- From: Matthias Schunter (Intel Corporation) <mts-std@schunter.org>
- Date: Mon, 23 Sep 2013 10:09:38 +0200
- To: public-tracking@w3.org
Hi Roy et. al., thanks a lot for starting a discussion on potential change proposals for the party definition. I assume this is meant as input to ISSUE-10: Once we agree what a party is, defining a "first party" should be easier. Could you ensure that the "final" set of change proposals are sent to Nick/Wendy to be included into the Wiki? Thanks a lot, matthias On 23/09/2013 04:40, Roy T. Fielding wrote: > On Sep 21, 2013, at 6:09 AM, Walter van Holst wrote: >> On 21/09/2013 01:20, Roy T. Fielding wrote: >> >>>> 2.4 Party >>>> >>>> A party is any commercial, nonprofit, or governmental organization, a >>>> subsidiary or unit of such an organization, or a person. For unique >>>> corporate entities to qualify as a common party with respect to this >>>> document, those entities MUST be commonly owned and commonly controlled >>>> and MUST provide easy discoverability of affiliate organizations. A list >>>> of affiliates MUST be available through a single user interaction from >>>> each page, for example, by following a single link, or through a single >>>> click. >>> Replace with: >>> >>> A party is either a person or a set of legal entities that share a >>> common owner, controller, and public identity that is easily >>> discoverable by a user. >> Dear Roy, >> >> Your definition is a substantial improvement over the current text, so >> I'd prefer it regardless of whether the WG would accept the following >> tweaks: >> >> A party is either a natural person, a legal entity or a set of legal >> entities that share (a) common owner(s), controller(s) or public >> identity that is easily discoverable by a user or which a user can be >> reasonably expected to be aware of. In the case of a set of legal >> entities the discoverability of their affiliation MUST be provided >> through a single user interaction from each page, for example by >> following a single link or through a single click. >> >> The reason I'd like to retain the provisioning of affiliation of the >> original text is that it provides for an objective criterium whether the >> discoverability principle is upheld or not. Which is helpful for the >> transparency that this standard should contribute to. > Hi Walter, > > Thanks for the input. I understand your desire to add objective > criteria for discoverability, but there are three problems here: > > First, we aren't talking about pages, so requiring something be > added to every page can only be responded to with "What page?". > A first party isn't required to have pages. > > Second, I don't think it is appropriate for this standard to > require the addition of content to every page on the Internet. > I won't accept that as a requirement. Requiring that information > be present in the privacy policy is sufficient, IMO, since that > is where data collectors will address relevant privacy concerns. > > Third, this section is only attempting to define what is a > first party. There is an entire section, later in the document, > for requirements on first party conformance. If we are to make > such a requirement, it belongs there. In other words, a site > is a first party whether or not it has such links, so what your > text is really saying is that the first party must have those > links in order to share the data across more than one site. > Hence, it is a conformance requirement on sharing, not part > of the definition of a first party. > > In terms of phrasing, "a set of legal entities that share (a) > common owner(s), controller(s) or public identity" seems to make > that an OR choice (any one of), whereas I am pretty sure the other > WG members want it to be common ownership AND control AND a > discoverable. Likewise, "or which a user can be reasonably > expected to be aware of" seems redundant and impossible to test. > > The following is also fine with me: > > A party is a natural person, a legal entity, or a set of legal > entities that share common owner(s), common controller(s), and > a group identity that is easily discoverable by a user. > > > Cheers, > > Roy T. Fielding <http://roy.gbiv.com/> > Senior Principal Scientist, Adobe <https://www.adobe.com/> > >
Received on Monday, 23 September 2013 08:10:02 UTC