W3C home > Mailing lists > Public > public-tracking@w3.org > October 2013

Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current]

From: Justin Brookman <jbrookman@cdt.org>
Date: Wed, 2 Oct 2013 10:23:14 -0400
Message-Id: <B67EED5D-DF44-435D-A67B-B04EC5C94991@cdt.org>
To: Tracking Protection Working Group <public-tracking@w3.org>
Thanks, Walter.

Nick, this is similar to text previously proposed by Alan Chapell (and possibly John Simpson as well?), so Alan's language which is currently here in the wiki: http://www.w3.org/wiki/Privacy/TPWG/Change_Proposal_First_Party_Compliance should probably be moved to a new page that includes Walter's issue/text.

I think the issues of "first party compliance as a first party" and "first party compliance subsequently as a third party" are sufficiently distinct that we should treat them separately.

On Oct 2, 2013, at 9:59 AM, "Tracking Protection Working Group Issue Tracker" <sysbot+tracker@w3.org> wrote:

> tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current]
> 
> http://www.w3.org/2011/tracking-protection/track/issues/219
> 
> Raised by: Walter van Holst
> On product: Compliance Current
> 
> The current standard allows for a) 1st parties that sometimes also are 3rd parties to b) use data gathered in that 1st party quality when in a 3rd party quality. This runs counter to reasonable user expectations and against the very core issue: the tracking across different contexts. Therefore:
> 
> "the third party MUST NOT use data about previous network interactions in which it was a third party, outside of the permitted uses as defined within this recommendation and any explicitly-granted exceptions, provided in accordance with the requirements of this recommendation."
> 
> Should replaced with:
> 
> "the third party MUST NOT use data bout previous network interactions in which it was a party, outside of the meritted uses as defined within this recommendation and any explicitly-granted exceptions, provided in accordance with the requirements of this recommendation."
> 
> 
> 
Received on Wednesday, 2 October 2013 14:23:48 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:45:19 UTC