suggest that this use should not be
prohibited by DNT. The trouble from my perspective: assuming we all agreed
that GEO location is not prohibited under DNT, I'm not sure how we guard
against additional data being pulled in at the same time as the GEO lookup.

Others on the list may be more aware than I of specific techniques in
existence today. Regardless of current practices, by creating a online /
offline loophole for DNT, we're simply encouraging the development of
techniques designed to fit within the loophole.

From:  Jeffrey Chester <jeff@democraticmedia.org>
Date:  Wednesday, March 27, 2013 10:58 AM
To:  Alan Chapell <achapell@chapellassociates.com>
Cc:  "public-tracking@w3.org (public-tracking@w3.org)"
<public-tracking@w3.org>
Subject:  Re: DNT:1 and "data append"
Resent-From:  <public-tracking@w3.org>
Resent-Date:  Wed, 27 Mar 2013 14:59:30 +0000

> Thanks for the clarification and I apologize.  We agree (oy vey, another
> problem for Randy R!).  Can you give example of off line data collected in
> real-time? Do you mean, for example, geo-location, payment and other info
> collected via sentient services that can be bundled into the profile?
> 
> I appreciate this discussion.
> 
> 
> 
> 
> Jeffrey Chester
> Center for Digital Democracy
> 1621 Connecticut Ave, NW, Suite 550
> Washington, DC 20009
> www.democraticmedia.org <http://www.democraticmedia.org>
> www.digitalads.org <http://www.digitalads.org>
> 202-986-2220
> 
> On Mar 27, 2013, at 10:47 AM, Alan Chapell wrote:
> 
>> Jeff:
>> 
>> I'm a bit surprised that I seem to be taking a more stringent position than
>> you in this area, but it may be an issue of misunderstanding on my part.
>> Allow me to rephrase:
>> 
>> Data collected from online sources and used for online ad targeting is
>> subject to DNT.
>> Data collected from offline sources and used for online ad targeting is NOT
>> subject to DNT. (a separate product)
>> 
>> Is that your position?
>> 
>> Does your position change if the offline data is obtained in a real time
>> environment?
>> 
>> From:  Jeffrey Chester <jeff@democraticmedia.org>
>> Date:  Wednesday, March 27, 2013 10:34 AM
>> To:  Alan Chapell <achapell@chapellassociates.com>
>> Cc:  Nicholas Doty <npdoty@w3.org>, "public-tracking@w3.org
>> (public-tracking@w3.org)" <public-tracking@w3.org>
>> Subject:  Re: DNT:1 and "data append"
>> Resent-From:  <public-tracking@w3.org>
>> Resent-Date:  Wed, 27 Mar 2013 14:35:11 +0000
>> 
>>> Alan:
>>> 
>>> Users should expect that their online data used for append products will not
>>> be incorporated into the targeting profile.  Databrokers may be able to
>>> provide offline and public data as a separate product.  But under DNT: 1,
>>> online tracking data should not be gathered or used.  DNT should foster
>>> better privacy practices in the real-time targeting data environment.
>>> 
>>> 
>>> Jeffrey Chester
>>> Center for Digital Democracy
>>> 1621 Connecticut Ave, NW, Suite 550
>>> Washington, DC 20009
>>> www.democraticmedia.org <http://www.democraticmedia.org/>
>>> www.digitalads.org <http://www.digitalads.org/>
>>> 202-986-2220
>>> 
>>> On Mar 27, 2013, at 10:20 AM, Alan Chapell wrote:
>>> 
>>>> Yes, the DNT HTTP header is an expression about an online transaction.
>>>> When DNT is enacted, an online transaction can't be tailored by a profile.
>>>> Whether that profile was derived from 1) a URL string across multiple
>>>> website visits or 2) an offline database should not matter. A User seeking
>>>> not to be tracked while online is unlikely to be able to make such
>>>> distinctions - and neither should we.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> On 3/27/13 1:26 AM, "Nicholas Doty" <npdoty@w3.org> wrote:
>>>> 
>>>>> On Mar 25, 2013, at 12:34 PM, Alan Chapell
>>>>> <achapell@chapellassociates.com> wrote:
>>>>> 
>>>>>> Thanks David. Perhaps this will help clarify where some of the confusion
>>>>>> lay. In any event, I look forward to discussing further on Wednesday.
>>>>>> 
>>>>>> On 3/21/13 3:16 PM, "David Singer" <singer@apple.com> wrote:
>>>>>> 
>>>>>>> I remain somewhat puzzled by this discussion.  Let's see if I can
>>>>>>> explain
>>>>>>> my puzzlement, and maybe the answers will help shed light.
>>>>>>> 
>>>>>>> DNT is an expression about privacy in an online transaction (between a
>>>>>>> user and their user-agent, and a server, over HTTP or similar
>>>>>>> protocols).
>>>>>> 
>>>>>> I recognize that this is the position of some in the group.
>>>>> 
>>>>> Is there disagreement on this part of David's summary? The DNT HTTP
>>>>> header is quite directly an expression about a particular online
>>>>> transaction. The group agreed very early on to make the expression apply
>>>>> to that particular request (which an HTTP header is well-suited for) and
>>>>> not to imply, for example, retroactive deletion.
>>>>> 
>>>>>> It's worth
>>>>>> noting that this is not how DNT is described in the charter. The charter
>>>>>> describes DNT as a "preference expression mechanism ("Do Not Track") and
>>>>>> technologies for selectively allowing or blocking tracking elements."
>>>>>> 
>>>>>> I note that we have chosen not to define tracking or "tracking elements"
>>>>>> in this working group, which may be a reason for some of the confusion.
>>>>> 
>>>>> To provide some context, the text in the charter "selectively allowing or
>>>>> blocking tracking elements" referred to formats for determining white and
>>>>> black listing for blocking purposes; we did some early work on the
>>>>> Tracking Selection Lists specification, working from a submission from
>>>>> Microsoft. The group has subsequently decided to stop work on those
>>>>> deliverables, with the preference for not working on formats that would
>>>>> enable blocking.
>>>>> 
>>>>> While "Do Not Track" in the press or in the terms of some companies has
>>>>> been used to refer to almost any privacy or blocking measure, we have
>>>>> used it here (and the charter follows this convention) to refer to the
>>>>> preference expression mechanism -- where you express the preference "Do
>>>>> Not Track" -- and not to blocking mechanisms, even though lists for
>>>>> selectively blocking HTTP requests were also in scope of the Tracking
>>>>> Protection Working Group.
>>>>> 
>>>>> Hope this provides some clarity,
>>>>> Nick
>>>>> 
>>>> 
>>>> 
>>>> 
>>> 
>
Received on Wednesday, 27 March 2013 15:24:26 UTC