FW: Comments on changes to P3P vocabulary

>  -----Original Message-----
> From: 	Jaye, Dan  
> Sent:	Sunday, April 30, 2000 11:58 PM
> To:	Lorrie Cranor (E-mail)
> Cc:	'p3p-comments@w3.org'
> Subject:	Comments on changes to P3P vocabulary
> 
> I appreciate the extensive effort that has gone into generating the
> current draft of the P3P specification.  The hard work from the team shows
> in the quality of the deliverable.
> 
> In addition, as one of the original project participants, it is rewarding
> to see that the intellectual property concerns over the original direction
> of the P3P project have been resolved.  
> 
> As P3P has been re-scoped, these issues are certainly moot.  The decision
> to eliminate data transfer has been addressed in your comments, and,
> although my opinion is that P3P is no longer as compelling for marketers
> and consumers, certainly the challenge of P3P has been simplified.
> 
> However, certain material changes to the vocabulary of P3P appeared in the
> February 8th draft.  No discussion or public comments justifiying these
> changes appears to be available, so I hope that my comments here will
> result in a clarification of the rational for these changes.
> 
> In particular the decision to eliminate the "identifiable" statement and
> the addition of a new "purpose" values that are not a purpose at all is of
> great concern.  
> 
> The identifiable statement has always been of concern because it has not
> necessarily distinguished with complete clarity between personally
> identifiable and individually identifiable data.     I understand that
> there were concerns about the definition of personally identifiable.
> Notwithstanding these concerns, dropping the construct completely
> eviscerates the value of P3P.  Every data protection statute and standard
> of which I am familiar tackles (albeit each with slight variations) the
> terminology of personal data.  Many consequences of this omission will
> result:  
> 
> Without a distinction between PII and non-PII in P3P, it becomes useless
> as a base vocabulary for filtering technologies that need to address this
> distinction.  It removes an incentive for companies to treat data
> anonymously because they will receive no favorable treatment by filtering
> engines when they follow an anonymous approach to data.  The omission of
> the Identifiable qualifier incents companies to interpret P3P to only
> apply to PII and not make any P3P disclosures with regard to non-PII.  I
> doubt this was the intent of the committee
> 
> In the CPExchange project and in the IETF Trust Mechanism for State Mgt
> draft, both standards hope to adopt P3P vocabulary and DTD as the
> default... without this capability built in to the "Core" vocabulary, P3P
> becomes a poor base vocabulary and a difficult standard to recommend as a
> starting point for other work.
> 
> With regard to the purposes section, the split of Tailoring the Users
> Experience to Explicit Customization and One time Targeting and the
> addition of Individual Profiling is problematic.  
> 
> One time Targeting arguably does not deal with any persistent data
> collection and one may argue about whether privacy implications are
> applicable in this case.  If I only use data from the current session and
> environment variables for tailoring content, this does not constitute data
> collection.  Hence it is not a purpose of data collection.  In addition,
> the use of the word Targeting in English perpetuates the unhelpful
> metaphor of corporation as hunter and consumer as hunted.  I would suggest
> that the original, neutral language of "tailoring" of content or messages
> be retained.   
> 
> The purpose "Individual Profiling" is neither a purpose or useful in this
> context and as defined..  Profiling is not a purpose, it is a process.
> Profiles are built for some purpose, not just for the sake of building
> them.  For example, user profiles may be used to help understand a web
> sites audience. User profiles might be used to understand what the tastes
> of web site visitors are so that the durable design of a web site can be
> improved.  User profiles might be used to understand what percentage of
> consumers who saw an advertisement actually made a purchase.  User
> profiles might be used to tailor the experience of an individual consumer.
> In addition, profiling, like targeting, is gaining a pejorative
> connotation as a "loaded" term, being associated by the popular media with
> the law enforcements use of apparent ethnic origin as a criteria for
> taking action.  Also, it is unclear how "profiling" as used relates to the
> "compiling...of personally identifiable information of that individual or
> computer", especially when the term personally identifiable information
> has not been defined.
> 
> With respect to categories, the category "unique identifiers" lumps any
> and all unique identifiers in the same category as such privacy-sensitive
> information as
> SSN's.  A closely held unique identifier for a browser relationship to a
> server within a specific context does not have the same implications as a
> widely shared and understood globally unique identifier.  Particularly
> given the absence of an "identifiable" qualifier, there will not be a
> meaningful way to distinguish collection of an SSN from clickstream
> collection for purposes such as research and logging.
> 
> Given the current state of the core vocabulary and the lack of a
> negotiation and transfer mechanism, there is underwhelming incentive in
> this standard for marketers to endorse this standard.
> 
> I suggest the following modifications to the current draft to address
> these concerns.
> 
> 1) Create a "Personally Identifiable" qualifier analogous to the original
> "Identifiable" qualifier.
> 
> 2) Omit the One-time Targeting purpose.or at least change it to "One-time
> Tailoring" or "Immediate Tailoring".
> 
> 3) Change the "profiling" purpose to "Ongoing Tailoring" with appropriate
> edits to constrain the definition to the use of individual data (PII or
> non-PII) for the purpose of tailoring a users experience.
> 
> 4) Consider separating out "globally unique identifiers" and "pairwise
> unique identifiers" or "secret unique identifiers".
> 
>

Received on Monday, 1 May 2000 00:00:33 UTC