- From: Shane Wiley <wileys@yahoo-inc.com>
- Date: Mon, 27 May 2013 12:59:26 +0000
- To: Rigo Wenning <rigo@w3.org>, Shane <shane.wiley@yahoo.com>
- CC: "public-tracking@w3.org" <public-tracking@w3.org>
Rigo, Thank you for putting this together - it dropped off my radar in the blur of open issues and action items rapidly coming our way. I believe your text is close and covers many of the open issues we've been trying to resolve. One disagreement and one open issue: - Disagreement: I believe if a Site has received a Site-Wide Exception, this should flow through the auction model as well - FOR THAT TRANSACTION ONLY. For 3rd party direct exceptions (for example, the ad exchange receives an exception), this is not the case and I fully support your text in that case. - Open Issue: How does a 3rd party that may have received a UGE (DNT:0) from a user in a separate interaction, call upon that UGE in an exchange transaction where they're not able to speak to the UA directly. For example, Ad Server MNOP receives a web-wide UGE. An ad placement auction occurs on a site that does not receive a UGE (DNT:1) and this is passed into the auction so bidders are aware. When Ad Server MNOP bids on an ad placement on an Exchange, they are able to map to their own cookies and see that this user has granted them a UGE (DNT:0). Is Ad Server MNOP able to override the auction signal of DNT:1 if they have a record they've received a UGE from the user just prior to that transaction (DNT:0)? We believe this should be the case. Language slightly updated to cover these two items: --- A site may request an exception for one or more third party services used in conjunction with its own offer. Those third party services may wish to use other third parties to complete the request in a chain of interactions. The first party will not necessarily know in advance whether a known third party will use some other third parties. If a user-agent sends a tracking exception to a given combination of origin server and a named third party (or the named third party independently), the user agent will send DNT:0 to that named third party. By receiving the DNT:0 header, the named third party acquires the permission to track the user agent and collect the data and process it in any way allowed by the legal system it is operating in. Furthermore, the named third party receiving the DNT:0 header acquires at least the right to collect data and process it for the given interaction and any secondary use unless it receives a DNT:1 header from that particular identified user agent. The named third party is also allowed to transmit the collected data for uses related to _this_ interaction to its own sub-services and sub-sub-services (transitive permission). The tracking permission request triggered by the origin server is thus granted to the named third party and its sub- services. This is even true for sub-services that would normally receive a DNT:1 web-wide preference from the user-agent if the user agent would interact with this service directly. For advertisement networks this typically would mean that the collection and auction system chain can use the data for that interaction and combine it with existing profiles and data. The sub-services to the named third party also acquire an independent right to process the data for independent secondary uses for that specific transaction if there is a site-wide exception. For 3rd party direct exceptions, this is not the case unless they have, themselves, requested and obtained a DNT:0 header from the user agent. In our example of advertisement networks that means the sub-services can use existing profiles in combination with the data received, but they cannot store the received information into a profile until they have received a DNT:0 by their own or the exception in this case is Site-Wide. A named third party acquiring an exception with this mechanism MUST make sure that sub-services it uses acknowledge this constraint by requiring a "tl" header (5.2.3) from its sub-sub-services. -----Original Message----- From: Rigo Wenning [mailto:rigo@w3.org] Sent: Monday, May 27, 2013 1:25 AM To: Shane Cc: public-tracking@w3.org Subject: ACTION-203 : Text for transitive model Shane, I never got an answer on my proposed text: http://lists.w3.org/Archives/Public/public-tracking/2012May/0292.html What shall we do. Abandon/close? I still think this is useful to keep the auction model running. At least, this was the goal of the text. --Rigo
Received on Monday, 27 May 2013 13:00:25 UTC