RE: Audience Measurement Permitted Use (ISSUE-25)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Kathy,

If the data is aggregated  enough to be de-identified) there is no need to worry about DNT.

I think if people find their setting DNT:1 gets ignored (and they see UIDs being dropped) they will increasingly resort to script and cookie blockers, with no chance to engage with them and explain your intentions/good faith.

In my opinion it would be better for Audience Measurement to use DNT as a generally available and easy to use right-to-object, and use DNT:0 or an OOBC opt-in cookie as a clear indication of counteracting consent.

Mike


From: Kathy Joe [mailto:kathy@esomar.org]
Sent: 17 September 2014 16:59
To: Mike O'Neill
Cc: rob@blaeu.com; Justin Brookman; Public-tracking Working Group
Subject: Re: Audience Measurement Permitted Use (ISSUE-25)

Hi Mike
As you will have understood from our lengthy explanation of audience measurement, the online ecosphere, including public bodies and government broadcasters, depends on independent audience measurement.
As we have therefore requested that audience measurement be a permitted use with a distinct purpose, we want to provide information to those users who are concerned, that the data is used as aggregated measurement statistics and will not have a detrimental impact on a user, so they can make an educated choice about opting out.
Kathy Joe
ESOMAR, the World Association for Social, Opinion and Market Research, is the essential organisation for encouraging, advancing and elevating market research worldwide.

On 17 Sep 2014, at 16:44, Mike O'Neill <michael.oneill@baycloud.com> wrote:

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Kathy,

Wire not just use DNT:1? Why invent another signal when an adequate alternative exists (which we have all been working on)? It is more likely to get the seal of approval in EU also.

Mike

From: Kathy Joe [mailto:kathy@esomar.org]
Sent: 17 September 2014 15:38
To: rob@blaeu.com
Cc: Justin Brookman; Public-tracking Working Group
Subject: Re: Audience Measurement Permitted Use (ISSUE-25)

Dear Rob,

A beta test version of the opt-out system that we proposed last year is being developed and will be launched soon.

Kathy Joe,
Director, International Standards and Public Affairs
ESOMAR, the World Association for Social, Opinion and Market Research, is the essential organisation for encouraging, advancing and elevating market research worldwide.

On 12 Sep 2014, at 20:47, Rob van Eijk <rob@blaeu.com> wrote:


Justin,

The current audience measurement text is not fit for purpose at all:

- - - Changing the text to align it with the rest of the TCM would go beyond editorial changes.

- - - The opt-out platform that is described in the proposal is not implemented. No timeline has been given, so after 1,5 year the audience measurement industry hasn't shown any tangible results.

Rob


Justin Brookman schreef op 2014-09-12 16:46:
I asked ESOMAR whether they wanted to revise their proposal; they
declined. However, I don’t think the definition of tracking changes
anything — Audience Measurement is offered as a “permitted use”;
permitted uses contemplate behavior that is in fact tracking, but is
allowed nonetheless under a compliance regime as something that is
functionally necessary to make the web work (such as fraud prevention
and attribution).
On Sep 12, 2014, at 7:07 AM, Rob van Eijk <rob@blaeu.com> wrote:
Two more issues that I think need to be addressed:
1. The Esomar proposal does not align with the current definition of tracking. A permitted use would allow measurement of individual users across different contexts. The porposal is from June 2013 and needs to be updated in the light of all definitions and discussions that took place since then.
2. In addition, a 'no sharing' requirement should move to a generic requirement for all permitted uses (3.3.1 General Requirements for Permitted Uses).
Rob
Rob van Eijk schreef op 2014-09-12 12:42:
Dear Justin,
The Esomar proposal does not align with where we are with the term
permanently deidentified and uses confusing terms as pseudonymised and
de-identified and de-identification. The proposal needs to be updated
in the light of the outcome of ISSUE-188 before moving forward.
Rob
Justin Brookman schreef op 2014-09-11 20:26:
The precise rules for audience measurement are contained in the ESOMAR
proposal.
http://www.w3.org/wiki/Privacy/TPWG/Change_Proposal_Audience_Measurement#Audience_Measurement_Permitted_Use
[1]
There will be an option for no audience measurement permitted use as
well.
Lee Tien from EFF has previously proposed letting companies retain
protocol information for two weeks for audience measurement; I have
separately reached out to him to ask whether he wants that to be
included as an option as well.
On Sep 11, 2014, at 1:41 PM, Rob van Eijk <rob@blaeu.com> wrote:
We also need to talk about the concept of audience. I feel we need
to discuss what this means. At the moment, the concept means
different things in different markets.
Perhaps we need a new issue to hash this out.
Rob
Rob van Eijk schreef op 2014-09-11 18:02:
The problem with audience measurement has been that it does not
provide an opt-out.
Add a permitted use under DNT leaves users empty handed.
For me a permitted use is therefore, how carefully crafted it may
be,
at the moment a bridge too far.
I therefore respectfully reqeust a if we get to a CFO on this issue,
to include an option to NOT include a permitted use for audience
measurement.
If new arguments for strengthening the user's position exist, e.g.
an
innovative opt-out system, please put those forward, so that we can
discuss these.
Rob
Shane M Wiley schreef op 2014-09-11 12:39:
We should agree to disagree then as the same statement could be
added
to every single provision of the document. Wasteful...
- - - Shane
- - -----Original Message-----
From: Walter van Holst [mailto:walter.van.holst@xs4all.nl]
Sent: Thursday, September 11, 2014 3:34 AM
To: public-tracking@w3.org
Subject: RE: Audience Measurement Permitted Use (ISSUE-25)
On 2014-09-11 12:20, Shane M Wiley wrote:
I believe we already have a broad statement (which some believe is
unnecessary) that states nothing in the TCS is meant to contradict
local laws. Adding another non-normative statement to this FACT is
wasteful and unnecessary.
I disagree. We have such a broad statement since the group has
chosen
not to harmonise at the level of protection of the vast majority of
the industrialised world as well since it is not feasible to check
every bit of the compliance specification with every jurisdiction on
the planet.
Having that statement does not take away from the utility of
pointing
out that a specific permitted use is not a permitted use in the
context of the jurisdiction of one of the largest economies when we
already know it doesn't. That is not wasteful, that is helpful.
Regards,
Walter
Links:
- - ------
[1]
http://www.w3.org/wiki/Privacy/TPWG/Change_Proposal_Audience_Measurement#Audience_Measurement_Permitted_Use


- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (MingW32)
Comment: Using gpg4o v3.3.26.5094 - http://www.gpg4o.com/
Charset: utf-8

iQEcBAEBAgAGBQJUGZ5CAAoJEHMxUy4uXm2JNLQIAJb5uI3Cd9eZ95K2a2a9y2pN
78kRLIKmDIkqUgv/4heckvz9RP2aU5nc0ft4+STeqtUktkVaEgJRIE34/2ASspSU
nb/Gy0aihBcLqX3amCdFMgJNqvwVJkOksOrQwdNfWFd718wHV3wgQJvGHzVDQzb8
ZCIq3N5OCd3r2lCodxXc0EvaZKLBhBFkJBlnDKpwycjDWTJWoF4PvyaLjdrGkXRW
eRBGaGl2bunvrUqhePj3/LFmYWa/biigRZRjSHuQZemK8Pgmcb1Gj/jv7Nh3S+rg
HmNPpMNi7MjnR2TtShQlxhitODShWdnomhGWPIi71rvTkZicTjxcjfJLKZgCnqI=
=BVc1
- -----END PGP SIGNATURE-----
<PGPexch.htm><PGPexch.htm.sig>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (MingW32)
Comment: Using gpg4o v3.3.26.5094 - http://www.gpg4o.com/
Charset: utf-8

iQEcBAEBAgAGBQJUGbwUAAoJEHMxUy4uXm2J88IH/3aqunKa8Cn3/sMcvk5R+PsU
MbJ+7A6cFfd9VKKAES1GOwVXub2X9tFMAhuA/GSD5v13K2YfWVDm5nq4kHCwBz8c
66w5zMx57R0aa6NSpmxLFf051EeQ+JyvzG4I5WdtoHtCCSvTNbAsB1gV744iPIsa
4QoPsNaZcMWyIHPYPvq6GXmVNQiXqUJ+fGxS2Zz5nfENSUUKbYJc9U42bK/C80H4
lGSFm7HgQND9iWcSFRfgLjtGUyVB4kk5C+1l13z55D6BczGZch6ysIEyOKksnNz0
gyJ/EvRyDyjMVQ0qWEZlF94ACXDMRb6C9FWardDjpA3b+UuLOztxWLYsqBG/BZY=
=/2nZ
-----END PGP SIGNATURE-----