RE: Goals and Procedures from Mike O'Neill on 2017-02-08 (public-tracking@w3.org from February 2017)

From: Mike O'Neill <michael.oneill@baycloud.com>
Date: Wed, 8 Feb 2017 10:22:35 -0000
To: "'David Singer'" <singer@mac.com>
Cc: "'Matthias Schunter $Intel Corporation$'" <mts-std@schunter.org>, <public-tracking@w3.org>
Message-ID: <04e801d281f5$4476e960$cd64bc20$@baycloud.com>

> > The problem arises when widget.com receives DNT:0. Because it cannot tell
>> the difference between site-specific and web-wide consent it could place a UID
>> cookie (or use one already there). This means if the user goes to another site
>> which refers  to widget.com the user identifying UID is sent in the request to it,
>> even though DNT will be 1 in this case.
>> 
> That is NOT a problem. widget.com can know in a myriad ways who the user is.
> But if it gets a DNT:1 and promises to respect it, it can’t *record* data about
> that transaction. It *can* act on data it was allowed to record.

Yes, but that relies completely on trusting the third-party, and users may not be prepared to do that.

The laws in Europe mean that user agreement is necessary. After May 2018 consent will be the only feasible option.

For users to agree, they have to trust the company. If they see a UID tracking them across the web when they only gave site-specific consent it may be harder to get them give it again. IMO it will be a lot harder to get them to agree to unqualified web-wide tracking.

The user identifier either has to be a first-party cookie communicated cross-domain, users have to trust sites to be blind to a third-party UID, or the browser supplies it using something like my proposal.

If it has to be done with first-party cookies consent has also to be communicable to and from the first-party, because the user could give or revoke site-specific consent in the browser or on the site - i.e. there has to be a transparent channel with the browser. Also, there needs to be a transparent channel between the first-party and its third-parties (too open-ended without it - recognised in the API principles at 7.2). We can address both of these by adding functionality to the API, e.g. to the confirm calls, as Shane and Aleecia suggested.

The fall-back has to be for the third-party with DNT:1 to be blind to any UID, as you say, but it should be possible to improve on that.

Received on Wednesday, 8 February 2017 10:23:47 UTC