IRC log of privacy on 2012-11-27

Timestamps are in UTC.

00:19:01 [nweaver]

nweaver has joined #privacy

00:20:01 [erikn]

erikn has joined #privacy

00:20:58 [JoeHallCDT]

JoeHallCDT has joined #privacy

00:21:38 [Joanne]

Joanne has joined #privacy

00:21:44 [Js]

Js has joined #privacy

00:21:54 [rigo]

rigo has joined #privacy

00:23:30 [jeff]

jeff has joined #privacy

00:24:20 [rigo]

rrsagent, please draft minutes

00:24:20 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/11/27-privacy-minutes.html rigo

00:25:20 [aleecia]

aleecia has joined #privacy

00:25:23 [johnsimpson]

johnsimpson has joined #privacy

00:26:46 [tlr]

tlr has joined #privacy

00:29:55 [ShaneWiley]

ShaneWiley has joined #privacy

00:30:17 [aleecia]

do we have a scribe?

00:30:28 [aleecia]

(because I didn't quite follow what just went by)

00:31:09 [aleecia]

perhaps Frederick could summarize the outcome on that little back & forth on current consent for OBA -- I think I missed at least one of the twists & turns there.

00:31:15 [rigo]

JoeHall: beyond, is the single point not only for expressing preference, but also a single point of information, but heavy lifting for an os?

00:31:16 [MarkL]

MarkL has joined #privacy

00:31:47 [rigo]

FW: necessary to guide the user. I have to write down in an app where my data is going. Hard to find?

00:31:53 [aleecia]

(of note for Joe, Mozilla put DNT into the OS for phones; others have not yet. OS seems to make sense for phones)

00:32:11 [rigo]

SW: ad choices, does that change the disoverabilty.

00:32:33 [JoeHallCDT]

(of note to Aleecia, I'd argut that iOS' LAT setting is also close, but a bit different. ;)

00:32:52 [rigo]

FW: how the icon is served, if it is guided out of portal, users tend to be confused. Is not the same design

00:34:23 [rigo]

ChrisMejia: Simpler opt-out mechanism, do not track is not well defined, what do you mean?

00:34:46 [rigo]

FW: coming from a legal framwork that defines what it means, hopefully DNT will match that

00:35:15 [rigo]

ND: do people want to opt out of three different things, or is one single click better?

00:35:22 [rigo]

FW: have no experience there

00:35:30 [ShaneWiley]

Aleecia, have you checked out iOS6's Advertising Identifier option?

00:35:55 [jeff]

jeff has joined #privacy

00:36:01 [rigo]

DavidWainberg (DW): Work for NAI, presentation of NAI, and what brought us here

00:36:06 [JoeHallCDT]

I think what Chris was saying there is that the more onerous opt-out mechanisms provide rich definitions about what each flavor of tracking is… DNT as it exists now in the browser do not do that.

00:36:07 [Reuben_Binns]

Reuben_Binns has joined #privacy

00:36:12 [aleecia]

Shane, I haven't yet -- thanks for the pointer.

00:36:31 [rigo]

... also tell you what 3rd party are and why they are important to the eco system

00:36:54 [npdoty]

npdoty has joined #privacy

00:37:09 [rigo]

... NAI codes of conduct, last update 2008, limitation on use of PII and sensitive data, enforceable rules

00:37:58 [rigo]

paper http://www.w3.org/2012/dnt-ws/position-papers/10.pdf

00:39:14 [rigo]

... most difficult thing was that sometimes information is sensitive in a certain context. Is our solution the best? Don't know, but have advanced the practice. Read every privacy policy and have improved them. Now disclosure of retention practices.

00:39:58 [nweaver]

A quick summary to save others looking up. For iOS6, the basic idea is a persistent per-advertiser cookie, that gets reset if the device is blanked. So its persistent like the UUID (device ID) while a device is owned, but is flushed on change. It can be disabled as well, General:About:Advertising. in the settings.

00:40:19 [Blase]

Blase has joined #privacy

00:40:48 [rigo]

... DNT and privacy debate has been over politicised and think we should get back into productive mode.

00:41:12 [rigo]

.... want a free democratic internet. (lists other agreements)

00:41:20 [JoeHallCDT]

quick corrections: UUID is not UDID as UUID() function in iOS includes timestamp (so unique, but includes time of creation, for storing). Also, the next iOS (6.1?) will allow resetting the identifier without a reset.

00:41:27 [nweaver]

OOPs, yeah. UDID...

00:41:30 [rigo]

... will create incentives for good actors.

00:41:50 [nweaver]

thanks. (I use UUIDs so much that I simply brain-typo UDID as UUID)

00:42:33 [rigo]

... Limitations can come from W3C or elsewhere, but have to be fair and reasonable.

00:43:08 [BerinSzoka]

BerinSzoka has joined #privacy

00:43:11 [rigo]

... Believe that the current DNT is creating perverse incentives.

00:43:27 [nweaver]

We already HAVE huge PII data collection. Google, Facebook are exhibit 1 and 2

00:43:35 [rigo]

... first party will collect, can do even collect PII.

00:43:36 [nweaver]

Both collecting massive PII for advertising

00:44:28 [rigo]

... while third parties are punished but only collect one id point

00:45:03 [rigo]

... => makes a point of advertisement as part of ecosystem

00:45:23 [rigo]

... need to have an impact assessment and consequences of how things are designed

00:45:43 [rigo]

.... third parties support publishers

00:46:08 [erikn]

The iOS identifier for advertising is a single identifier. It is not per-advertiser. It can be changed (without buying a new phone), unlike the UDID — that part is accurate. It cannot be disabled, but its use can be limited, as explained in a link within the Settings app.

00:46:16 [rigo]

... why behavioral is so important and contextual doesn't really help

00:47:31 [rigo]

... some are too small for contextual, some with niche content, but not interesting to advertiser

00:47:56 [Frank]

Frank has joined #privacy

00:48:14 [rigo]

... because its behavioral, it also works on niche content. Also helps SMEs as they can improve their impact per dollar

00:48:15 [nweaver]

Anyone try legally subpoenaing or search warrants submitted to advertising networks to recover user history?

00:48:58 [marc]

marc has joined #privacy

00:49:03 [rigo]

.... NAI committed to continue working on this, respect user's choices. And provide democratic internet

00:49:35 [aleecia]

@Shane, oh the UDID replacement. I drop nouns, yes: this.

00:49:46 [rigo]

Jeff: overly politicised: applaud your for that comment, applaud for going back in productive mode

00:50:48 [rigo]

... noted with interest the high complexity of getting the stakeholders so balanced. Not all of that can be done in TPWG due to charter limitation, looking forward to continue for the "beyond" part

00:52:04 [rigo]

FrankDawson: Perspective on future beyond DNT, advertisement and apps. In-App advertisement as the major increase. DNT may or may not solve that. For NAI, what are you doing for mobile apps? Code of conduct? What else?

00:52:38 [rigo]

DW: mobile is difficult, something we are working on. WGs are working on, currently not decided what directions

00:52:59 [rigo]

Deirdre: what the real problems are we are not focusing on? Can you elaborate?

00:54:33 [rigo]

DW: reluctance to enumerate the problems we are trying to solve? People have ideas, but difficult to really identify users concerns, real concerns like identity theft, what are risks of online advertisement. Like to do more work on NAI with users to address their concern

00:55:23 [rigo]

FW: practical: discovered privacy policies. What kind of privacy policy you mean. Policy of advertisers? Or the responsible for the portal?

00:55:50 [rigo]

... in EU portal also responsible for 3rd parties they chose

00:56:09 [rigo]

DW: we watch the first parties of our member companies

00:56:56 [jeff]

jeff has joined #privacy

00:57:19 [rigo]

... back to Deirdre's question. Personalization is creepy. Irony is that is only one single datapoint. Other things are more difficult have more data points and people do not realize.

00:58:31 [rigo]

Deirdre: Why should that happen here?. First vs Third parties is creating distortion, but in light of last discussion, what is the goal, this is data backend stuff

00:58:50 [rigo]

DW: anybody who is talking about it should think about the bigger picture

00:59:33 [rigo]

Christine: things you want to improve is that user shoudl be better improved.

01:00:08 [rigo]

?? from??: like your idea. I want thoughts on opt out of companies as opposed to DNT as browsing context

01:00:22 [rigo]

... people were not aware of all those tracking companies

01:01:01 [rigo]

DW: dunno about solution, DNT may be an improvement.

01:01:20 [rigo]

... can offer pick and chose, but users have to understand

01:01:28 [tlr]

rigo: David, I hear two things

01:01:33 [tlr]

... better information of the user - transparency

01:01:44 [tlr]

... in the discussion tomorrow on technical merits

01:01:53 [tlr]

... have submitted position paper that also goes toward the mobile stuff

01:01:57 [tlr]

... the other one is the "switch" thing

01:02:12 [tlr]

... next-generation information tools?

01:03:53 [rigo]

DW: Don't know. Too blunt of an instrument and too much of a choice so users do not understand. We don't understand and make choice. There is a balance somewhere, but dunno where it is. Google and Yahoo have interest manager, users where given

01:04:24 [rigo]

... then found out that people where editing the categories, not only removing

01:04:50 [rigo]

??(google): yes, people added categories, removed others. But a very low rate of opt-in

01:05:16 [rigo]

============

01:05:32 [rigo]

Reed Freeman, ESPC http://www.w3.org/2012/dnt-ws/position-papers/13.pdf

01:06:08 [rigo]

Reed: a lot of concern on ability to be tracked, put into narrow categories

01:06:34 [rigo]

... look at my google thing and both categories where wrong

01:06:37 [npdoty]

s/??(google)/AndrewSwerdlow/

01:06:41 [rigo]

.. .this will not be our last discussion

01:07:22 [rigo]

... company send email on behalf of other companies, fight spam, and enhance reach of the legitimate email

01:07:40 [rigo]

... => explains company

01:08:38 [npdoty]

http://www.espcoalition.org/

01:09:41 [rigo]

... we've been watching the W3C dialog. We appreciate the diligence and were uneasy about the lack of civility. Are happy that W3C is a good place for the exchange of information. Sometimes we have prejudices into all directions that are wrong and are here to revert them.

01:10:00 [nweaver]

I wonder if the NAI opt-out is actually effective/reliable. E.g. I tried it on a clean firefox run, which had somehow gotten a Yahoo advertising cookie. I ran their opt-out tool and although the opt-out cookie is set, the yahoo "B" cookie, with value aaji3qd8b8489&b=4&d=4auM3vprYH0wsQ--&s=0r is still set, and that certainly looks like a tracking cookie to me. An opt-out to tracking should clear tracking cookies.

01:10:16 [rigo]

... this is good forum to discuss. Must happen is civility must reign.

01:10:18 [aleecia]

Reed just became my hero

01:11:47 [rigo]

RF: the beyond is premature. What data should be collected in DNT:1 has become thorny issues. Let the standard be finalized, let it work, let see if it is adopted, how governments react. Before W3C drags resources of industry into new work.

01:12:34 [rigo]

JoeHall: How DNT will affect email?

01:12:36 [ShaneWiley]

ShaneWiley has joined #privacy

01:13:25 [rigo]

RF: we don't know. We don't know waht DNT is. Therefore we are jumping off the cliff on how to back that

01:15:14 [rigo]

... in context of sending email. Selling stuff, but not good in sending email. Is targeted or re-targeted? Who is the first party? Who is the third party? In the context of deliver of email, we are a service provider. We are transmitting, not for other purposes. That's what I want to find out

01:15:23 [rigo]

ND: thanks for coming

01:16:16 [rigo]

ND: emails can have images, some clients will refuse to load the content, others will perhaps send DNT

01:16:41 [rigo]

FrankDawson: are you fixed on email or other formats? SMS? MMS?

01:17:25 [rigo]

RF: great question, lets pause before going email only. Our members are primarily in email, but will expand and consolidate

01:18:52 [rigo]

aleecia: suggest to approach email, instead in terms of consent. As long as you have consent, no matter for party you are. Can factor that in.

01:19:43 [rigo]

RF: consent often very unspecific

01:22:05 [rigo]

RF: in marketing law there is big difference between EU and US, very complex

01:22:36 [rigo]

Jeff: David says we have lots of things to consider, you say do not do anything new until it is done

01:23:09 [rigo]

... how to figure out, scoping next thing is a large undertaking. Scope is 3/4 of the battle

01:23:21 [Frank]

Frank has joined #privacy

01:23:58 [rigo]

... like to suggest, continue 95% of effort into DNT, but background thinking should continue to think about what could be the scope for next thing to do

01:24:16 [marc]

marc has left #privacy

01:24:52 [rigo]

RF: don't think we disagree. Any organization has long range strategic planning, or medium range planning. But prudent not finish scope what to do outside the current scope

01:25:20 [jeff]

+1 to Reed - yes we agree.

01:25:51 [rigo]

Berin: want to get remarks: Current model is not huge success, non technical work, designed by committee,

01:26:07 [rigo]

RF: we should see how this works out before making more

01:26:35 [rigo]

.. be careful about the unintended consequences of what you do

01:26:55 [rigo]

Berin: measure of success?

01:27:48 [ShaneWiley]

ShaneWiley has joined #privacy

01:28:03 [rigo]

RF: in order for ESPC to agree that DNT for email is a good idea, we need: DNT is finished, deployed, consumers like it, standard is working, then we can imagine to apply it to email

01:28:21 [rigo]

ND: success criteria in W3C normally for interoperability

01:28:46 [rigo]

... serviing the purpose for consumers, satisfying?

01:29:43 [rigo]

DW: what was the idea couple of deliverables, the problem was never really scoped. Persistent problem of the TPWG

01:30:22 [rigo]

Jeff: metrics for success: One would be adoption, interoperability, consensus, being well balanced in the market place

01:30:33 [rigo]

... those are great metrices.

01:31:18 [rigo]

... what we would do differently, some may laugh, think there was sufficient misunderstanding, process etcc.

01:31:42 [rigo]

... we would have told stakeholders what we are doing and what we are not doing, we would have had less fire works

01:32:17 [jeff]

s/laugh/laugh but I think we are on a path to a standard, but it took much effort since/

01:32:49 [rigo]

LieTien: widespread adoption was a secondary concern for us. Ability to express user preference was more important than how many companies will adopt the system. Are aware of the cost.

01:33:00 [tlr]

s/LieTien/LeeTien/

01:33:47 [rigo]

... dev simple mechanism that is feasible is still a valuable thing to have and would push for it

01:36:30 [rigo]

Deirdre: on success criteria. Metrics... Perceivable success in Congress. Sometimes you lose fairly, you come back play again. But if metrics, it must be substantially legitimate, not only about industry adoption, but not only about interoperability only either. Gives some concreteness to what Reed is saying

01:37:35 [WileyS]

WileyS has joined #privacy

01:38:11 [rigo]

JanS: Criteria??? What those criteria are? And to Jeff: 95%: Having impression that scoping was done carefully. In a process if people will lose things, is not going to work in a consensus process. Nobody will say "I will lose something, but I'm fine with it".

01:38:56 [rigo]

... Thsi is what we need to achieve and those will lose and we will implement it.

01:39:32 [rigo]

ND: revenue impact

01:40:36 [rigo]

Berkeley Thai House

01:42:02 [rigo]

rrsagent, please draft minutes

01:42:02 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/11/27-privacy-minutes.html rigo

01:43:03 [johnsimpson]

johnsimpson has joined #privacy

01:43:08 [npdoty]

npdoty has joined #privacy

01:53:55 [rvaneijk]

rvaneijk has joined #privacy

04:39:56 [Arnaud]

Arnaud has joined #privacy

05:12:34 [nweaver]

nweaver has joined #privacy

06:00:58 [npdoty]

npdoty has joined #privacy

06:08:15 [tlr]

tlr has joined #privacy

06:52:46 [aleecia]

aleecia has joined #privacy

17:36:02 [RRSAgent]

RRSAgent has joined #privacy

17:36:02 [RRSAgent]

logging to http://www.w3.org/2012/11/27-privacy-irc

17:36:23 [wseltzer]

Meeting: W3C Workshop: Do Not Track and Beyond

17:36:30 [wseltzer]

scribenick: wseltzer

17:36:50 [wseltzer]

rrsagent, make minutes

17:36:50 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/11/27-privacy-minutes.html wseltzer

17:39:20 [wseltzer]

i/do we have a scribe/scribenick: rigo

17:39:39 [npdoty]

npdoty has joined #privacy

17:39:39 [dsinger]

dsinger has joined #privacy

17:39:44 [wseltzer]

[Introductions]

17:40:05 [wseltzer]

[agenda: http://www.w3.org/2012/dnt-ws/agenda.html]

17:40:29 [wseltzer]

Chris_Hoofnagle: paper, http://www.w3.org/2012/dnt-ws/position-papers/8.pdf

17:41:08 [wseltzer]

... background and earlier work; Web privacy census, benchmark how much tracking is on the Internet

17:41:24 [JoeHallCDT]

JoeHallCDT has joined #privacy

17:41:46 [wseltzer]

... idea from Beth Givens, benchmark how much tracking is occurring to evaluate self-regulation

17:42:03 [wseltzer]

... since we began 5 months ago, already seen a big uptake in 3d party tracking.

17:42:16 [wseltzer]

... switch from LSOs to HTML5 local storage.

17:42:50 [wseltzer]

[Berkeley Web Privacy Census: http://www.law.berkeley.edu/privacycensus.htm ]

17:43:34 [wseltzer]

... idea, as we move forward with self-reg or DNT, get a sense of impact

17:43:53 [wseltzer]

... Other branch of work, user studies, asking consumers about privacy issues.

17:44:45 [wseltzer]

[Consumer privacy survey: http://www.law.berkeley.edu/13260.htm ]

17:46:26 [jeff]

jeff has joined #privacy

17:47:23 [Frank]

Frank has joined #privacy

17:47:59 [npdoty]

consumers having a sense that companies have a fiduciary role with respect to their data

17:48:32 [Joanne]

Joanne has joined #privacy

17:48:35 [wseltzer]

... young adults care about privacy, do the worst in understanding it.

17:48:37 [johnsimpson]

johnsimpson has joined #privacy

17:48:48 [npdoty]

youngest users do the worst on privacy quizzes, interesting

17:50:36 [wseltzer]

... OBA could be done differently, with more room for compromise between advertising and privacy

17:50:37 [JoeHallCDT]

goldman, nissenbaum and bellovin have proposed client-side privacy preserving profiling

17:50:48 [JoeHallCDT]

(would love cites to Goldman and Bellovin)

17:51:00 [wseltzer]

... Fully half of users say they never click ads.

17:51:17 [wseltzer]

JoeHallCDT, the cites are in Chris's paper

17:51:21 [JoeHallCDT]

ah

17:51:28 [wseltzer]

http://www.w3.org/2012/dnt-ws/position-papers/8.pdf

17:51:56 [wseltzer]

Chris_Hoofnagle: majority of users surveyed had not heard of Do Not Track

17:52:00 [JoeHallCDT]

bellovin: Elli Androulaki and Steven M. Bellovin, A secure and privacy-preserving targeted ad-system, in Proceedings of the 1st Workshop on Real-Life Cryptographic Protocols and Standardization, Jan. 2010.

17:52:08 [JoeHallCDT]

goldman: Eric Goldman, A Coasean Analysis of Marketing, 2006 WIS. L. REV. 1151 (2006).

17:52:11 [npdoty]

Androulaki and Bellovin paper is from 2010, http://dl.acm.org/citation.cfm?id=1894875

17:52:31 [wseltzer]

... when asked what they'd want it to do, most said "prevent websites from collecting information about you."

17:52:47 [wseltzer]

... Changes in self-reg positions, rules have become weaker over time.

17:53:29 [npdoty]

13% of the national population having heard of DNT seems like a large number

17:53:53 [erikn]

erikn has joined #privacy

17:54:33 [wseltzer]

Chris_Hoofnagle: NAI won't talk about their old rules. We don't think NAI is credible.

17:55:01 [wseltzer]

... policy statements without purpose, no measurable standards, NAI is a project of a consulting group.

17:55:32 [wseltzer]

DavidWainberg: NAI is independently incorporated

17:56:03 [wseltzer]

Chris_Hoofnagle: There are alternatives. Find self-regulation with more credibility.

17:56:20 [JoeHallCDT]

I've spoken with Anthony Prestia of NAI and they certainly do measurement against their guidelines

17:57:26 [wseltzer]

DavidWainberg: Ads work, companies continue to invest in advertising. Both brand and click-through.

17:57:52 [wseltzer]

Bernard_Urban: run a privacy company, formerly with SiriusXM.

17:58:22 [wseltzer]

... I'd spend $1/4M on an initiative, I wouldn't spend that if they couldn't prove conversion.

17:58:53 [wseltzer]

... 500k people have joined our current service to figure out how to protect themselves online.

17:59:17 [rigo]

rigo has joined #privacy

17:59:20 [wseltzer]

Chris_Mejia: IAB and DAA. We have an enforcement body, Council of Better Business Bureaus

17:59:47 [wseltzer]

... where is your [Chris's] research coming from? I haven't gotten inquiries.

18:00:36 [wseltzer]

Chris_Hoofnagle: We discussed gulf in protection between 2000 NAI statement and more recent DAA

18:01:03 [Arnaud]

Arnaud has joined #privacy

18:01:07 [wseltzer]

Max: Curious about your age results. Experian's studies show younger you are, the less you care about privacy.

18:01:32 [wseltzer]

Chris_Hoofnagle: We've asked both attitudinally and willingness to share information.

18:02:35 [wseltzer]

DavidWainberg: You're not aware of NAI's dedicated compliance staff, do yearly reviews, worked with companies privately to improve their practices, publicly called out companies for non-compliance

18:02:53 [wseltzer]

... Strongest compliance program of any in its space. Encourage you to talk with us.

18:03:29 [wseltzer]

Chris_Hoofnagle: World Privacy Forum 2007 study critiqued NAI

18:03:41 [wseltzer]

... we updated that study on norms of self-reg

18:04:12 [wseltzer]

Frank_Dawson: Nokia-Siemens interested in trust perspective

18:04:14 [JoeHallCDT]

I believe this is the WPF report on NAI that Chris mentions (I haven't read it): http://www.worldprivacyforum.org/pdf/WPF_NAI_report_Nov2_2007fs.pdf

18:05:00 [wseltzer]

... studied emerging markets. NSN survey echoed Chris's remarks

18:05:33 [wseltzer]

... 3 segments, "frightened family," no understanding, rational approach in the middle

18:06:01 [npdoty]

echoed in the sense that not a big difference in views for younger users, right?

18:06:11 [JoeHallCDT]

believe so

18:06:42 [wseltzer]

... across all age groups, a proportionally high attitudinal concern re collection of personal data.

18:06:48 [wseltzer]

... approx 3/4

18:07:34 [wseltzer]

Blase_Ur: here with Pedro Leon, CMU

18:07:45 [wseltzer]

... User studies re behavioral advertising

18:07:49 [tlr]

tlr has joined #privacy

18:07:58 [wseltzer]

[CMU paper: http://www.w3.org/2012/dnt-ws/position-papers/6.pdf ]

18:08:33 [wseltzer]

... Smart, Useful, Scary, Creepy: Perceptions of Behavioral Advertising

18:08:34 [npdoty]

dsinger, I think Chris had referred to work from Joe Turow on trade-off studies, though I'm not familiar with them

18:08:54 [wseltzer]

... 48 non-technical users interviewed in the lab

18:08:56 [JoeHallCDT]

dsinger: in fact, it's weirder than that… Acquisti's recent work on "privacy paradoxes" shows that very subtle and specific ordering issues in the substance of a trade-off can make big differences

18:09:25 [npdoty]

JoeHallCDT, dsinger so there might be differences between attitudinal and behavioral and even other dimensions (fear of loss, etc.)

18:10:44 [JoeHallCDT]

speaking for CDT, we'd love to get some of these opposing interests into a room and hammer out a research design that everyone could agree would be relatively unassailable, then fund a good third-party to do it

18:10:55 [wseltzer]

... Low awareness of tracking. Users don't know how it works, who's involved.

18:12:47 [wseltzer]

... lots of misunderstanding of ad companies, business. e.g. thinking that Microsoft advertising = operating system software, not ads

18:12:54 [npdoty]

example phrase from interviewing users: "I never really thought of Google as an advertising company"

18:13:25 [wseltzer]

... no familiarity with opt-outs or DNT (a year ago)

18:13:37 [wseltzer]

... expected options in Web browser and anti-virus

18:13:46 [npdoty]

JoeHallCDT, I'm also interested in seeing what we would need in a research design in order for it to satisfy everyone's questions

18:14:24 [jeff]

+1 Joe

18:15:21 [npdoty]

concern about surreptitiousness (when they've just found out about it)

18:15:43 [npdoty]

"lack of knowledge led them to think the worst" (making assumptions about identity theft as a risk, for example)

18:16:31 [wseltzer]

Pedro_Leon: tested 9 tools for OBA control

18:16:55 [wseltzer]

... opt-out such as DAA, blocking tools (Ghostery, Adblock plus), browser settings in IE, Firefox

18:17:47 [wseltzer]

... 45 participants using the tools

18:18:06 [wseltzer]

... generally, interfaces not very good, leading users to get results different from what they expected

18:18:36 [wseltzer]

... e.g. proplematic opt-out aboutads.info showed only those companies currently showing personalized ads

18:19:23 [wseltzer]

... jargon-heavy pages confuse users, lead to misconfiguration

18:19:28 [rvaneijk]

* hs seen the problem that the DAA opt-out values may change over time, which makes the opt-outs less persistent as users may think they are

18:20:18 [wseltzer]

... common usability problems incude blocking-tool defaults that block nothing; jargony interfaces;

18:20:37 [npdoty]

the jargon/usability issues might be good input for the technology sessions

18:20:44 [wseltzer]

... lack of feedback, especially with browser settings and opt-out tools, where users expected to see something happen

18:20:45 [rvaneijk]

* in addition to that observation, also the opt-out variable names are not consistent over time which contributes to less persistency

18:21:13 [wseltzer]

... misconceptions, blocking tools break functionality

18:21:57 [wseltzer]

... recommendations: understand what users care about, how they make decisions. Conduct iterative studies to understand mental models, skills and abilities of users.

18:22:56 [wseltzer]

... work in progress. http://cups.cs.cmu.edu/

18:23:35 [wseltzer]

Jeff_Jaffe: are we at a point where there are best practices vendors can adopt, or is it too early?

18:24:15 [rvaneijk]

rvaneijk has joined #privacy

18:24:35 [wseltzer]

Pedro_Leon: Some best practices can already be adopted. We should also iterate in testing.

18:24:40 [JoeHallCDT]

rvaneijk, what does the opt-out variable names have to do with it?

18:25:11 [wseltzer]

Blase_Ur: design practices can help; build on what's already familiar to users

18:25:42 [wseltzer]

Max_Kilger: Experian, paper: http://www.w3.org/2012/dnt-ws/position-papers/28.pdf

18:25:50 [rvaneijk]

@Joe, everything, because the opt-out will not be effective on the server if it is not matching.

18:26:48 [JoeHallCDT]

ah, but don't the servers set those values… so that their server-side code would naturally match… let's talk offline.

18:27:29 [wseltzer]

Chris_Mejia: Be clearer on terminology

18:27:49 [wseltzer]

Blase_Ur: We didn't use "track" in our studies, but asked about data collection

18:28:12 [wseltzer]

... or we asked users, what did you opt out of? most common response, "data collection"

18:29:52 [wseltzer]

Max_Kilger: how does privacy actually work, for people

18:30:20 [wseltzer]

... Experian Simmons, consumer research organization, national probability sample of 25K + respondents

18:30:38 [wseltzer]

... privacy-protected

18:31:07 [wseltzer]

... privacy is complex and multi-dimensional; many perspectives.

18:31:34 [wseltzer]

[cites: Margulis 1977, Rosen 2000, Lie et al 2010, Norberg et al 2007, Smith et al 2011 lit review]

18:31:50 [wseltzer]

... help companies manage privacy relations with their customers

18:31:57 [npd]

npd has joined #privacy

18:33:06 [wseltzer]

... US adults from 2012 study.

18:33:55 [wseltzer]

... data: "I feel I understand the risks of providing personal info online" ~60% agree

18:34:11 [wseltzer]

... "I use the internet less than before because of privacy concerns" ~25%

18:34:40 [wseltzer]

... "I'm willing to provide some personal information to a company in order to get something that I want" ~45%

18:35:49 [ShaneWiley]

ShaneWiley has joined #privacy

18:37:30 [npd]

the interesting quadrant are those who are proactive about privacy but also varyingly willing to trade information for a service

18:37:31 [wseltzer]

... segments describing people's privacy attitudes

18:37:51 [wseltzer]

... on-off is too primitive to describe attitudes

18:38:33 [wseltzer]

... instead of giving on/off switch, suggest a series of questions to develop a strategy, tolerance

18:39:08 [aleecia]

aleecia has joined #privacy

18:40:17 [wseltzer]

Rigo: I heard users expressing fear of decontextualization of data.

18:41:52 [wseltzer]

@@: Privacy Choice, gives people a choice to block all tracking, or block tracking by companies who haven't gotten compliance review.

18:42:11 [wseltzer]

... @@ were comfortable releasing data to those who'd gotten compliance review.

18:42:29 [nweaver]

On fine-grained controls: I look at the difference between Android (fine grained) and iOS (very simple) access controls and conclude that fine grained controls actually make things worse, as in practice, user's can't make meaningful decisions

18:42:35 [nweaver]

30% IIRC

18:42:39 [nweaver]

was the percentage

18:42:45 [npdoty]

s/@@/JimBrock/

18:43:36 [wseltzer]

DavidWainberg: Antitrust implications to refusals to deal with non-members

18:44:05 [wseltzer]

nweaver: Fine-grained controls are a failure because users don't understand what it means to grant or deny permissions.

18:44:31 [wseltzer]

Max_Kilger: Let's ask questions and use statistical models to understand the concerns.

18:44:41 [npdoty]

idea is ask some simple questions and then help them decide the right settings based on that and some expertise/statistics

18:45:57 [Reuben_Binns]

Reuben_Binns has joined #privacy

18:45:57 [wseltzer]

Berin_Szoka: start with a few questions

18:45:59 [JoeHallCDT]

I refuse to answer Berin's "show of hands" questions

18:46:20 [JoeHallCDT]

I do not want Berin to track me

18:46:50 [wseltzer]

[many Californians vote to bind themselves collectively to things they don't do individually]

18:47:57 [npdoty]

important that we have people asking different types of questions

18:48:07 [MarkL]

MarkL has joined #privacy

18:48:11 [wseltzer]

Berin_Szoka: surveys are a poor way of answering fundamental questions

18:48:43 [wseltzer]

... answer in the marketplace is better than that given by surveys

18:49:45 [wseltzer]

... paradox of "choice architecture" is that tools are not neutral

18:50:26 [wseltzer]

... any time you're creating choices for users, you're influencing the choice

18:50:30 [ShaneWiley]

ShaneWiley has joined #privacy

18:52:03 [npdoty]

I think the DNT architecture also works well for the type of solution Jim Brock had suggested (or for that matter the CMU guys pointed out in their paper)

18:52:39 [npdoty]

... you could configure your browser to send DNT signals based on some system or list, if that's what you want

18:52:40 [JoeHallCDT]

npdoty, expand (offline if necessary)

18:52:44 [wseltzer]

... Opt-in dystopias, Lunblad & Masiello

18:52:53 [JoeHallCDT]

ah

18:53:09 [wseltzer]

[http://www.law.ed.ac.uk/ahrc/script-ed/vol7-1/lundblad.asp]

18:53:24 [wseltzer]

s/Lunblad/Lundblad/

18:54:51 [rigo]

rigo has joined #privacy

18:55:08 [wseltzer]

... How would you design an experiment to figure out what users really want?

18:55:47 [wseltzer]

... Coase, Demsetz

18:56:32 [npdoty]

the libertarian paternalist point, we should initially allocate things efficiently -- am I getting that right?

18:56:52 [JoeHallCDT]

npdoty, not inefficiently

18:57:01 [wseltzer]

[but then there are information-forcing rules, other values]

18:57:16 [wseltzer]

[and public goods problems]

18:57:31 [JoeHallCDT]

I have a hard time considering any suffering in a voluntary standard

18:57:48 [wseltzer]

Berin_Szoka: Don't presume to know what users would actually choose

18:59:09 [npdoty]

I'm trying to understand the point, is it that users wouldn't choose a market system that had a particular opt-out/opt-in system with outcomes they wouldn't like?

18:59:46 [wseltzer]

DavidWainberg: Is Blase's educational video available?

18:59:51 [wseltzer]

Blase_Ur: from the WSJ

19:00:35 [JoeHallCDT]

npdoty, I think it's more about that the initial configuration of these kinds of tools will be what people use

19:00:35 [wseltzer]

DavidWainberg: How can we use this information to develop new and better ways to communicate with users?

19:00:48 [npdoty]

http://cups.cs.cmu.edu/

19:00:50 [wseltzer]

Pedro_Leon: Our papers, http://cups.cs.cmu.edu/

19:01:08 [wseltzer]

... work has identified gaps and misunderstandings, so look to fill those holes.

19:01:22 [JoeHallCDT]

npdoty, I'd encourage you to ask Berin to restate that, maybe less in terms of Law and Econ

19:02:25 [JoeHallCDT]

and I take it "frictionless" is more than just asymmetry of information

19:02:32 [wseltzer]

... cognitive biases, challenges are even worse when users are poorly informed about the choices / practices

19:03:48 [JoeHallCDT]

Berin is making a good case for regulation

19:03:58 [wseltzer]

Berin_Szoka: people are ignorant of the vast majority of things in life. Why should they know about privacy?

19:04:56 [npdoty]

Pedro's point is that we would need more information if users are going to make good decisions

19:05:54 [wseltzer]

Blase_Ur: there are opportunities for companies to compete on privacy

19:06:08 [npdoty]

from Blase (picking up on Berin), the expectation that someone is looking out for me

19:07:15 [rigo]

wseltzer: CMU says lack of understanding, have done little work on feedback loops to help people understand

19:08:06 [wseltzer]

Shane_Wiley: Do you also look at the concept of harm? What happens to users when they feel their privacy isn't being respected?

19:08:33 [aleecia]

Interestingly, users talk about privacy rights rather than privacy harms.

19:08:33 [ShaneWiley]

ShaneWiley has joined #privacy

19:08:35 [wseltzer]

Chris_Mejia: How big are the chicken cages?

19:11:18 [dsinger]

q?

19:11:33 [Zakim]

Zakim has joined #privacy

19:11:47 [wseltzer]

Pedro_Leon: Feedback is important to show users the status of the system, the impact of their actions

19:11:51 [Peter]

Peter has joined #privacy

19:12:33 [wseltzer]

... so one important element of feedback would be an indicator of status, ad-blockers show ing the number of elements blocked

19:13:06 [wseltzer]

Max_Kilger: Context question, harm question

19:13:48 [tl]

tl has joined #privacy

19:13:57 [rvaneijk]

* does Zakim have a memory beyond the irc-logs?

19:14:05 [wseltzer]

... harm is an educational experience, but doesn't seem to deter

19:14:32 [wseltzer]

Pedro_Leon: concerns about "being followed"

19:14:57 [rigo]

context? what context?

19:15:06 [rigo]

:-/

19:15:34 [npdoty]

I thought maybe Shane's point was that we both see differences in choices/preferences and differences in potential implications/harms among the public

19:16:05 [wseltzer]

... multiple users of the same computer

19:16:57 [npdoty]

I've seen that in location privacy that there are strongly different preferences that are sometimes tied to past experiences (having had a stalker, for example)

19:17:04 [wseltzer]

Blase_Ur: We want to support users. If users want "privacy,"

19:17:18 [aleecia_]

aleecia_ has joined #privacy

19:17:25 [wseltzer]

... Feedback: is it on or off; opportunity for dialog

19:18:03 [wseltzer]

Berin_Szoka: fear that advertising is bad; economic literature says advertising benefits consumers and new entry to markets

19:18:15 [npdoty]

an interesting analogy from Blase, some preferences are innate, that I don't necessarily explain why I don't like chocolate

19:19:55 [wseltzer]

rrsagent, make minutes

19:19:55 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/11/27-privacy-minutes.html wseltzer

19:20:58 [JoeHallCDT]

JoeHallCDT has joined #privacy

19:21:05 [wseltzer]

i/scribenick: wseltzer / Day 2

19:27:28 [wseltzer]

npdoty: Some of the papers presented technical measures as an alternative to Do-Not-Track signal

19:27:46 [wseltzer]

MikePerry: Tor Project is a 501(c)(3) non-profit

19:28:04 [wseltzer]

... core purpose is to provide an anonymity and censorship-resistant network

19:28:21 [wseltzer]

... core network and source code just celebrated 10 years

19:28:42 [wseltzer]

... I started working on the project with a Firefox extension, TorButton

19:29:09 [wseltzer]

... Tor's thinking has now shifted from a toggle to a dedicated browser

19:29:18 [wseltzer]

... that changes what privacy properties we can provide.

19:29:49 [wseltzer]

... Tor now provides its own downloadable browser bundle

19:30:12 [wseltzer]

[https://www.torproject.org/download/download-easy.html.en]

19:30:31 [wseltzer]

... Three technical changes could provide DNT from the browser-side

19:30:44 [wseltzer]

... First-party identifier unlinkability

19:30:56 [johnsimpson]

johnsimpson has joined #privacy

19:31:03 [wseltzer]

... first-party IP address unlinkability, 1st-pty fingerprinting unlinkability

19:31:57 [wseltzer]

... Goal, simplify interfaces to let users contextualize relationships

19:32:40 [wseltzer]

... mock UI: let all your identifier storage be represented by an icon per domain, show options below,

19:32:58 [wseltzer]

... e.g. site permissions, data and history, tracking

19:33:12 [wseltzer]

... silo all the data to its first party

19:34:01 [Frank]

Frank has joined #privacy

19:34:40 [wseltzer]

... Identifier unlinkability. jail/silo identifier sources to 1st pty dommain

19:34:59 [Arnaud]

Arnaud has joined #privacy

19:35:04 [wseltzer]

... disable or limit features that aren't siloed

19:36:48 [wseltzer]

... double-key cookies, to both 1st and 3d party where it appears

19:37:14 [wseltzer]

[Mike's Tor Project paper: http://www.w3.org/2012/dnt-ws/position-papers/21.pdf]

19:38:45 [wseltzer]

... prompt before cross-domain redirects so change of first-party is transparent

19:39:35 [wseltzer]

... IP address unlinkability, Tor can provide

19:40:20 [wseltzer]

... use SOCKS username as first-party domain to isolate streams

19:40:27 [Mark_Lizar]

Mark_Lizar has joined #privacy

19:41:05 [wseltzer]

... modularize, so proxies can provide stream unlinkability

19:42:16 [wseltzer]

... recognize we can't make browsers indistinguishable across different products, but could make indistinguishable sets among a given browser's users

19:42:49 [Mark_Lizar]

I like the report OS as windows :-)

19:43:18 [aleecia_]

aleecia_ has joined #privacy

19:43:39 [jeff]

jeff has joined #privacy

19:43:50 [wseltzer]

... fingerprinting defenses include disabling plugins, reporting a fixed set of window sizes, many more

19:44:21 [wseltzer]

... new HTML5 features need evaluation

19:44:32 [wseltzer]

... create a uniform font pack for browsers?

19:44:56 [wseltzer]

... what about Like buttons?

19:45:06 [tlr]

tlr has joined #privacy

19:45:18 [wseltzer]

... Google's web-send.org privacy-preserving link-sharing

19:45:54 [wseltzer]

... W3C draft, but no longer exists in Chrome

19:48:36 [wseltzer]

... browser-side tracking, open source, could provide targeting without server-side tracking

19:48:48 [wseltzer]

... help the long-tail survive

19:49:06 [wseltzer]

Chris_Mejia: How would advertisers protect against fraud?

19:49:46 [Blase]

Blase has joined #privacy

19:51:14 [wseltzer]

DavidWainberg: Huge benefit of Internet advertising is measurability. How can you account for that?

19:52:05 [wseltzer]

MeMe_Rasmussen: How are you dealing with third-party service providers?

19:52:17 [wseltzer]

... e.g. site optimization analytics

19:52:51 [wseltzer]

MikePerry: currently disabled. but dual-keyed cookies could allow them to work per-domain

19:53:38 [wseltzer]

Shane_Wiley: What do you do with user-agent string? Is it known that the user is using Tor?

19:54:04 [wseltzer]

MikePerry: The list of Tor exit nodes is public, easy to identify Tor users (and block, if you choose).

19:54:44 [wseltzer]

... OS/UA question is harder. We report Windows, but trying to obscure from fingerprinting is a deep rabbithole.

19:55:13 [wseltzer]

Shane_Wiley: So if a content provider were to decide to block Tor, would you attempt to override that?

19:55:31 [wseltzer]

MikePerry: We make no attempt to circumvent providers' blocks.

19:55:55 [wseltzer]

Rigo: I'm a regular Tor user

19:56:27 [wseltzer]

Rigo: On measurement, have you worked with anonymous credentials to allow proof without identification?

19:56:58 [wseltzer]

MikePerry: We've been thinking of proof-of-work mechanisms, Nymble

19:58:11 [wseltzer]

... invite help!

19:59:23 [wseltzer]

@@: GetCocoon is ad supported, give user tools to set privacy level

20:00:16 [wseltzer]

nweaver: ICSI presenting http://priv3.icsi.berkeley.edu/

20:00:48 [wseltzer]

... work with Mohan Dhawan, Christian Kreibich

20:01:15 [wseltzer]

... why should I have to rely on the trackers to stop being creepy, wnen we can build protections into the browser?

20:01:36 [wseltzer]

... Safari, "allow on previous interaction" makes sense as a cookie policy

20:03:17 [wseltzer]

... Challenge of multi-function trackers. trackers that also provide information on popularity, comments/feedback on products

20:03:32 [wseltzer]

... simply blocking them disrupts user experience.

20:04:01 [wseltzer]

... Google and Facebook are tracking; their business is collecting user data and selling ads.

20:04:45 [wseltzer]

... shows a "Like" button on "Genital Herpes" page. I don't want FB to know if I'm reading it.

20:05:16 [wseltzer]

... Priv3 tool designed to work with big 4: Google, Facebook, Twitter, LinkedIn. Goal to capture user intent.

20:05:37 [wseltzer]

... show the elements as un-logged-in until the user clicks.

20:07:41 [wseltzer]

[demo]

20:09:17 [wseltzer]

... I focus on self-help in the browser because I don't think I'll ever agree with NAI on whether it's OK to track me

20:09:48 [wseltzer]

... what happens if trackers decide to sell data to credit bureaus, get subpoenaed

20:10:33 [wseltzer]

... Story: I started to do some research on guns. Signed up for web forums

20:10:55 [wseltzer]

... with email address. a few weeks later, I got physical mail at work inviting me to join the NRA.

20:12:25 [wseltzer]

npdoty: @@

20:13:16 [wseltzer]

MikePerry: With enough engineering effort, we can make these tools usable and functional

20:13:51 [wseltzer]

nweaver: we started with the Like button because we wanted to show that hard cases can be addressed with minimal disruption.

20:14:15 [wseltzer]

... on a click of the like button, just refresh the widget

20:14:53 [wseltzer]

npdoty: self-help in the browser is distinct from the cooperative approach, doesn't require agreement of the server

20:15:11 [wseltzer]

s/@@/Can browser self-help match current functionality?/

20:15:54 [wseltzer]

Craig_Spiezle: Online Trust Alliance @@

20:18:01 [wseltzer]

Deirdre_Mulligan: Security was once not a part of IETF consideration, now it's fully integrated. We don't say "that's policy". Do you see that happening in privacy?

20:18:57 [wseltzer]

nweaver: As a field, we've horribly violated the do-no-harm principle. Since tech has created a problem, it should help solve it (though we also require policy elsewhere)

20:20:10 [wseltzer]

... I like the Safari cookie policy, because it's tech backed by FTC enforcement

20:22:03 [Frank]

Frank has joined #privacy

20:22:15 [wseltzer]

Jan: Can DNT and browser-enforcement go together?

20:24:20 [nweaver]

nweaver has joined #privacy

20:24:30 [wseltzer]

JoeHallCDT: At CDT, we thought about a few version of "beyond"

20:24:40 [nweaver]

is there any RESPONSE to DNT that says "yes I at least theoretically respect it?"

20:25:14 [wseltzer]

... e.g. mobile apps, iOS 6.1 centralizes ad tracking preference

20:26:02 [wseltzer]

... other platform-level tracking preference expression

20:26:51 [wseltzer]

... Apple, documentation for limit ad-tracking preference has a number of exceptions, hard for me to understand how the exceptions are policed.

20:27:00 [tl]

tl has left #privacy

20:27:17 [nweaver]

To answer my own question, its OPTIONAL.

20:27:33 [nweaver]

So I can't rely on DNT even assuming an honest server

20:28:04 [wseltzer]

... What happens when tracking gets even more complex? HTML5

20:28:37 [nweaver]

Since I don't have a feedback mechanism that guarantees that the server accommodates it, thus self-help needs to be client-only even if DNT is widely but not universally accepted.

20:28:42 [nweaver]

and clients are honest

20:29:08 [wseltzer]

... Consider just-in-time notifications

20:30:14 [wseltzer]

... Support PING's work to do cross-WG review of privacy implications

20:31:05 [wseltzer]

LUNCH BREAK

20:32:05 [JoeHallCDT]

JoeHallCDT has joined #privacy

21:00:55 [aleecia_]

aleecia_ has joined #privacy

21:19:44 [Zakim]

Zakim has left #privacy

21:26:41 [JoeHallCDT]

zakim! come back!

21:32:03 [johnsimpson]

johnsimpson has joined #privacy

21:32:13 [johnsimpson]

test

21:33:17 [nweaver]

nweaver has joined #privacy

21:33:55 [npdoty]

npdoty has joined #privacy

21:34:01 [jeff]

jeff has joined #privacy

21:34:16 [JoeHallCDT]

check 1-2

21:34:32 [JoeHallCDT]

I'm doing it

21:34:41 [npdoty]

rrsagent, pointer?

21:34:41 [RRSAgent]

See http://www.w3.org/2012/11/27-privacy-irc#T21-34-41

21:34:55 [Zakim]

Zakim has joined #privacy

21:35:10 [npdoty]

scribenick: JoeHallCDT

21:35:25 [npdoty]

Topic: Mechanisms for Transparency

21:35:42 [JoeHallCDT]

JanS: moving to future oriented topics

21:35:46 [JoeHallCDT]

… this one is about transparency

21:36:08 [npdoty]

some potential inputs into future development

21:36:09 [JoeHallCDT]

… we will start with the remainder of the preso. from Pedro (CMU)

21:36:29 [JoeHallCDT]

… will move on to Mark (Open Notice)

21:36:40 [JoeHallCDT]

… then another Mark (IBM)

21:37:01 [JoeHallCDT]

Pedro_Leon: studies about OBA privacy disclosures

21:37:08 [JoeHallCDT]

… online study, N=1500

21:37:21 [JoeHallCDT]

… this is about the "AdChoices" disclosures in ads

21:37:28 [JoeHallCDT]

… and what they know from corresponding opt-out pages

21:37:38 [JoeHallCDT]

… did they notice the disclosure and what is the message being conveyed

21:37:48 [rigo]

rigo has joined #privacy

21:37:58 [JoeHallCDT]

… started by showing a simulated version of the NYT page

21:38:09 [erikn]

erikn has joined #privacy

21:38:24 [JoeHallCDT]

… tested "why did I get this ad" and "adchoices"

21:38:50 [JoeHallCDT]

… first tested to see if they noticed, then alerted them to the disclosures

21:39:00 [JoeHallCDT]

… asked some questions about what the user thinks it could do

21:39:10 [JoeHallCDT]

… two icons, and seven taglines

21:39:54 [JoeHallCDT]

… some taglines were blank or meaningless

21:40:04 [JoeHallCDT]

… results: OBA disclosures were not noticed

21:40:19 [JoeHallCDT]

… purpose was misunderstood

21:40:44 [JoeHallCDT]

… with "AdChoices" people thought it was to purchase ads on that site

21:40:56 [JoeHallCDT]

… two taglines they made up were better at communicating OBA disclosure

21:41:17 [JoeHallCDT]

… users were wary or afraid to click on these icons, regarless of icon/taglines

21:42:09 [JoeHallCDT]

… 63% thought that "Stop advertising companies form collecting information about your browsing activities." was true

21:42:25 [JoeHallCDT]

… recommendations [too fast to scribe]

21:42:44 [npdoty]

npdoty has joined #privacy

21:43:02 [npdoty]

http://www.cylab.cmu.edu/research/techreports/2012/tr_cylab12008.html

21:43:15 [JoeHallCDT]

Shane_Wiley: does it seem that this has changed in the past year?

21:43:25 [JoeHallCDT]

… where should it be today, 2 years from now, 5 years?

21:43:40 [JoeHallCDT]

Pedro_Leon: don't think the icons themselves are enough for education

21:43:47 [JoeHallCDT]

… maybe enough to exercise their choices

21:44:03 [JoeHallCDT]

… am aware that the DAA campaign launched recently will aim to educate users

21:44:11 [JoeHallCDT]

… that is a good thing to do

21:44:21 [JoeHallCDT]

… whatever the tagline is, it is hard to communicate a clear message

21:44:46 [JoeHallCDT]

… not surprised our two made-up taglines performed better.

21:44:52 [JoeHallCDT]

… than "AdChoices"

21:45:09 [JoeHallCDT]

Chris_Mejia: we have served billions of those impressions

21:45:20 [JoeHallCDT]

… impressions of the educational campaign

21:45:27 [JoeHallCDT]

… full-display ads

21:45:51 [JoeHallCDT]

… <joke> you may have not seen it because we're targeting people that don't know what it is </joke>

21:46:07 [JoeHallCDT]

… don't create a brand overnight… difficult endeavor… long arc

21:46:21 [JoeHallCDT]

… easy in the early days of brand establishment for people to say, "It's not working"

21:46:51 [JoeHallCDT]

… it's sort of the tortoise and the hare analogy… the brand eventually wins because it is seen over and over and over again

21:46:58 [JoeHallCDT]

… and people eventually will see that

21:47:15 [JoeHallCDT]

… we're just rolling out the brand campaign… at trillions of impressions for the icon

21:47:24 [JoeHallCDT]

… would appreciate any help in educating users

21:47:35 [Frank]

Frank has joined #privacy

21:47:45 [JoeHallCDT]

Pedro_Leon: we want to repeat these experiments to measure effectiveness of the campaign

21:47:58 [JoeHallCDT]

… following a more systematic approach with users is probably more helpful

21:48:10 [JoeHallCDT]

… doing research like they do at CMU could help

21:48:21 [JoeHallCDT]

Chris_Mejia: the design was very thorough

21:48:34 [JoeHallCDT]

… we'll have to give this a chance to see if it sticks with users

21:48:49 [JoeHallCDT]

… better to stick with this than changing the icon/tagline at this early stage

21:49:34 [JoeHallCDT]

JanS: next session will be videotaped… any objections

21:50:06 [Arnaud]

Arnaud has joined #privacy

21:50:06 [JoeHallCDT]

Thomas_R: fine with video of the talk, cut off discussion

21:50:17 [JoeHallCDT]

s/cutt off/cut off at/

21:50:26 [JoeHallCDT]

s/cut off/cut off at?

21:50:27 [npdoty]

agree to video record this talk, but not the group discussion.

21:50:28 [JoeHallCDT]

shit

21:50:32 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/11/27-privacy-minutes.html wseltzer

21:50:34 [npdoty]

s/shit//

21:50:35 [Blase]

Blase has joined #privacy

21:50:39 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/11/27-privacy-minutes.html wseltzer

21:50:48 [wseltzer]

16:42 < wseltzer> Suggestions for the wrap-up:

21:50:57 [wseltzer]

s/16:42 < wseltzer> Suggestions for the wrap-up://

21:51:03 [JoeHallCDT]

Mark_Lizar: Presenting on Open Notice

21:51:23 [JoeHallCDT]

… currently notices are not open… no backise structure, written ad hoc, not localized

21:51:37 [JoeHallCDT]

… what does this have to do with DNT… users need to understand what DNT means

21:51:55 [JoeHallCDT]

… because notice is not standardized, this limits choices people have

21:52:04 [JoeHallCDT]

… open and notice are specifically selected...

21:52:09 [JoeHallCDT]

… open refers to transparency

21:52:10 [npdoty]

lack of interoperability limits all of these efforts

21:52:22 [JoeHallCDT]

… notice is common term in regulation

21:52:28 [JoeHallCDT]

… consent is not possible w/o notice

21:52:38 [JoeHallCDT]

… together they enable transparency and better choices

21:53:08 [JoeHallCDT]

… the biggest lie on the web: "I Agree", "opt-in"… despite not having read the terms

21:53:15 [JoeHallCDT]

… today I bought Nick a present

21:53:29 [JoeHallCDT]

… because I'm from Canada, had to read the 1974 Prviacy Act

21:53:38 [JoeHallCDT]

… and a ton of other privacy policies

21:53:50 [JoeHallCDT]

… I needed to figure out if they conflict… would need to call my lawyer

21:53:57 [JoeHallCDT]

… can't use these in e-commerce

21:54:10 [JoeHallCDT]

… closed notice prevents new markets in choice

21:54:30 [JoeHallCDT]

… open notice is collaborative approach to align social, legal and technical elements

21:54:42 [JoeHallCDT]

… [didn't get that last bit, guy is fast]

21:54:54 [JoeHallCDT]

… [cant' read the screen]

21:55:04 [JoeHallCDT]

s/cant'/can't/

21:55:27 [JoeHallCDT]

… not only is openness a privacy principle, but guides the groups creating these elements

21:55:48 [JoeHallCDT]

… wants Jim from Privacy Choice to share their API

21:55:59 [JoeHallCDT]

… next: want to help more projects find and talk to each other

21:56:03 [JoeHallCDT]

… facilitate collaboration

21:56:13 [JoeHallCDT]

… enumerate challenges

21:56:24 [JoeHallCDT]

[not as scribe: not sure what this actually is]

21:57:04 [JoeHallCDT]

JanS: can we see more about a few of the projects involved in the effort?

21:57:24 [JoeHallCDT]

… how can w3c support the interoperability of these kinds of groups and if w3c is a place to do that.

21:57:41 [JoeHallCDT]

… initial charter of TPWG included another element, maybe this could fit there?

21:58:04 [JoeHallCDT]

Mark_Lizar: shows tos-dr.info

21:58:17 [JoeHallCDT]

… for "terms of service; didn't read"

21:58:21 [JoeHallCDT]

… recently funded

21:58:33 [JoeHallCDT]

… uses collaborative approach to simplifying TOS

21:58:45 [JoeHallCDT]

… icons are aribtrary, don't know what they mean out of context

21:58:57 [JoeHallCDT]

s/aribtrary/arbitrary/

21:59:33 [JoeHallCDT]

[Apple Guy]: is the goal to replace TOS with schematized terms? or a synposis that is standardized?

22:00:03 [JoeHallCDT]

Mark_Lizar: there's usually a checkbox… people don't tend to read them… the idea here is to put an icon beside that for informing users.

22:00:17 [JoeHallCDT]

… don't want to replace the TOS, but make it more richer

22:00:48 [JoeHallCDT]

npdoty: most of the icon projects are not trying to replace privacy policies, but make them more like summaries

22:01:04 [JoeHallCDT]

JanS: Ashkan's preso. can inform

22:01:14 [erikn]

s/Apple Guy/erikn :)

22:01:34 [JoeHallCDT]

Nokia_Guy: We checked tos;dr against Nokia's policy and found that it was largely incorrect

22:02:07 [JoeHallCDT]

Ashkan: Wants to echo this stuff and summarize the work to date on this

22:02:14 [JoeHallCDT]

… great opportunity for potential standardization.

22:02:20 [erikn]

s/Nokia_Guy/Frank Dawson

22:02:32 [JoeHallCDT]

… We're talking about taking notice that people don't read, and turn them into short notice

22:02:57 [JoeHallCDT]

… take a practice and convert it to notice and short notice and make it undestandable by consumers

22:03:14 [JoeHallCDT]

… capture > encode > display > enforce

22:03:35 [JoeHallCDT]

… capture by locating policy, archiving it, and tracking changes

22:03:48 [JoeHallCDT]

… encode it by determining facets, verify results

22:04:09 [JoeHallCDT]

… display by providing an api, create icons, present to user

22:04:20 [JoeHallCDT]

… enforce, regulate (or not) as necessary

22:04:42 [JoeHallCDT]

… when privacy policies don't match short notice, regulators have been reluctant to enforce short notice as binding obligation

22:05:05 [JoeHallCDT]

… in 2009, we did work at the I school at Berkeley and cataloged consumer complaints… with Travis Pinnike

22:05:13 [JoeHallCDT]

s/Pinnike/Pinnick/

22:05:31 [JoeHallCDT]

… took a snapshot of privacy policies in time and encoded the policies based on these facets

22:05:42 [JoeHallCDT]

… sent our analysis to companies and got good corrections back

22:05:51 [Pleon]

Pleon has joined #privacy

22:05:59 [JoeHallCDT]

… things change over time, lots of devils in the details… very hard for a manual process

22:06:17 [JoeHallCDT]

… P3P was an early version of trying to determing what facets people care about and providing machin-readbility

22:06:31 [JoeHallCDT]

… [shows big screen of similar efforts]

22:06:42 [JoeHallCDT]

… in 2012, we've seen about 10 or so different organizations try to do this

22:07:17 [JoeHallCDT]

… these are short lived efforts for a variety of reasons

22:07:25 [JoeHallCDT]

… this is an opportunity to standardize these efforts

22:07:45 [JoeHallCDT]

… bring together people with interests here and start a standardized language for these facets

22:08:28 [JoeHallCDT]

JanS: looking at the timeline graph… when I started a recent job, I was worried more about enforcement

22:08:52 [JoeHallCDT]

… there could be technical enforcement; practices differ so much that this is very hard

22:09:21 [JoeHallCDT]

Ashkan: with p3p, we've had cases where people would circumvent these kinds of mechanisms

22:09:43 [JoeHallCDT]

… we've not yet seen a regulator go after that… because these are not statements made to consumers, but their UA.

22:10:21 [JoeHallCDT]

Frederik_Borgesuis: I've been skeptical, as I have no idea sometimes what the heck is in a privacy policy.

22:10:51 [JoeHallCDT]

… is there a way to make categories and ask companies to write policies that address those?

22:10:59 [JoeHallCDT]

Deirdre: that's what p3p did!

22:11:25 [JoeHallCDT]

Ashkan: there's simply no incentive for companies to do this… when we did KnowPrivacy, it was the threat of publicity

22:11:54 [JoeHallCDT]

Shane_Wiley: I was a reviewer of one of these are part of the program committee.

22:12:05 [JoeHallCDT]

… agree with p3p comment, disagree that there are no incentives.

22:12:14 [JoeHallCDT]

… there was some value in IE with the privacy slider

22:12:31 [JoeHallCDT]

… about visualization: p3p was a great way of doing it in a slider

22:12:42 [JoeHallCDT]

… your goal is trying to get closer to user understanding, right?

22:12:54 [JoeHallCDT]

Ashkan: I thought p3p was attempting to do that…

22:13:12 [JoeHallCDT]

… use as a configurer of a UA, could tell it to follow a set of rules based on what you want

22:13:23 [JoeHallCDT]

… there was some work, in privacy bird

22:13:24 [JoeHallCDT]

?

22:13:36 [JoeHallCDT]

… APEL (?) was the preference language

22:14:04 [JoeHallCDT]

Rigo: p3p was 2003, not 2006… but only 2003 was a w3c Rec

22:14:09 [JoeHallCDT]

… p3p remains misunderstood

22:14:30 [JoeHallCDT]

… the browsers killed p3p as they never did anything useful with it

22:14:43 [JoeHallCDT]

… many sites had policies but browsers didn't use it

22:15:05 [JoeHallCDT]

… browsers were on their road for blocking tools… p3p is just a teethless tiger

22:15:09 [rvaneijk]

s/2003/2002/

22:15:43 [JoeHallCDT]

… if you look at Rigo's paper, you'll see that out of the primelife research, researchers never came out with a compliment

22:15:49 [JoeHallCDT]

… to the p3p statement vocabulary

22:16:08 [JoeHallCDT]

… there is a lot of hidden information exchange… uncertainty

22:16:19 [JoeHallCDT]

… there is some way to tell people what you're actually doing

22:16:41 [JoeHallCDT]

… the fresh take on p3p means we throw away the data description but keep the categories

22:16:41 [rvaneijk]

s/APEL/APPEL, a P3P preference exchange language/

22:17:08 [JoeHallCDT]

Mark_Lizar: There is a lot of room for the p3p work to evolve

22:17:09 [tlr]

tlr has joined #privacy

22:17:19 [JoeHallCDT]

… with the lack of accountability, there are issues

22:17:31 [JoeHallCDT]

… in EU, new Regulation will drive a lot of this

22:17:41 [JoeHallCDT]

… in the US, NSTIC is requiring govt. to have good notice

22:17:54 [JoeHallCDT]

… emerging efforts will provide ...

22:18:06 [JoeHallCDT]

Alex_Fowler: we're thinking a lot about mobile

22:18:37 [JoeHallCDT]

… our approach to privacy policies is to "we're not going to make major investments to re-writing our PP for desktop, let's start with mobile and go back"

22:18:49 [JoeHallCDT]

… the opportunity for inovation is in these new areas

22:18:59 [JoeHallCDT]

… Mozilla Marketplace for HTML5 apps

22:19:10 [JoeHallCDT]

… require a PP, just like many app platforms

22:19:22 [JoeHallCDT]

… building in a series of icons to differentiate search results in the store

22:19:34 [JoeHallCDT]

… these apps have e2e security, these are ad-supported

22:19:56 [JoeHallCDT]

… we really haven't talked about mobile at all [I did!]

22:20:16 [JoeHallCDT]

Ashkan: I agree… ACT is going to have a set of icons… lots of work in mobile

22:20:32 [JoeHallCDT]

… Mozilla has icons, Android has permissions manifest

22:20:47 [JoeHallCDT]

… Apple had location but has additional axes, photos, contacts

22:20:55 [JoeHallCDT]

… every organization is rolling their own

22:21:06 [JoeHallCDT]

… in first rev. they didn't have contacts… but revised that

22:21:14 [JoeHallCDT]

… now they include contacts access

22:21:30 [JoeHallCDT]

… without a standard, there will be tons of conflicting efforts

22:21:59 [JoeHallCDT]

Mark_Lizar: it's a standard that there is an opt-in/opt-out button to get consent

22:22:09 [JoeHallCDT]

… to evolve that global infrastructure is important

22:22:58 [nweaver]

nweaver has joined #privacy

22:22:59 [JoeHallCDT]

[missing this]

22:23:02 [nweaver]

why i'm skeptical of icons in a single image: http://farm3.static.flickr.com/2209/2233856221_99cf6cdf8b.jpg

22:23:20 [JoeHallCDT]

Berin_Szoka: I'm one of the bigger naysayers and I love this, you're doing something right!

22:23:42 [JoeHallCDT]

… comment: on enforcement, as to why FTC hasn't taken action

22:23:56 [JoeHallCDT]

… whatever the reason for that, that will become moot if you get wide adoption

22:24:23 [JoeHallCDT]

… [berin recites the last element of FTC deception authority about harming users]

22:24:49 [JoeHallCDT]

… as long as you have some group of users for which a deception is material, that is the hook

22:25:04 [JoeHallCDT]

… How would you related your concept to Cass Sunstein's idea of smart disclosure?

22:25:29 [JoeHallCDT]

… how do you see structured disclosure used for forms that allow for innovation in disclosures formats

22:25:51 [JoeHallCDT]

… and what about choice by proxies for users?

22:26:04 [rigo]

rigo has joined #privacy

22:26:29 [JoeHallCDT]

Ashkan: p3p was designed as a slider for a browser...

22:26:39 [JoeHallCDT]

Deirdre: and you could import preferences established by another org

22:26:54 [JoeHallCDT]

Ashkan: you need incentives and enforcement.

22:27:04 [JoeHallCDT]

… you need the entire ecosystem for it to function

22:27:17 [JoeHallCDT]

… browsers may not be capturing user sentiment

22:27:50 [JoeHallCDT]

… with an interoperable, standardized [thing] you could get this ecosystem to a point where notice is meaningful and widely adopted

22:28:09 [JoeHallCDT]

Mark_Lizar: you can create much more rich notices… right now they are flat, non-interactive

22:28:22 [JoeHallCDT]

… a lot of these things can evolve if the ecosystem existed

22:28:35 [JoeHallCDT]

Deirdre_Mulligan: This is DNT and Behind

22:28:47 [JoeHallCDT]

… I did the first FTC preso on p3p with TBL many years ago

22:28:59 [JoeHallCDT]

… prescriptive rather tan descriptive vocab.

22:29:32 [JoeHallCDT]

… it also was going to have an automated mech. for populating fields so that those respective privacy beliefs

22:29:41 [JoeHallCDT]

… stripped out by other privacy advos

22:30:00 [JoeHallCDT]

… workshop at AOL in 2002 with regulators, EU, inside/outside councils..

22:30:14 [JoeHallCDT]

… went over all of this stuff… please go read those remarks

22:30:35 [JoeHallCDT]

… when p3p has been trashed as a failure… p3p was one of the first metadata standards

22:30:45 [JoeHallCDT]

… w3c should go look at p3p

22:30:54 [JoeHallCDT]

… think about security breach notification laws

22:31:06 [JoeHallCDT]

… no one wanted to do those things (encryption, notice on breach)

22:31:24 [JoeHallCDT]

… w3c should seize the fact that it was way beyond it's time

22:31:39 [JoeHallCDT]

… for those that think DNT is too binary… "Duh! no joke"

22:31:44 [JoeHallCDT]

… go look at p3p, yp

22:31:46 [yrlesru]

yrlesru has joined #privacy

22:31:49 [JoeHallCDT]

s/yp/yo.

22:32:10 [aleecia_]

Alex: "Come back to us, Deirdre"

22:32:10 [JoeHallCDT]

Frank_Dawson: any idea of how many of these support layered notice?

22:32:14 [aleecia_]

+1 to Alex!

22:32:19 [JoeHallCDT]

Ashkan: definitely glossed over this

22:33:21 [JoeHallCDT]

Joanne_Birch: comment and a response to Frank

22:33:33 [JoeHallCDT]

… we've been actively working with layered notice on desktop and mobile

22:33:53 [JoeHallCDT]

… we have examples of these on our website

22:34:08 [npdoty]

s/Birch/Furtsch/

22:34:10 [JoeHallCDT]

David_Wainberg: there is tremendous pressure to be really comprehensive in their privacy disclosure

22:34:33 [JoeHallCDT]

… it's extremely difficult to boil these down to short, concise statements

22:34:46 [JoeHallCDT]

… that's what I've heard about p3p… can't fit it into these tokens

22:34:55 [JoeHallCDT]

Deirdre: it's because they want to say, "Maybe"

22:35:00 [wseltzer]

Deirdre++

22:35:09 [JoeHallCDT]

David_Wainberg: there's not a lot of support documentation

22:35:16 [JoeHallCDT]

[there's an O'Reilly book!]

22:35:25 [JoeHallCDT]

… people have struggled to do this

22:35:29 [npdoty]

I believe the Privacy Choice project is attempting to tie the short notices back to the relevant text in the existing long form policy

22:35:43 [JoeHallCDT]

… to make something like this work, it's going to have to make sense to attys. working in companies.

22:36:09 [JoeHallCDT]

… and the thing needs to be fashioned in a way that lawyers can feel comfortable that this won't [bite them in the ass]

22:37:12 [JoeHallCDT]

Mark_Frigon: Want to talk about standardization around data analytics

22:37:27 [JoeHallCDT]

… software deployment increasingly depends on analytics

22:37:39 [JoeHallCDT]

… concerns that "people are tracking everything"

22:37:52 [JoeHallCDT]

… a lot of that is true, some of that is sw deployment changes

22:38:40 [JoeHallCDT]

… more parties providing direct sevices to your customers and require direct tracking

22:38:53 [BerinSzoka]

BerinSzoka has joined #privacy

22:39:25 [JoeHallCDT]

… each vendor is going to transcribe different data into different "domains" (data vocabs)

22:39:32 [JoeHallCDT]

… not currently structured

22:39:40 [JoeHallCDT]

… lots of tag-managment solutions

22:39:51 [JoeHallCDT]

… do mapping of ontologies from customers vendors, etc.

22:40:05 [JoeHallCDT]

… ESPN's home page alone has 35 different parties tracking

22:40:16 [JoeHallCDT]

… WSJ says avg. website has 64 trackers

22:40:34 [JoeHallCDT]

… many website operators don't even know all the tracking tech. that powers their stuff

22:40:40 [JoeHallCDT]

… have to do audits with companies like Evidon

22:40:55 [npdoty]

http://www.w3.org/Submission/2012/04/

22:41:01 [JoeHallCDT]

… what IBM has drafted and submitted to w3c is a standard data model for customer experience

22:41:10 [JoeHallCDT]

… think of this as a JSON or JS object

22:41:16 [npdoty]

or rather, http://www.w3.org/Submission/2012/SUBM-cedda1-20120917/

22:42:04 [JoeHallCDT]

… this can open up a new standard from which to manage and think about privacy

22:42:31 [JoeHallCDT]

… now we have a client transcribing its' own data objects into the standard

22:42:44 [JoeHallCDT]

… now it is a common object that can be read/write to

22:42:53 [JoeHallCDT]

… some open questions:

22:43:02 [JoeHallCDT]

… if you have PII in a "visitor" object.. where to store that?

22:43:15 [JoeHallCDT]

… cookie, DOM, etc.

22:43:40 [nweaver_]

nweaver_ has joined #privacy

22:43:44 [JoeHallCDT]

… how can this type of model work with existing technologies?

22:43:53 [JoeHallCDT]

… if you have DNT, maybe a vendor can't pull from a DNT object

22:44:08 [JoeHallCDT]

[didn't get that last bit right]

22:44:39 [JoeHallCDT]

… this will provide at least a framework that when you have a common data model, it can be pro-privacy

22:44:47 [JoeHallCDT]

… [shows example objects]

22:46:03 [JoeHallCDT]

… Customer Experience Digital Data Community Group

22:46:14 [JoeHallCDT]

… four standards listed

22:46:37 [JoeHallCDT]

[are these all part of the w3c submish?]

22:46:48 [npdoty]

http://www.w3.org/community/custexpdata/

22:46:59 [JoeHallCDT]

… intended benefits

22:47:08 [JoeHallCDT]

… simplifies site management

22:47:16 [JoeHallCDT]

… simplify switching costs

22:47:25 [JoeHallCDT]

… simplifies new deployments

22:47:34 [JoeHallCDT]

… provides a foundation for better data governance

22:48:05 [JoeHallCDT]

… community group is launched… 8 partners that have supported it

22:48:20 [JoeHallCDT]

… dicussions with Google, hoping Adobe is on board

22:48:40 [JoeHallCDT]

… please join the community group

22:49:04 [JoeHallCDT]

… mark.frigon@us.ibm.com if you want to get in touch

22:49:11 [npdoty]

pre-pre-kickoff meeting :)

22:49:15 [JoeHallCDT]

… call on Thu. pre-pre-pre-kickoff meeting

22:49:33 [JoeHallCDT]

JanS: have you decided where to put the data?

22:50:00 [JoeHallCDT]

Mark_Frigon: that is all open. working for a common data model. those questions need to be answered.

22:50:11 [JoeHallCDT]

JanS: draft spec. addresses data model?

22:50:16 [JoeHallCDT]

Mark_Frigon: yes.

22:51:25 [JoeHallCDT]

Ashkan: observation: there are a couple companies that do tag management… an issue I've seen in the past

22:51:41 [JoeHallCDT]

… the currency of this ecosystem is impressions and click data…

22:52:00 [JoeHallCDT]

… also an industry that no one trusts anyone else… want to make sure that accounting matches

22:52:31 [JoeHallCDT]

… to ask people to use a different vocabulary when a check is on the line will be tough.

22:52:34 [JoeHallCDT]

[?]

22:53:14 [JoeHallCDT]

Mark_Frigon: the analoy I would make is that if the browsers would support it… certain attributes in HTML5 aren't supported and so they just ignore it

22:53:22 [JoeHallCDT]

[please correct me as you understand it]

22:53:45 [JoeHallCDT]

… that is the type of feedback that would be helpful for buy-in and progress

22:54:01 [JoeHallCDT]

JanS: can we contextualize this with the session from this morning about browser-based defense?

22:54:06 [JoeHallCDT]

… could this help there?

22:54:27 [JoeHallCDT]

Mark_Frigon: I use that as a hypothetical or a potential implementation

22:54:28 [MarkL]

MarkL has joined #privacy

22:56:27 [JoeHallCDT]

npdoty, curious if this seems of interest to potential implementors

22:56:37 [JoeHallCDT]

… some similarities to p3p data control

22:56:58 [JoeHallCDT]

… could configure a browser to do this… is this of interest to implementors, advocates?

22:57:35 [JoeHallCDT]

Deirdre: if one could imagine the GeoPriv and GeoLocation standard where rules are attached to data… it could be an extraordinary development.

22:58:18 [JoeHallCDT]

Mark_Frigon: [didn't get this]

22:58:51 [JoeHallCDT]

… a website that doesn't have a strict privacy policy can have things very exposed… one with a strict policy may want to use a vendor based test on vendor GUIDs

22:59:08 [JoeHallCDT]

… we have a data model, nothing more specified

22:59:29 [npdoty]

s/npdoty,/npdoty:/

22:59:59 [JoeHallCDT]

Rigo: do you integrate the privacy into your data model or external to the model

23:00:44 [Peter]

Peter has joined #privacy

23:01:20 [JoeHallCDT]

… we need ways of linking statements to objects… Rigo's paper suggests using the context as the link to the object

23:01:38 [JoeHallCDT]

… solves problem of lawyers not wanting to make certain kinds of statements

23:01:55 [JoeHallCDT]

… when you have a fixed context, the [something and something does something[

23:02:06 [JoeHallCDT]

s/something[/something]/

23:02:32 [JoeHallCDT]

JanS: can include a policy element for data

23:02:56 [JoeHallCDT]

… having the policy included from the beginning conceptually could solve a lot of problems

23:03:12 [JoeHallCDT]

… in this case would pass it on as an object concealed in some other wrapper of policy

23:03:52 [JoeHallCDT]

Mark_Frigon: ah, in how I was thinking, the website controls the data, whereas in your model it just gives it away with the criteria for policy/sharing

23:04:03 [JoeHallCDT]

JanS: never give away the data without the policy that governs the data

23:04:23 [JoeHallCDT]

… could be the browser doing the logic/evaluation of policy

23:04:47 [JoeHallCDT]

… in some cases it may be traveling to a vendor depending on policy allowsing sharing with vendor

23:05:00 [npdoty]

I believe we're now using "policy" in the sense of user-configured preferences, not "public policy"

23:05:01 [JoeHallCDT]

Rigo: this is steering data flows with metadata

23:05:22 [JoeHallCDT]

Shane_Wiley: structured data is always good...

23:05:40 [JoeHallCDT]

… in some sense the variation in the market makes user objects look very different

23:06:00 [JoeHallCDT]

… what are your thought on incentives for using structured data?

23:06:18 [JoeHallCDT]

… what's the primarly motivator, and how would you deal with the multi-persona problem?

23:06:55 [JoeHallCDT]

Mark_Frigon: the spec. today includes a lot of flexibility… you should be able to stuff a lot of things into that person object.

23:07:14 [JoeHallCDT]

… as for incentives, if a company requires you to adhere to a standard, the market will suppor it

23:07:19 [JoeHallCDT]

s/suppor/support/

23:07:57 [JoeHallCDT]

and we break until 3:30 PST sharp.

23:07:59 [wseltzer]

RRSAgent, make minutes

23:07:59 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/11/27-privacy-minutes.html wseltzer

23:08:10 [wseltzer]

[thanks JoeHallCDT!]

23:27:37 [Peter]

Peter has joined #privacy

23:33:37 [johnsimpson]

johnsimpson has joined #privacy

23:33:38 [erikn]

erikn has joined #privacy

23:36:02 [dwainberg]

dwainberg has joined #privacy

23:36:11 [JoeHallCDT]

scribing

23:36:23 [wseltzer]

JoeHallCDT++

23:36:30 [JoeHallCDT]

Tara_Whalen and Christine_Runnegar on PING efforts

23:37:20 [JoeHallCDT]

… trying to jumpstart what web standards privacy work needs to be done

23:37:32 [JoeHallCDT]

… will first focus on privacy review of proposed standards

23:37:54 [JoeHallCDT]

Christine: two key work items

23:38:00 [JoeHallCDT]

1) privacy considerations document

23:38:02 [nweaver]

nweaver has joined #privacy

23:38:08 [JoeHallCDT]

2) best practices for implementors and deployers

23:38:17 [JoeHallCDT]

Frank_Dawson has volunteered for everything

23:38:26 [JoeHallCDT]

This is a call to action to get people involved

23:38:50 [JoeHallCDT]

PING wants to identify a privacy reviewer for standards early on

23:38:58 [JoeHallCDT]

… how can we best do that?

23:39:11 [JoeHallCDT]

… have been doing ad-hoc reviews, when a WG notices it needs expertise

23:39:24 [JoeHallCDT]

… recently at the TPAC we had an informal meeting with Dev API WG

23:39:27 [Frank]

Frank has joined #privacy

23:39:29 [wseltzer]

[PING: http://www.w3.org/Privacy/ ]

23:39:58 [JoeHallCDT]

… in our paper we've identified concrete action items

23:40:03 [JoeHallCDT]

… also have a series of questions

23:40:15 [JoeHallCDT]

Tara_Whalen: two of the items have been mentioned for areas of work

23:40:21 [JoeHallCDT]

… if there are others, let us know

23:40:26 [JoeHallCDT]

… fingerprinting is one…

23:40:38 [JoeHallCDT]

… what is fingerprinting? challenges for mitigating fingerprinting.

23:40:51 [JoeHallCDT]

… appropriate uses of fingerprinting

23:41:00 [JoeHallCDT]

… some discussion of this at the TPAC

23:41:10 [JoeHallCDT]

http://www.w3.org/2012/10/31-fingerprint-minutes.html

23:41:20 [Foo]

Foo has joined #privacy

23:41:24 [JoeHallCDT]

… 2nd, privacy indicators for privacy in browsers

23:41:39 [tlr]

tlr has joined #privacy

23:41:41 [JoeHallCDT]

… this is a good time to identify places for ongoing work

23:41:45 [JoeHallCDT]

… set of questions:

23:41:59 [JoeHallCDT]

… will skip interaction between policy and standards… did that yesterday!

23:42:17 [JoeHallCDT]

… what are known privacy and risks of web standards? what should we do about them?

23:42:29 [JoeHallCDT]

… what privacy design principles make sense for the web?

23:42:43 [JoeHallCDT]

… how do we make sure privacy concerns are raised at an early stage?

23:42:51 [JoeHallCDT]

[how is it down with security? usability?]

23:42:53 [jeff]

jeff has joined #privacy

23:43:02 [JoeHallCDT]

… how should privacy reviews be conducted?

23:43:15 [JoeHallCDT]

… who gets to contribute? how?

23:43:26 [JoeHallCDT]

… trade-offs: privacy, usability, security, reliability.

23:43:36 [JoeHallCDT]

… have a lot of work cut out for us

23:43:41 [JoeHallCDT]

… these are big challenges…

23:43:51 [JoeHallCDT]

… we encourage you to participate as much as possible

23:44:05 [JoeHallCDT]

… we'd like to hear what we can do and what we can do for you

23:44:21 [JoeHallCDT]

Christine: let's go back to the potential areas for work

23:44:29 [JoeHallCDT]

… what were the concrete things that were suggested?

23:45:00 [JoeHallCDT]

… on fingerprinting: perhaps PING could produce a document about fingerprinting, what are the challenges, how can we design in mitigations?

23:45:12 [JoeHallCDT]

… also the suggestion for others to develop a standard anonymous fingerprint

23:45:31 [JoeHallCDT]

… is there a way to develop a means to expose fingerprinting… make it easy to detect when a broswer is being fingerprinted

23:45:43 [JoeHallCDT]

… To wrap up: privacy considerations document for web standards devs.

23:45:49 [JoeHallCDT]

… bes pracs. for implmentors and devs

23:45:55 [JoeHallCDT]

… privacy reviews for web standards

23:46:01 [JoeHallCDT]

… suggestions for potential areas of new work.

23:46:07 [JoeHallCDT]

… questions that Tara raised above

23:46:31 [JoeHallCDT]

… Frank_Dawson may propose one approach one way to standardize privacy reviews

23:47:26 [JoeHallCDT]

npdoty: questions for PING peeps?

23:47:41 [JoeHallCDT]

Karen_Myers: I didn't see web performance WG.

23:48:09 [JoeHallCDT]

… subject of fingerprinting came up at recent meeting… they can very precisely fingerprint

23:48:19 [JoeHallCDT]

Christine: can you put us in touch with that WG?

23:48:31 [JoeHallCDT]

… next call is 12/6 UTC 17

23:48:40 [JoeHallCDT]

… would be great to have someone from that group speak.

23:49:14 [JoeHallCDT]

Berin: FTC workshop on 12/6 on big platforms

23:49:23 [JoeHallCDT]

… Q: where do you think w3c's competence lies?

23:49:52 [JoeHallCDT]

… at the end of the day, because it's a public venue, there are some issues that will not be resolved constructively in a public forum.

23:50:12 [JoeHallCDT]

… much progress can happen in private settings.

23:50:39 [JoeHallCDT]

… my concern is that if you succeed too well, it may make it too difficult to make a center of gravity for the private conversations that need to happen.

23:51:01 [JoeHallCDT]

… what we really need in the private space, is something like what we have for net neutrality, the BITAG

23:51:15 [JoeHallCDT]

… create a forum for discourse that is private.

23:51:50 [wseltzer]

public processes work for the Web because there is not a small set of private stakeholders

23:52:03 [JoeHallCDT]

Christine: we might be focused on a different problem...

23:52:18 [JoeHallCDT]

… it's not about publicness but lack of attention to privacy and lack of expertise

23:52:36 [JoeHallCDT]

… we don't want to deflate energy from the WG work, but complement with a parallel process

23:53:09 [JoeHallCDT]

… part of solving some of the problems is making sure the right people are doing the work and not wasting the time of people that are not interested, resourced, experienced

23:53:16 [JoeHallCDT]

… want to fit the process to the problem

23:54:09 [JoeHallCDT]

Rigo: Berin referred to a situation of arbitrage… where mediation between entrenched positions...

23:54:23 [JoeHallCDT]

… we do that in private conversations, but then come back to the public place to show results...

23:54:28 [JoeHallCDT]

… one does not exclude the other.

23:54:55 [JoeHallCDT]

Frank_Dawson: Have been looking at PbDs unmeasurable 7 tennants...

23:55:13 [JoeHallCDT]

… was also dragged in to being a privacy guy at Nokia via CTO's office

23:55:25 [JoeHallCDT]

… have run impact assessments in various projects

23:55:35 [npdoty]

npdoty has joined #privacy

23:55:45 [JoeHallCDT]

… have actually closed down projects… very interesting stage, when you're already operational on a project

23:56:06 [JoeHallCDT]

… want to make an abridged version of privacy impace assessments that can have a time of 2 weeks

23:56:24 [JoeHallCDT]

… doubt we generate specs at w3c that fast

23:56:34 [JoeHallCDT]

… but we should be able to fit the process to the group.

23:56:47 [JoeHallCDT]

… will present how to mold process to group

23:57:05 [JoeHallCDT]

… first piece is bringing civility to the group [?]

23:57:16 [JoeHallCDT]

… first started to think about the word "trust"

23:57:28 [JoeHallCDT]

… we probably have different "trust philosophies"

23:57:40 [JoeHallCDT]

… citing David Hoffman at Intel

23:57:51 [JoeHallCDT]

… Intel talks about the "triangle of trust"

23:58:21 [JoeHallCDT]

… "Technology industry" competes with "consumer/advocacy" competes with "policy/regulatory"

23:58:29 [JoeHallCDT]

… [something about a force field]

23:59:39 [JoeHallCDT]

...

23:59:55 [JoeHallCDT]

[not as good at transcribing stories, apparently!]