Re: ISSUE-5: Consensus definition of "tracking" for the intro?

Hi Mike,

thanks for your feedback!

I have two questions:
- Could you live with the proposed text if we decided not to change it?
- If not, are there specific (hopefully small) text changes that we 
could make to allow you to live with this proposal?

Personal remark: While I agree with your points, it is important to note 
that we aim for a text that is "good enough" and  does not need to be 
I.e., an outcome that introduces tracking in a understandable way while 
covering 80% of what we mean would IMHO be good enough even if there are 
some corner cases that are not captured 100% accurately.

On 09/10/2013 22:11, Mike O'Neill wrote:
> I agree with David Singer that this is unclear. It seems to say retention of
> identifiers is OK within one domain origin but that would allow them by
> third-party frames and via redirection via other origin hosts. I know we
> don't mean that it could be read that way. To make it clear we would then
> have to further qualify the definition, maybe later when it is used for
> instance in the third-party compliance section. We would have to say data
> cannot be retained if referer(sic) headers, URL query parameters,
> postMessage events and whatever communicate cross-domain data i.e. that the
> identifier is somehow "attributable" to another domain/service.
> We could make this clear in the definition by adding some non-normative text
> like:
> Non-normative.
> It follows from this that data such as unique identifiers cannot be retained
> by a third-party if they can be associated with another host domain or
> service.
> Anyway, in my opinion the cross-domain qualification is already adequately
> made elsewhere and putting it here just complicates things, so we should
> remove "across multiple parties' domains or services and"  or use Option 3
> or 4.
> Mike
> -----Original Message-----
> From: Matthias Schunter (Intel Corporation) []
> Sent: 09 October 2013 18:36
> To: (
> Subject: ISSUE-5: Consensus definition of "tracking" for the intro?
> Hi Team,
> during our call, it seemed that the group was converging on a consensus for
> this definition of tracking (option 5 by Roy):
>           Tracking is the collection of data across multiple parties'
> domains or services and retention of that data in a
>           form that remains attributable to a specific user, user agent, or
> device.
> It is our "old" definition - corrected for grammar.
> Questions:
>    (a) Are there further required improvements that we need to introduce?
>    (b) Are there participants that cannot live with this style/type of
> definition (assuming we can provide the required final fine-tuning)?
> Regards,
> matthias

Received on Thursday, 10 October 2013 19:20:49 UTC