Re: ISSUE-10 proposed text for discussion from Chris Mejia on 2013-10-30 (public-tracking@w3.org from October 2013)

From: Chris Mejia <chris.mejia@iab.net>
Date: Wed, 30 Oct 2013 15:24:30 +0000
To: Mike O'Neill <michael.oneill@baycloud.com>, "'Matthias Schunter (Intel Corporation)'" <mts-std@schunter.org>, "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <CE96728C.3BEF5%chris.mejia@iab.net>
Btw- service provider is a broad term. Any of the parties may have service providers that work on their behalf.  Perhaps we need to be specific: "service provider, for the first party" or "service provider, for the third party" or even "service provider, for the user"?


Chris Mejia | Digital Supply Chain Solutions | Ad Technology Group | Interactive Advertising Bureau – IAB


From: Mike O'Neill <michael.oneill@baycloud.com<mailto:michael.oneill@baycloud.com>>
Date: Wednesday, October 30, 2013 6:23 AM
To: Matthias Schunter - WC3 WG Co-Chair <mts-std@schunter.org<mailto:mts-std@schunter.org>>, W3C DNT Working Group Mailing List <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Subject: RE: ISSUE-10 proposed text for discussion
Resent-From: W3C DNT Working Group Mailing List <public-tracking@w3.org<mailto:public-tracking@w3.org>>
Resent-Date: Wednesday, October 30, 2013 6:24 AM

Hi Matthias,

Other than a service provider acting on behalf of the user (third-party definition) is a new one. I thought the definition of a service provider meant they were acting in the shoes of the first-party i.e. a data processor only acting on behalf of, and under contract with, a data controller. Acting on behalf of the user seems too broad, what use-case would it refer too?

Mike

From: Matthias Schunter (Intel Corporation) [mailto:mts-std@schunter.org]
Sent: 30 October 2013 13:02
To: public-tracking@w3.org<mailto:public-tracking@w3.org> (public-tracking@w3.org<mailto:public-tracking@w3.org>)
Subject: ISSUE-10 proposed text for discussion

Hi Team,

I tried to edit the proposed inputs that built on each other and were largely complementary into a cohesive overall text.
I have taken the base text, added options (2), (4),  and (5). ((4) should also satisfy (7)

My goal for the call is to further change this text into a consensus proposal. If this is not possible, we should aim for a complete alternative text to go into the CfO.


Regards,
matthias
Party<http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance.html#party>

(from (3):) A party is a natural person, a legal entity, or a set of legal entities that share common owner(s), common controller(s), and a group identity that is easily discoverable by a user.  (from (2):) Parties MUST provide transparency about what affiliates are considered part of the same party. Examples of ways to provide this transparency are through common branding or by providing a list of affiliates that is available via a link from a resource where a party describes DNT practices.

First Party<http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance.html#first-party>

(from (4)): Within the context of a given user action, a first party is a party with which the user intends to interact, via one or more network interactions, as a result of making that action. Merely hovering over, muting, pausing, or closing a given piece of content does not constitute a user's intent to interact with another party.

(from (0):) In most network interactions, there will be only one first party with which the user intends to interact. (from (4):) In some cases, a resource on the Web will be jointly controlled by two or more distinct parties. Each of those parties is considered a first party if a user would reasonably expect to communicate with all of them when accessing that resource. For example, prominent co-branding on the resource might lead a user to expect that multiple parties are responsible for the content or functionality.

(from (0)): NOTE: The party that owns and operates or has control over a branded or labeled embedded widget, search box, or similar service with which a user intentionally interacts is also considered a first party. If a user merely mouses over, closes, or mutes such content, that is not sufficient interaction to render the party a first party.

Third Party<http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance.html#third-party>

(from (5):) For any data collected as a result of one or more network interactions resulting from a user's action, a third party is any party other than that user, a first party for that user action, or a service provider acting on behalf of either that user or that first party.
Received on Wednesday, 30 October 2013 15:26:00 UTC