- From: Roy T. Fielding <fielding@gbiv.com>
- Date: Fri, 3 May 2013 21:09:28 -0700
- To: Aleecia M. McDonald <aleecia@aleecia.com>
- Cc: "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
This is ISSUE-5 (definition of tracking). On Apr 17, 2013, at 10:54 AM, Aleecia M. McDonald wrote: > I am very close to being able to live with Justin's text, which is: > > "Tracking" is understood by this standard as the collection and retention of data across multiple parties' domains or services in a form such that it can be attributed to a specific user, user agent, or device. > > My objection is to how we definitionally claim that first parties do not track. As I have said repeatedly, I find that intellectually dishonest. Certainly it violates users' understanding of tracking as well. However, I readily and cheerfully acknowledge the group is at long-standing view that very, very little is asked of first parties. I would address that in scope rather than definition, which works neatly with the section title. I can't tell whether you consider collecting any personal data at a site to be "tracking", or simply that there are parties that own multiple sites and track across them. I can agree with the latter, but not the former. A first party site that keeps an access log of interactions to its own site should not be considered tracking the user. It would only be tracking if it shared or combined that log with other sites. The reason we focus on non-siloed third parties is because they do retain sufficient information to follow the user across multiple contexts. To be specific, we are trying to address the risk to privacy of following a user's activity across unrelated contexts. We are not enabling users to browse anonymously within a single context. If I have that wrong, please tell me why. This is important because it is much harder to agree that we have a solution to tracking if we think the user is asking for two different things. If we can't agree, then we should allow the user to ask for those two separate things directly (i.e., send DNT:A to mean let me browse anonymously) instead of assuming we each know what the user wants. ....Roy
Received on Saturday, 4 May 2013 04:09:52 UTC