Agenda for May 22 call

To the group:  Apologies that the agenda is circulating later than we planned.  Glitch in trading agenda material within the W3C family.

---------------------------
Administrative

---------------------------

1.  Confirmation of scribe – glad to accept volunteer in advance

2.  Offline-caller-identification:
If you intend to join the phone call, you must either associate your phone number with your IRC username once you've joined the call (command: "Zakim, [ID] is [name]" e.g., "Zakim, ??P19 is schunter" in my case), or let Nick know your phone number ahead of  time. If you are not comfortable with the Zakim IRC syntax for associating your phone number, please email your name and phone number to npdoty@w3.org<mailto:npdoty@w3.org>. We want to reduce (in fact, eliminate) the time spent on the call identifying phone numbers. Note that if your number is not identified and you do not respond to off-the-phone reminders via IRC, you will be dropped from the call.

---------------------------
TPE Spec: Matthias Schunter
---------------------------

3.  ISSUE-194 -- How should we ensure consent of users for DNT inputs?

open  http://www.w3.org/2011/tracking-protection/track/issues/194
Goal: - Separate signals/preferences from noise
Proposed resolution: Define 4 header values:
1

This UA is legacy or in testing mode and expresses user prefers not to be tracked on the target site.

0

This UA is legacy or in testing mode and expresses that a user prefers to allow tracking on the target site.

true

This user prefers not to be tracked on the target site and the UA confirms that this preference was collected while following the guidance in the DNT standards..

false

This user prefers to allow tracking on the target site and the UA confirms that this preference was collected while following the guidance in the DNT standards..

The idea is similar to the "!" signal for sites: Sites are required to adhere to the true/false preference and MAY adhere to 0/1 signals if they like. I would like to solicit feedback on this proposal that we discussed during our F2F.

4.  ISSUE-137 -- Does hybrid tracking status need to distinguish between first party (1) and outsourcing service provider acting as a first party (s) -- pending review http://www.w3.org/2011/tracking-protection/track/issues/137<http://www.w3.org/2011/tracking-protection/track/issues/137>
Progress on David's action?


---------------------------
Compliance Spec: Peter Swire
---------------------------

4.  Updates on Sunnyvale action items: audience measurement; data retention; red/yellow/green; browsers and user education/interface. Administrative clean-up of issues and tasks lists.

5.  Issue merger/clean-up.  The below list is from Yianni Lagos, trying to give a clearer format to the list circulated last week:

(1) Proposed Raised to Open Issues


 *   ISSUE-5 What is the definition of tracking?
 *   ISSUE-25 Audience Measurement
 *   ISSUE-170 Definition of and what/whether limitations around data append
 *   ISSUE 172 How should user agents be required to provide information about DNT? (short name user-education)

(2) Proposed new Open Issue

 *   Limitations on the use of unique identifiers

(3) Proposed Merged Issues

 *   ISSUE-5 Definition of tracking
    *   ISSUE-89 Does DNT mean at a high level: (a) no customization, users are seen for the first time, every time. (b) DNT is about data moving between sites.
    *   ISSUE-94 Is "Do Not Track" the right name to use?
 *   ISSUE-134 Would we additionally permit logs that are retained for a short enough period?
    *   ISSUE-142 How should protocol data be allowed to be used in the first N weeks?
 *   ISSUE-170 Data append
    *   ISSUE-154 Are First parties allowed to use data (either offline or online ) from third parties
    *   ISSUE-54 can first parties use declared data while in a 3rd party context?
    *   ISSUE-179 Make sure in the spec that we clarify information provided explicitly by a user (e.g. data typed into a form on a site with a clear privacy policy) is not subject to DNT.
 *   ISSUE-188 Definition of unlinkable data<http://www.w3.org/2011/tracking-protection/track/issues/188> (change to de-identified data)
    *   ISSUE-191 Non-normative Discussion of De-identification
 *   ISSUE-194 How should we ensure consent of users for DNT inputs?<http://www.w3.org/2011/tracking-protection/track/issues/194> (change short name user-consent)
    *   ISSUE-132 Should the spec speak to intermediaries or hosting providers to modify any responses/statements about DNT compliance?<http://www.w3.org/2011/tracking-protection/track/issues/132>
    *   ISSUE-149 Compliance section for user agents
    *   ISSUE-150 DNT conflicts from multiple user agents
    *   ISSUE-151 User Agent Requirement: Be able to handle an exception request
    *   ISSUE-163 How in the spec should we ensure user agents don't twist a user preference one way or another?
    *   ISSUE-177 Should we specify compliance requirements for software and hardware other than user agents? For example, is a web server package compliant if it tweaks DNT headers?

(4) Proposed Pending Review Stable

 *   ISSUE-10 What is a first party?
 *   ISSUE-16 What does it mean to collect data? (caching, logging, storage, retention, accumulation, profile etc.)
 *   ISSUE-22 Still have "operational use" of data (auditing of where ads are shown, impression tracking, etc.)
 *   ISSUE-24 Possible exemption for fraud detection and defense
 *   ISSUE-32 Sharing of data between entities via cookie syncing / identity brokering
 *   ISSUE-45 Companies making public commitments with a "regulatory hook" for US legal purposes
 *   ISSUE-49 Third party as first party - is a third party that collects data on behalf of the first party treated the same way as the first party?
 *   ISSUE-73 In order for analytics or other contracting to count as first-party: by contract, by technical silo, both silo and contract
 *   ISSUE-97 Re-direction, shortened URLs, click analytics -- what kind of tracking is this?
 *   ISSUE-99 How does DNT work with identity providers?
 *   ISSUE-119 Specify "absolutely not tracking"
 *   ISSUE-133 What effect does legal liability or consistent data practices between affiliates have on the definition of breadth of a party?
 *   ISSUE-148 What does DNT:0 mean?
 *   ISSUE-175 Have an appendix of best practices?
 *   ISSUE-178 Add "Marketing" to list of permitted uses in Compliance document
 *   ISSUE-180 Add "advertising" as a Permitted Use in the Compliance Document
 *   ISSUE-181 Finalize language regarding multiple first parties
 *   ISSUE-184 3rd party dependencies in 1st party content
 *   ISSUE-196 What compliance requirements apply when a signal has been disregarded?

(5) Proposed Closed

 *   ISSUE-60 Will a recipient know if it itself is a 1st or 3rd party?
 *   ISSUE-102 Short names & titles of specifications
 *   ISSUE-157 Charter is running out and we need to agree on whether to extend or recharter and what a revised charter would look like

(6) Proposed Narrowed Issue

 *   ISSUE-31 Minimization -- to what extent will minimization be required for use of a particular exemption? (conditional exemptions)
    *   Rename to narrow issue: whether to have firm retention limits that can only be exceeded with public disclosure of need?



---------------------------

6.  Announce next meeting & adjourn


================ Infrastructure =================

Zakim teleconference bridge:
VoIP:    sip:zakim@voip.w3.org<file:///sip/zakim@voip.w3.org>
Phone +1.617.761.6200 passcode TRACK (87225)
IRC Chat: irc.w3.org<http://irc.w3.org/>, port 6665, #dnt

*****


Prof. Peter P. Swire
C. William O'Neill Professor of Law
Ohio State University
240.994.4142
www.peterswire.net

Beginning August 2013:
Nancy J. and Lawrence P. Huang Professor
Law and Ethics Program
Scheller College of Business
Georgia Institute of Technology

Received on Tuesday, 21 May 2013 19:49:43 UTC