- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Mon, 16 Dec 2013 10:27:16 -0500
- To: public-webpayments@w3.org
On 12/14/2013 09:33 AM, Joseph Potvin wrote: > What shall be considered "acceptable use" of transactional data > generated through web payments systems? This is a huge policy can of worms typically covered by laws and regulations in a particular country. We can provide guidance via W3C NOTEs, but it will be very difficult to build technical standards to enforce the sort of behavior that we'd like, even if we come to a consensus on what the behavior should be. > Is the web payments standard itself the place to state a code of good > practice regarding what transaction data should normally be > structured into openly available statistics, and what's to be > restricted? Or can the standard simply refer to a coherent statement > on this? Technical standards typically do neither. What we can do is provide mechanisms to make the collection of statistics easier for organizations like consumer protection agencies, tax/revenue collection agencies, and anti-money laundering initiatives. We can certainly refer to coherent statements on the matter, but keep in mind that technical standards are supposed to be about just that - the technology. They're documents that implementers read to build interoperable systems. If there is a certain policy that we want to enforce, the technology must be designed to enforce that particular policy. A good example of this policy-enforcement-via-technology approach is the do-not-track login mechanism used by Persona. A Persona login assertion is created by the Identity Provider (IdP), but the IdP has no idea which website you're using that identity assertion with (it can't track what you're logging into). > For analytical purposes I would hope that anonymized data could be > available about "currency of transaction", but I wonder if making > any such info available would bother others. The thing is, for > analytical work it's really helpful If it's available, it would have to be voluntary by the payment processor, merchant, or other participant in the transaction. There could be legal/privacy issues related to the sharing of this data as well. The most that I think we could do is provide a standard data format for the data to be shared in. I have a feeling that governments will have more input in this area. -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: Meritora - Web payments commercial launch http://blog.meritora.com/launch/
Received on Monday, 16 December 2013 15:27:39 UTC