W3C home > Mailing lists > Public > public-tracking@w3.org > October 2013

Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current]

From: Walter van Holst <walter.van.holst@xs4all.nl>
Date: Fri, 04 Oct 2013 09:07:09 +0200
Message-ID: <524E691D.5000103@xs4all.nl>
To: public-tracking@w3.org
On 04/10/2013 08:41, Matthias Schunter (Intel Corporation) wrote:
> Hi!
> 
> 
> as indicated in my separate mail, we should differentiate between
> 1 - privacy-preserving personalisation by 3rd parties (i.e., data re-use
> across sessions within a 3rd party context)
> 2 - information transfer from 1st to 3rd party context
> 3 - information transfer from 3rd to 1st party context
> 
> My subjective interpretation is that Walter et. al. discuss (2) and
> maybe (3) while David seems to raise a point on (1).

Matthias,

You are correct that these are separate issues. As long as DNT:1 is
honored and no data collection takes place other than for permitted
uses, I have no issue with data re-use across sessions within a 3rd
party context.

For scenarios 2 and 3 there would ideally be no information transfer at
all (outside the permitted uses), although there may be corner cases
which would warrant that to happen. For example site-wide exceptions
granted through the UGE.

Maybe it is worth keeping in mind that if we consider the 1st party
context clear enough to justify 1st parties exempt from this standard,
it therefore becomes logical to keep that context by default separated
from 3rd party contexts.

Not to mention that data transferred between those contexts raises
serious competition issues in the case of an already dominant 1st party
who would get a leg up in other markets in its 3rd party quality. As
such it surprises me that David, who raised that issue in Amsterdam,
doesn't embrace this idea.

Regards,

 Walter
Received on Friday, 4 October 2013 07:07:38 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:45:19 UTC