Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current]

If it will work for all the needed purposes, then that's great. But it's 
still aspirational, as it would have to be proven and then would take 
years and (hundreds of?) millions of dollars to transition. We can't 
release a standard based on this speculation. Therefore, the standard 
needs to allow today the use of unique IDs.

-David

On 2013-10-04 9:21 AM, Mike O'Neill wrote:
> David,
>
> They are not "required", the spec says they are allowed if there is no
> reasonable alternative. I already posted a way to do unique visitor
> detection without unique ids.
>
> Mike
>
>
> -----Original Message-----
> From: David Wainberg [mailto:dwainberg@appnexus.com]
> Sent: 04 October 2013 13:54
> To: Mike O'Neill
> Cc: 'Rob Sherman'; 'Walter van Holst'; public-tracking@w3.org
> Subject: Re: tracking-ISSUE-219 (Context separation): 3rd parties that are
> 1st parties must not use data across these contexts [Compliance Current]
>
> Mike,
>
> On 2013-10-03 11:11 AM, Mike O'Neill wrote:
>> Rob,
>>
>> The problem is not customisation per se but relying on the use of
>> persistent unique ids to do it. If you do not track you do not need
>> unique ids - you can still customise with low entropy cookies i.e. ("I
>> prefer green like buttons", "My preferred language is German"). Using
>> unique ids also lets you collect web activity. If someone has DNT set
>> and you do not have a permitted use you do not need to store or use (or
> derive) unique ids.
> I'm glad you agree that customization itself is not the issue.
>
> I don't think it's feasible to not have unique IDs, especially since they
> are required for the permitted uses.
>
> Best,
>
> David
>
>
>

Received on Friday, 4 October 2013 13:47:19 UTC