Re: [w3ctag/design-reviews] Cookies Having Independent Partitioned State (CHIPS) (#654)

howdy @torgo - thanks for that link and your work. 

The technical design of cross site cookie restrictions are part of a larger political and policy discussion. I know many engineers wish that this work was completely in a bubble where they didn't need to think about privacy laws or competition frameworks, or ongoing legal guidance from orgs like the CMA (https://www.gov.uk/government/news/cma-to-have-key-oversight-role-over-google-s-planned-removal-of-third-party-cookies), but that's not the world we live in. 

If G$ or any company wants to keep proposing technical changes to data architecture for the Chromium open source product in open discussion groups like the w3c, using the rules of the w3c as cover to push their bad policy proposals through, then I'm not sure why regulators and elected officials are allowing this type of regulatory capture of a technical standards process without also getting involved in the process. But they don't seem to be involved here much, so here I am, reminding people in this thread that there is an agreement between the UK CMA (A government entity) and the corporation whose engineers are proposing these changes in this thread, and the changes being proposed were specifically addressed in the UK CMA agreement requiring specific public notice and a commitment to analyze any updated proposals through both a privacy and market-access lens. 

It's unclear to me whether the w3c believes that the UK CMA's framework for cookie changes should be ignored, or if folks in the w3c groups are supposed to pretend like legal rulings and regulations aren't happening around us that specifically focus on the work being done here with cookie deprecations and cookie access changes. In just this past 6 months there have been huge impacts on real businesses in the stock market merely from "cookie proposals" - so mentioning these concerns maybe is "off topic" to some people, but to the companies being gutted by unexpected changes, this is not off topic, and many governments and people in government agree with this sentiment. Constantly changing proposals creates financial bubbles, and uncertainty in markets, and when one company is leading a large portion of these proposals, and the negative impacts are mostly falling on their competitors, we should not keep ignoring this as new cookie proposals are casually dropped in open standards groups.

Should we all pretend like we didn't have such a big problem with cookie deprecation policies that an entire government had to intervene in this process? Do folks think that speaks highly of the w3c process?

I'm not sure why bringing up the fact that Partitioned Cookies is a half-measure to full third party cookie blocking, and the political implications of that decision, are somehow off-topic, but that seems to be part of the regulatory capture that certain corporations rely upon when pushing features through these standard groups. There should be more people pointing out that some of these data flow changes conflict with other public promises to other market players, yet that hasn't happened yet. But tone and topic policing, we've got plenty of that.

If folks involved with the W3c think talking about companies and market access concerns when specific companies propose changes to global data architecture, is "off topic" - feel free to continue this tone policing or attempt to ban folks. Chromium is an open source product, the changes being made in Chromium are being regulated and investigated by governments across the world, and more people should be talking about the responsibilities to communicate the full scope of a cookie change, in the context of all the other changes, anytime and every time one of these cookie change proposals are pushed forward -- but especially so when the proposal comes from Google. 

All future cookie changes in Chromium (Again, an open source project, not owned by any corporation), when proposed through the w3c, should also be viewed through the lens of this UK CMA requirement: "A commitment to develop and implement the proposals in a way that avoids distortions to competition and the imposition of unfair terms on Chrome users. This includes a commitment to involve the CMA and the ICO in the development of the Proposals to ensure this objective is met." https://www.gov.uk/government/news/cma-to-have-key-oversight-role-over-google-s-planned-removal-of-third-party-cookies 

I likely won't have anything else to say on this thread, but I wanted to make sure it was clear that when a proposal says "This work is being funded by: Google" (see above in original post now) --- yet folks don't raise questions in the context of larger market agreements, then it's just ongoing proof that the w3c is a captured entity, and unable to regulate the Chromium proposals.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/654#issuecomment-873428811

Received on Saturday, 3 July 2021 15:59:38 UTC