Re: link shorteners etc.

They are third parties.


Jeffrey Chester
Center for Digital Democracy
1621 Connecticut Ave, NW, Suite 550
Washington, DC 20009
www.democraticmedia.org
www.digitalads.org
202-986-2220

On Jun 26, 2014, at 11:52 AM, Mike O'Neill <michael.oneill@baycloud.com> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi Shane,
> 
> I bet the vast majority of users do not look in the url to work out where the site is, they read the anchor text (or tweet whatever) explaining the destination. Nobody is going to work out where the shortener's policy page is to check and most are not even aware of the threat ( & I know of at least one privacy oriented shortener that does not track).
> 
> I was the one guilty of the +1,  I did not realise that was yellow card behaviour.
> 
> mike
> 
>> -----Original Message-----
>> From: Shane M Wiley [mailto:wileys@yahoo-inc.com]
>> Sent: 26 June 2014 15:42
>> To: David Singer; Walter van Holst
>> Cc: public-tracking@w3.org
>> Subject: RE: link shorteners etc.
>> 
>> 1st party status is not about "destinations" - although this is a novel and
>> interesting idea.  1st party status is about the user understanding the party they
>> are engaged with and having an obvious choice of not engaging with them by
>> not visiting their site.  Any URL that is visible to the user prior to clicking meets
>> this same bar - users are not required to click on a link shortener if they'd rather
>> not.  They can also visit the link shortener's address directly and read their
>> privacy policy prior to click on the link as well if they so choose.  Their
>> participation is not invisible.  The Mozilla Collusion extension does not display
>> link shorteners as a user's activity is not being tracked outside the context of
>> their active click on a link.
>> 
>> - Shane
>> 
>> -----Original Message-----
>> From: David Singer [mailto:singer@apple.com]
>> Sent: Thursday, June 26, 2014 7:25 AM
>> To: Walter van Holst
>> Cc: public-tracking@w3.org
>> Subject: Re: link shorteners etc.
>> 
>> Thank you for the analysis, I agree with your analysis of link shorteners.  (And I
>> think the conversation has otherwise got off track; we don't need to debate the
>> precise details of the 1st party rules nor why we got to where we are, to resolve
>> link shorteners.)
>> 
>> Perhaps we can work towards text on link shorteners now?
>> 
>> "For the avoidance of doubt, link shorteners are not destinations, and not
>> destinations that a user intends to visit, and hence are third parties as defined in
>> this recommendation." ?
>> 
>> 
>> On Jun 25, 2014, at 12:15 , Walter van Holst <walter.van.holst@xs4all.nl>
>> wrote:
>> 
>>> On 2014-06-25 20:24, David Singer wrote:
>>> 
>>> 
>>>>> That's why I introduced a qualifier of non-obviousness. And yes, it is
>> frustrating that it is unlikely to have a more concrete and tangible test than this
>> staple of law, the man in the Clapham omnibus, or whatever the equivalent is in
>> your local lawyer's vernacular. (Next time I'm in London I must make a
>> pilgrimage to Clapham by bus)
>>>> it's tricky in these click-baiting cases, isn't it?  what DID the user 'intend'?
>>> 
>>> Intent is always a slipper subject and fodder for behavioural psychologists. On
>> this particular topic however, we shouldn't get too academic. The only
>> justification we have for first parties being exempt from DNT is that first parties
>> tend to be a surfing destination, a context so to speak, on their own. >From that
>> perspective it would be strange to forbid tracking of user behaviour within that
>> context while the problem we want to address is tracking across contexts. A URL
>> shortener is no such destination and in practice tries to stay out of the way as
>> much as possible without any formal relationship with the user (unlike identity
>> providers) or the destination server (unlike content delivery networks). And it
>> doesn't take a great leap of faith to assume that the average user will not intent
>> to visit bit.ly in any way resembling the intent he or she has to visit
>> facebook.com
>>> 
>>> And to give an example of where I think intent becomes sufficiently blurred to
>> consider a destination a first party: www.apple.com being the default
>> homepage for Safari users. Even though a substantial number of visits to
>> apple.com is unintentional, it is sufficiently clear that it is Apple and the user can
>> change the default easily.
>>> 
>>> Regards,
>>> 
>>> Walter
>>> 
>> 
>> David Singer
>> Manager, Software Standards, Apple Inc.
>> 
>> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.13 (MingW32)
> Comment: Using gpg4o v3.3.26.5094 - http://www.gpg4o.com/
> Charset: utf-8
> 
> iQEcBAEBAgAGBQJTrEHMAAoJEHMxUy4uXm2JmqEH/0pwYef8g+hprQwE/Z1LfW+P
> dcr1PQxxlW0USZyj7/PuRTAD1j6Bgnnq2KVKz/hEkCfmsbU5AjefjG662x3WIyKM
> pzzlQz43lii2zoJvEhseDXe8r0rpzTfExLXxo1hk3KrLObY4MdeDpKDdMa3wMpeA
> 9ChKDACy4ZQ3Dnf8AQtZVZuo+4aX3fB928rVPMDPCfaxPmfp4g/ajWC7kQIBA4jT
> T27olKkC1HFgs1JiydbSPfO9FHG5BzOA9QAZYrM0OdDIwE08NI5QCl/SiMQgaHUe
> EBiKgSydi8wfuPDJa1f+WzmQgw5yJt6zzWfTAYIwx78HKrh0DO9JRbNtUe2VG48=
> =Iocw
> -----END PGP SIGNATURE-----
> 
> 
> 

Received on Thursday, 26 June 2014 20:19:34 UTC