W3C home > Mailing lists > Public > public-tracking@w3.org > February 2014

Re: tracking-ISSUE-240 (Context): Do we need to define context? [Tracking Preference Expression (DNT)]

From: Roy T. Fielding <fielding@gbiv.com>
Date: Wed, 5 Feb 2014 00:44:26 -0800
Cc: Ninja Marnau <ninja@w3.org>
Message-Id: <34F35F39-B788-4AEF-9364-87F8985258E6@gbiv.com>
To: Tracking Protection Working Group <public-tracking@w3.org>
I have changed my proposal as well, based on feedback regarding
problems with requiring a single privacy policy.  [In essence,
privacy policies often differ by region and are associated with
data when it is collected, whereas a site might consist of many
regional websites that combine data with permission from other
regional sources (e.g., Twitter), combine older resources with
new resources that have an updated policy, or combine multiple
resources under the most restrictive union of those policies.
A user of such sites would still consider them a single context,
so we are better off not tying user expectations to the presence
of a single policy.]

Proposal 1 - Common controller and group identity

A context is a set of resources with a common data controller
and a group identity that is easily discoverable by a user.
A context represents a typical user's expectations regarding
the boundaries of a commonly branded Web site (i.e., what makes
it distinct from sites with a different group identity) independent
of the technology, domain names, or parties operating that site
via one or more origin servers.



Roy T. Fielding                     <http://roy.gbiv.com/>
Senior Principal Scientist, Adobe   <https://www.adobe.com/>
Received on Wednesday, 5 February 2014 08:44:51 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:40:07 UTC