W3C

- DRAFT -

Tracking Protection Working Group teleconference

28 Nov 2012

Agenda

See also: IRC log

Attendees

Present
+1.408.674.aaaa, npdoty, wseltzer, tlr, aleecia, BrendanIAB?, +1.703.438.aabb, jchester2, RichardWeaver, TedLeung, Jonathan_Mayer, +1.703.265.aacc, jeffwilson, +1.415.520.aadd, dsinger, moneill2, +49.431.98.aaee, ninjamarnau, +1.714.852.aaff, +1.202.331.aagg, +1.202.587.aahh, schunter, +1.202.296.aaii, Chris_Pedigo, peter, adrianba, Lia, +1.917.934.aajj, peter-4As, vinay, fielding, +1.206.658.aakk, amyc, +1.813.366.aall, hefferjr, +1.202.370.aamm, +aann, +1.646.666.aaoo, +1.408.349.aapp, Chris_IAB?, +1.646.654.aaqq, WileyS, +1.215.286.aarr, susanisrael, +385345aass, David_MacMillan, +1.949.573.aatt, +1.609.258.aauu, efelten, +44.772.301.aavv, +1.310.392.aaww, johnsimpson, +1.206.910.aaxx, Joanne, eberkower, Dwainberg, Chapell, robsherman, +44.772.301.aayy, +1.408.423.aazz, Keith, JC, peder, chris, PhilPearce
Regrets
Chair
schunter
Scribe
wseltzer, npdoty

Contents


<jchester2> Shall we sing Old Lang Digital Syne?

<npdoty> schunter: hi everybody

<npdoty> volunteers to scribe?

<npdoty> I can do the second half, if someone can help with the first

<npdoty> ... where I think I will have to follow up on several of the issues

<aleecia> i am so muted. what

<npdoty> scribenick: wseltzer

<Chris_IAB> just joined via Skype

schunter1: added an item at the end on core next steps for compliance doc
... start with that item.

<npdoty> Dwainberg, I thought your comments weren't differences for the agenda, but just comments on the issue items

next steps

tlr: ack aleecia

aleecia: I am stepping down as co-chair. Thanks all for the opportunity to serve for the past year and a half.
... it's been a great ride. Extremely excited to welcome Peter Swire.

<dwainberg> Nick, it was both.

aleecia: Thanks everybody for all your hard work. I'll continue to be an active participant in the group.

tlr: Thank you very much aleecia for your work and dedication.

<susanisrael> 215286-xxxx is Susanisrael

tlr: Peter, would you introduce yourself?

<jchester2> Bravo Aleecia! Welcome Peter

<jeffwilson> thanks aleecia!

Peter_Swire: Hello, and thanks to those who have been introducing yourselves.

<dwainberg> Thank you, Aleecia!

<npdoty> +1, thanks so much Aleecia

<susanisrael> Thank you very much Aleecia!

Peter_Swire: I ask for your patience and understanding as I work through the institutional history.

<tedleung> Thank you Aleecia!

Peter_Swire: There's lots I don't yet know.

<David_M> Zakim David_McMillan is David_MacMillan

<robsherman> +1 — Aleecia, thanks so much for your hard work on this important effort.

Peter_Swire: I'm going to try to learn it all, to act in good faith, and I ask for your goodwill.
... as I learn W3C process, technology.
... Aleecia and Matthias have been concert pianists, I'm still going through the finger exercises.
... Background: I know quite a few of your and your organizations, even though I haven't been through the DNT meetings.
... On the substance, I've worked on privacy as a law professor and elsewhere since the mid-90s.

<Chris_IAB> Thanks for all your work on this Aleecia-- not always easy, but always appreciated. Welcome aboard Peter!

Peter_Swire: 2 books out this fall, global Foundations introductory course, US privacy law and practice.
... This is not a US process, it's a global process.
... My experience with the EU privacy regime may be helpful.
... 90's, part of the team that negotiated EU-US safe-harbor.
... Sensitivity to different regimes is important here.
... Background on substance, with institutions.
... Worked with FTC, at the White House under Pres. Clinton.
... where part of my role was as NAI was being formed.
... Good relations with US Congress, both Democrats and Republicans.
... Working with Art 29 WP in Europe.
... In addition to W3C, there are many other institutions playing in the privacy space.
... Consumer groups and privacy advocates.
... Worked with CDT, EFF, Jeff Chester, Stanford, others.
... Also spent time working professionally with business community. MS, Intel, IBM, Google, more
... Fellow with Future of Privacy Forum, industry-funded privacy expert group.
... worked to be practical working with business.
... with MoFo with real clients and real problems.
... Tech is at the center of W3C work, along with policy, politics, law.
... Worked for many years on encryption, 1999 chaired WH group on crypto.
... Spoken at FC.
... Main research recently has been on de-identification.
... that has given immersion in actual workings of how companies do de-ID.
... Finally, facilitating complicated negotiations. WH coorddinator for HIPAA.

<Chris_IAB> only 52,000 comments? ;)

Peter_Swire: That rule is still in place today.
... In WH 2009-10 under Larry Summers NEC, chairing complicated processes.

<johnsimpson> Apologies, bad LA traffic

Peter_Swire: I hope and believe I can be a good listener to many perspectives and backgrounds.

<WileyS> Stellar resume Peter!

Peter_Swire: Hopeful we can make progress in W3C standards process and larger privacy issues.

<Chris_IAB> +1 to WileyS comment - very impressive indeed

Peter_Swire: Scheduling: tomorrow, I finish fall semester at Ohio State. Calendar clear now-end of May.
... Cleared my schedule to try to be helpful here.

<aleecia> Here's to a reboot with new energy.

tlr: thank you Peter, welcome on board.
... questions or discussion?

<schunter1> or feedback.

<jchester2> Peter: Since we are in many ways at an impasse, how do you think we can move ahead?

<Chris_IAB> hear you loud and clear Peter, even on speaker

schunter1: Let's dive into the technology
... Happy to have Peter on the call. Really appreciated Aleecia's energy and advice.

<eberkower> aaqq = eberkower

<dwainberg> nick, note that I'm also on Mozilla's phone

schunter1: acknowledge that our initial schedule was a bit optimistic, but thanks to Aleecia we made lots of progress.
... one advantage for a newcomer is that he can ask all the stupid questions.
... That's it for intros.

action items

schunter1: First, action items.

<npdoty> http://www.w3.org/2011/tracking-protection/track/actions/overdue

<aleecia> http://www.w3.org/2011/tracking-protection/track/actions/overdue?sort=owner

<tlr> action-334?

<trackbot> ACTION-334 -- Nick Doty to re-update on handling of sub-domains, clarify concrete options (issue-112, perhaps with Shane) -- due 2012-11-14 -- OPEN

<trackbot> http://www.w3.org/2011/tracking-protection/track/actions/334

npdoty: sent the review half an hour ago, summarizing issues.

<tlr> issue-112?

<trackbot> ISSUE-112 -- How are sub-domains handled for site-specific exceptions? -- pending review

<trackbot> http://www.w3.org/2011/tracking-protection/track/issues/112

npdoty: if we can decide which option, that'll save writing up both.

<tlr> action-131?

<trackbot> ACTION-131 -- Roy Fielding to sketch use case for user agent requests on tracking status resource -- due 2012-11-21 -- OPEN

<trackbot> http://www.w3.org/2011/tracking-protection/track/actions/131

fielding: @@

schunter1: we'll mark it as closed. Any objection?

<npdoty> fielding, you're suggesting that we close/drop action-131? (had trouble hearing)

schunter1: closing action-131

action-258?

<trackbot> ACTION-258 -- Thomas Lowenthal to propose 'should' for same-party and why -- due 2012-10-22 -- OPEN

<trackbot> http://www.w3.org/2011/tracking-protection/track/actions/258

<fielding> yes, so someone else can pick it up. if not, I'll do it later.

<npdoty> is tl or someone from Mozilla able to report on this?

action-323?

<trackbot> ACTION-323 -- Thomas Lowenthal to share results of what-the-response-is-for discussion -- due 2012-10-22 -- OPEN

<trackbot> http://www.w3.org/2011/tracking-protection/track/actions/323

schunter1: I'll send reminders to tl

<npdoty> action-131: fielding is happy to let someone else take this up if they have time, or will otherwise get to it later

<trackbot> ACTION-131 Sketch use case for user agent requests on tracking status resource notes added

schunter1: re 258, 323

action-317?

<trackbot> ACTION-317 -- David Singer to draft non-normative examples on same-party (issue-164) -- due 2012-11-14 -- OPEN

<trackbot> http://www.w3.org/2011/tracking-protection/track/actions/317

<schunter1> http://www.w3.org/2011/tracking-protection/track/actions/317

<aleecia> david's on the bus

<schunter1> I can hear you

action-333?

<trackbot> ACTION-333 -- David Singer to work with Ian's text, Adrian's text, and Nick's cleanup to produce a new exception API proposed specification -- due 2012-11-14 -- OPEN

<trackbot> http://www.w3.org/2011/tracking-protection/track/actions/333

<fielding> nothing

dsinger: sent text on exceptions out to the mailing list already

dsinger; I wrote something, not sure if it went to mailing list or just to Roy

scribe: Will send it again and make sure it's linked.

dsinger: Re 333, sent text a few weeks ago. Adrian wants a few more days to review.
... by the end of this week I'll send something to the mailing list.

<npdoty> dsinger: will send something to the mailing list by the end of the week, even if we haven't heard feedback from ian/adrian yet

action-332?

<trackbot> ACTION-332 -- David Wainberg to review TPE spec to ensure iframes are fine for exception API; if not, propose text changes -- due 2012-11-21 -- OPEN

<trackbot> http://www.w3.org/2011/tracking-protection/track/actions/332

<aleecia> ouch

dwainberg: @@

<Chris_IAB> very hard to hear you David

dwainberg: add a week or two

schunter1: I'll add a week
... done for TPE

<fielding> we are done? YAY

<dwainberg> yes, I didn't realize I had that action item -- need another week to review.

schunter1: Went through issues and categorized them; issues where we have some text

pending review items

schunter1: do we accept the text, ask for alternatives, agree to drop
... Second is open issues where we need to assign actions to produce text.

ISSUE-21?

<trackbot> ISSUE-21 -- Enable external audit of DNT compliance -- pending review

<trackbot> http://www.w3.org/2011/tracking-protection/track/issues/21

<schunter1> http://lists.w3.org/Archives/Public/public-tracking/2012Feb/0000.html

scribe: ^ text on the table

<aleecia> poorly

dwainberg: Is Kevin on the call?

<Joanne> http://lists.w3.org/Archives/Public/public-tracking/2012Mar/0419.html

Joanne: No. We provided some updated text. ^ link.

<aleecia> I'm surprised we're talking about this on TPE?

<aleecia> Oh - because it's down to an array.

Joanne: General understanding is the group didn't have an objection as this would be optional flag.

dwainberg: can we take a minute to walk through this new text?

Joanne: TK response header as optional tracking status resource
... where party responding to DNT signal can put in additional info
... such as link to privacy policy, indication that they've undergone 3d party audit.
... along with other optional resources

<Chris_IAB> I don't believe we are in favor of this option

Joanne: way for companies to show accountability, communicate that they've agreed to comply with 3d-pty standards

<npdoty> I believe the mechanism is the `audits` optional field in the tracking status resource

<Chris_IAB> it's out of scope for DNT

Joanne: text we proposed back in March was condensed, a lot less prescriptive.
... [reading]

A party MAY seek additional compliance verification with DNT through an audit authority communicating that a privacy policy is present (yes/no), and it has been certified; at minimum its in compliance with the DNT standard or in alignment with certain best practices.

dwainberg: is this normative?

<Joanne> A party MAY seek additional compliance verification with DNT through an audit authority communicating that a privacy policy is present (yes/no), and it has been certified; at minimum its in compliance with the DNT standard or in alignment with certain best practices. The User Agent MAY enable for a representation of this additional status in the form of an additional mechanism such as one of the following: 1. Tracker Selection List [TSL][CUT]

Joanne: I'll paste proposed normative text into irc.

<npdoty> although I actually think this could be non-normative text, as they're examples/suggestions

dwainberg: [hard to hear]
... propose moving this to compliance spec

schunter1: two angles to the audit

<aleecia> This actually does fit in TPE, it took me a minute to remember why too

schunter1: compliance angle, extra data fields in the response protocol
... in TPE, we shoudl focus on what are the data field exchange flags needed.

<aleecia> It did start in Compliance, but now that it's simplified it's really more of a TPE fit

<jmayer> matthias, could we tackle ISSUE-137 next?

fielding: we have an audit field in the response

<npdoty> "An optional member named audit may be provided with an array value containing a list of URI references to external audits of the designated resource's privacy policy and tracking behavior in compliance with this protocol.", from the TPE

fielding: we can move on.

<jmayer> I have to run to Corporations in 10 minutes and would like to be able to comment.

<jmayer> I don't follow why this would be a Compliance issue. It's a way to transmit something—pure protocol.

<dsinger> Roy's text is this (quoting the spec): "An optional member named audit may be provided with an array value containing a list of URI references to external audits of the designated resource's privacy policy and tracking behavior in compliance with this protocol. Preferably, the audit references are to resources that describe the auditor and the results of that audit; however, if such a resource is not available, a reference to the auditor is sufficient."

schunter1: Action on Kevin to see whether he needs additional fields

<fielding> http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#dfn-audit

Chris_IAB: DAA and IAB would not support

<Joanne> Matthias, I can take any action items assigned to Kevin

<schunter1> ok.

Chris_IAB: an issue of scope. Programs are important, but not part of DNT.

Chapell: nothing to add to David and Chris.

<npdoty> Alan, you were a contributor to this text proposal, yeah?

aleecia: a little history. We were happy with this proposal

<Chapell> npdoty, I participated in a preliminary call, but did not provide text

aleecia: it started very long and involved, has now been trimmed to something manageable.
... give ability to have more transparency, trust. let users understand status of 3d-pty auditing.

<Chris_IAB> DAA has a program that already addresses this

aleecia: surprised to hear controversy.
... this has had a lot of work, now moving to something optional for companies that want to show this info to their users.

<Joanne> Aleecia covered this well

<Chris_IAB> the DAA program is different than DNT (today's definition)

<Joanne> thanks

<npdoty> Chris_IAB, maybe there's some confusion here, I don't think this would in any way replace an existing program, it lets the site tell the user that they follow such a program

<Chapell> .... while I'm sure that some may provide audit / evaluations for DNT, I don't think there is any benefit to specifying this in the text

<Joanne> please assign it to me

<npdoty> scribenick: npdoty

<Chris_IAB> npdoty, I feel it's out of scope, per the Charter

<efelten> It's an *optional* field, so "my company won't use it" isn't a strong argument against.

schunter: worth making an update to see if we need any additional language or additional fields

<ChrisPedigoOPA> I don't remember there being consensus on this

<Chris_IAB> I fail to see where this is in scope per our current Charter

<scribe> ACTION: joanne to update on audits field proposal and any normative requirements as necessary [recorded in http://www.w3.org/2012/11/28-dnt-minutes.html#action01]

<trackbot> Created ACTION-340 - Update on audits field proposal and any normative requirements as necessary [on Joanne Furtsch - due 2012-12-05].

<Chapell> I don't remember consensus on this item either

" <npdoty> any objections to an audit field?

<aleecia> Awesome

<npdoty> no objections to the audit field. ", from Bellevue

fielding: agree with aleecia in general, not sure the text that we looked at in emails today is necessary for the TPE side

<aleecia> there are two things out of scope by charter. This is neither of them.

<schunter1> We agree on the audit field. We discuss what non-normative text to wrap around it.

fielding: but if there's anything that needs to be updated on the audits field, please let us know

<dsinger> yes, I would like to know what more edits are proposed to TPE, and why (over and above the 'audit' field)

ChrisPedigoOPA: don't want to get in the way of audits, concerned that we're adding complexity or too strongly encouraging use of the audit identifier
... don't think we need the TRUSTe proposal right now

npd: not entirely sure what ChrisP means by the TRUSTe proposal and what isn't needed

<Joanne> here is the yest from teh TPE

<Joanne> An optional member named audit may be provided with an array value containing a list of URI references to external audits of the designated resource's privacy policy and tracking behavior in compliance with this protocol. Preferably, the audit references are to resources that describe the auditor and the results of that audit; however, if such a resource is not available, a reference to the auditor is sufficient. audit = %x22 "audit" %x22 audi[CUT]

<Joanne> An optional member named audit may be provided with an array value containing a list of URI references to external audits of the designated resource's privacy policy and tracking behavior in compliance with this protocol. Preferably, the audit references are to resources that describe the auditor and the results of that audit; however, if such a resource is not available, a reference to the auditor is sufficient. audit = %x22 "audit" %x22 audi[CUT]

Chris_IAB: we have our own ways through the DAA program to confirm compliance with the DAA program, a program that's quite different from DNT, would lead to confusion if we add on additional compliance regimes at this time
... want to stay focused on defining tracking and dnt

Dwainberg: should move on, we have an action item to revise text

<aleecia> Is there any reason someone *cannot* live with this proposal?

Dwainberg: better suited to discussion in compliance?

<fielding> aleecia, which one?

npd: are the objections to having the audit field at all? or the text proposed in march?

<aleecia> With an optional TPE field for audit transparency

<schunter1> Agreement on "audit" field. Disagreement on whether additional text is needed.

<fielding> ditto

jmayer: arguments seem in favor of adding an optional audit field, if consumers did want to learn about auditing, having an optional consistent path is what we would do to facilitate marketplace competition

<Chris_IAB> npdoty, I object to both

<jmayer> Phone fail. Hope that made sense, off to class.

schunter: don't debate the audit field, we had consensus at our last f2f about that field, just a question of whether additional text is necessary

<Chapell> Kick off que (:

schunter: leave it to Joanne to see if we need an update at all

<aleecia> Great

Joanne: we're fine with the language in the TPE, but if the group is fine with what's in the TPE now, issue 21 can be closed

schunter: quick turnaround on that action

<Chapell> Wondering if the audit field is related to the token field discussion --- is it ok for DNT compliant to be audited pursuant to the DAA or NAI Codes?

<tlr> issue-21?

<trackbot> ISSUE-21 -- Enable external audit of DNT compliance -- pending review

<trackbot> http://www.w3.org/2011/tracking-protection/track/issues/21

<Chapell> I was....

schunter: suggest closing issue 21, unless we need additional text
... does anyone need additional text for issue 21?

<Chapell> Thanks TLR

Chris_IAB: didn't recall an agreement in Amsterdam about the audit field

<Joanne> it was in Seattle we discussed it

<fielding> yes, in Bellevue

<npdoty> any objections to an audit field?

<aleecia> Awesome

<npdoty> no objections to the audit field.

http://www.w3.org/2012/06/22-dnt-minutes

<aleecia> thank you, Nick

Chris_IAB: can you get an update on that from the minutes offline?

<aleecia> Which meeting was it?

<tlr> aleecia, 22 June, Bellevue, WA

<Chris_IAB> npdoty, I am not in favor of an audit field

Chapell: if we set up an audit field, there might be some concern from the group about whether NAI or others is providing an audit, or what ruleset might apply

<aleecia> thanks. I also remembered this discussion but not Amsterdam. This seems right to me.

<fielding> tes, this is going down a rathole and we are not discussing it -- audit is a link

Chapell: blank check around an audit function

<Chris_IAB> npdoty, I am searching the notes from Amsterdam, and can't find where we agreed on adding an audit field??

<tlr> Chris, http://www.w3.org/2012/06/22-dnt-minutes

schunter: for the protocol, this is just a field

issue-137?

<trackbot> ISSUE-137 -- Does hybrid tracking status need to distinguish between first party (1) and outsourcing service provider acting as a first party (s) -- pending review

<trackbot> http://www.w3.org/2011/tracking-protection/track/issues/137

<dsinger> I think this is very different from a previous discussion, where we considered and rejected a proposal to say which compliance you claim; this is about whether you have been *audited* for the compliance...

<aleecia> (might make sense to put the link to the minutes into the notes for the issue, so we don't have to pull this again)

<tlr> issue-21: see discussion at Bellevue face-to-face, http://www.w3.org/2012/06/22-dnt-minutes

<trackbot> ISSUE-21 Enable external audit of DNT compliance notes added

<dsinger> this links to my action-317 same-party (optional)

schunter: tl had said at one point that it's important to indicate whether a server is a service provider
... fielding had pointed out that they may not be allowed to or want to
... we need alternatives of text for this, in order to close it

<Chris_IAB> npdoty, thanks for pointing me to this. I must have stepped out of the room, so I apologize. I'm still not in support of it, but anyway, I see how it was added.

dsinger: my recollection is that we accepted fielding's point on this, but might be useful to indicate when you're in a service provider relationship (like when you are on a different domain)
... connected to my action-317, but also to Rigo's @@@
... optional, in order to disambiguate in cases where you might appear to be a "rogue" first party

<Chris_IAB> npdoty, reading the notes, I believe the context of an audit field is with respect to a DNT audit (against THIS spec), not for just any old audit.

<efelten> +1 dsigner, I remember it the same way.

<tlr> action-317?

<trackbot> ACTION-317 -- David Singer to draft non-normative examples on same-party (issue-164) -- due 2012-11-14 -- OPEN

<trackbot> http://www.w3.org/2011/tracking-protection/track/actions/317

<fielding> The entire point of having service provider constraints is to classify them as part of the first party controller. There is NO reason to indicate that in the protocol.

dsinger: can move forward with my text suggestion for 317

fielding: don't have any need or desire for mechanical distinction between sites that are made up of multiple service providers
... a flag added to the protocol does not help except for sites wholly owned by one corporation
... if it weren't for the constraints on service providers (handling the data as if they were wholly owned by the provider, so there's no additional loss of privacy there)

<efelten> +q

schunter: to recap an argument, when the service provider is running on an independent domain, a user agent may be confused if two separate sites are indicated as the same party
... declaring when an independent site is not the same party but a service provider

<dsinger> yes, this is to enable dealing with the case when a site appears different (e.g. because of hostname) but is in fact under an SP relationship

aleecia: to roy's point, I have two possible concerns where the distinction would be useful for the user

<fielding> really?

aleecia: one possible approach for service providers is that they could combine data from multiple first parties
... if that were the approach we took (which I wouldn't support), I would be concerned about a lack of signal to the user

<dsinger> is having a hard time seeing why an *optional* notifier is objectionable

<dsinger> if you don't see a need to use it, then don't use it

aleecia: second, if DNT were providing value mostly on transparency rather than controlling collection, then it might be an issue to reduce transparency
... might depend on our definition of service provider

<vinay> Aleecia -- which proposed text are you referring to where it allows a service provider to combine user-level data (not aggregate data) across first parties?

efelten: given that we're talking about an optional field, then we should look at whether it would be useful for a server to say whether it's a service provider

<aleecia> Shane's been proposing that for months

efelten: for example, if a site is offering from a different domain, but says that it has consent from the user
... it would look to the user/ua like a false assertion of consent

<dsinger> +1 to ed; this makes possible disambiguation, but does not require it

efelten: where there would be genuine confusion about whether a site is a service provider or not

schunter: the question was just whether to have it as mandatory, not whether to have it as an optional field

<fielding> I don't see how a flag disambiguates that. I have no problem with a link that says who the first party is for each tracking status resource

efelten: not taking a position on mandatory, but keeping an optional field is important

<Chris_IAB> how do optional fields get added to the spec in the end? must we show use before they are added to the final spec?

efelten, I think fielding believes that the policy link can be used to disambiguate in those cases

<Chris_IAB> +q

<fielding> or a new "first-party" link

schunter: optional doesn't mean whether we add the field to the spec, but a piece of info that sites may or may not transmit

<aleecia> Roy, that's interesting. What would that look like?

<aleecia> In Europe, I think that works really well. In the US, not as well.

<dsinger> notes that issue-168 is the other related issue here

schunter: optional from a syntax perspective, there are sometimes messages that don't have the field

<aleecia> So would a first party just list itself as the first party?

<aleecia> Or just claim "I'm a first party" and be done?

<efelten> Roy, there's also a cases where a SP is acting on behalf of a third party.

schunter: truly optional, sites may or may not transmit the flag for whatever reasons it has

<fielding> efelten, but in those cases they cannot claim more than 3rd party status

Chris_IAB: procedurally, do we have to show two parties

<dsinger> yes, if we end up with no-one implementing, we could/woudl remove the feature eventually

<dsinger> linked to 317

Chris_IAB: do we have to have two interoperable implementations in order to move forward with it?

npdoty: we can as a group indicate features that are "at risk" that would be removed from the spec if those features were not implemented interoperably
... a step we would take at CR

dsinger: happy to have it optional but not mandatory, and (related to 317) can write up some cases where it might be useful

<Chris_IAB> thank you npdoty, that seems very clear

<fielding> making it option does not remove the concern about UAs discriminating on the basis of this field, which again is an anti-competition issue

fielding: not a case where you can make it optional and it's still okay

<Chris_IAB> +1 to fielding

<dsinger> ah, ok, I will take that into account when I do the write-up, thanks Roy

fielding: if users use the flag to discriminate, then that could have a negative market effect on smaller players
... would have to be a formal objection, even if optional

<scribe> ACTION: singer to write up potential use cases for optional indication of service provider status, including points from Roy [recorded in http://www.w3.org/2012/11/28-dnt-minutes.html#action02]

<trackbot> Created ACTION-341 - Write up potential use cases for optional indication of service provider status, including points from Roy [on David Singer - due 2012-12-05].

<Chris_IAB> fielding and dsinger, we should always consider the "level playing field" when considering features here -- very good call Roy

<johnsimpson> yes

<aleecia> Hi, Peter

<efelten> Obviously, any (mis)use of the standard in violation of antitrust law would be subject to law enforcement.

npd: fielding, that would be a disincentive to using the optional field, yeah?

request to help

peterswire: we'll post this request, want to solicit input from any of you
... comments to be submitted for the call a week from today

<aleecia> The only note I have is pretty obvious from this call: I'll be taking a different role here now that I'm not co-chair.

peterswire: no more than 3 points and no more than 300 words

<Chris_IAB> efelten, good point, though it can be a grey line as you know

peterswire: I'll read all that fit that limit
... what are the most important things for the process to consider, areas of agreement to highlight, things for the new co-chair to know
... comments posted by a week from now, for response by Wed, Dec 12

<dsinger> …is confused; comments on what?

tlr: usual way is just to use the mailing list, answers to the email that Peter will send

<Chris_IAB> should we set up a topic on the mailing list?

<schunter1> Kick-off advise and your main requirements

<aleecia> Can we *please* have a second dlist that is not for discussion?

<tlr> yes :)

<aleecia> That's been promised for months now

<tlr> peter was asking for input on priorities

<susanisrael> +1 aleecia

peter: will post request for comments today, exact wording

<afowler> +1 aleecia and susan

npd: aleecia, susanisrael, afowler, will follow up on that again, apologies

schunter: from my perspective that's all, anything I overlooked for today in last minutes?
... if not, we can close the call
... thanks a lot, adjourned, see you all next week.

Summary of Action Items

[NEW] ACTION: joanne to update on audits field proposal and any normative requirements as necessary [recorded in http://www.w3.org/2012/11/28-dnt-minutes.html#action01]
[NEW] ACTION: singer to write up potential use cases for optional indication of service provider status, including points from Roy [recorded in http://www.w3.org/2012/11/28-dnt-minutes.html#action02]
 
[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.137 (CVS log)
$Date: 2012/11/28 18:27:06 $

Scribe.perl diagnostic output

[Delete this section before finalizing the minutes.]
This is scribe.perl Revision: 1.137  of Date: 2012/09/20 20:19:01  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: RRSAgent_Text_Format (score 1.00)

Succeeded: s/@@/sent text on exceptions out to the mailing list already/
Succeeded: s/tes/yes/
Found ScribeNick: wseltzer
Found ScribeNick: npdoty
Inferring Scribes: wseltzer, npdoty
Scribes: wseltzer, npdoty
ScribeNicks: wseltzer, npdoty
Default Present: +1.408.674.aaaa, npdoty, wseltzer, tlr, aleecia, BrendanIAB?, +1.703.438.aabb, jchester2, RichardWeaver, TedLeung, Jonathan_Mayer, +1.703.265.aacc, jeffwilson, +1.415.520.aadd, dsinger, moneill2, +49.431.98.aaee, ninjamarnau, +1.714.852.aaff, +1.202.331.aagg, +1.202.587.aahh, schunter, +1.202.296.aaii, Chris_Pedigo, peter, adrianba, Lia, +1.917.934.aajj, peter-4As, vinay, fielding, +1.206.658.aakk, amyc, +1.813.366.aall, hefferjr, +1.202.370.aamm, +aann, +1.646.666.aaoo, +1.408.349.aapp, Chris_IAB?, +1.646.654.aaqq, WileyS, +1.215.286.aarr, susanisrael, +385345aass, David_MacMillan, +1.949.573.aatt, +1.609.258.aauu, efelten, +44.772.301.aavv, +1.310.392.aaww, johnsimpson, +1.206.910.aaxx, Joanne, eberkower, Dwainberg, Chapell, robsherman, +44.772.301.aayy, +1.408.423.aazz, Keith, JC, peder, chris, PhilPearce
Present: +1.408.674.aaaa npdoty wseltzer tlr aleecia BrendanIAB? +1.703.438.aabb jchester2 RichardWeaver TedLeung Jonathan_Mayer +1.703.265.aacc jeffwilson +1.415.520.aadd dsinger moneill2 +49.431.98.aaee ninjamarnau +1.714.852.aaff +1.202.331.aagg +1.202.587.aahh schunter +1.202.296.aaii Chris_Pedigo peter adrianba Lia +1.917.934.aajj peter-4As vinay fielding +1.206.658.aakk amyc +1.813.366.aall hefferjr +1.202.370.aamm +aann +1.646.666.aaoo +1.408.349.aapp Chris_IAB? +1.646.654.aaqq WileyS +1.215.286.aarr susanisrael +385345aass David_MacMillan +1.949.573.aatt +1.609.258.aauu efelten +44.772.301.aavv +1.310.392.aaww johnsimpson +1.206.910.aaxx Joanne eberkower Dwainberg Chapell robsherman +44.772.301.aayy +1.408.423.aazz Keith JC peder chris PhilPearce
Agenda: http://www.w3.org/mid/50B513D8.1010302@schunter.org
Got date from IRC log name: 28 Nov 2012
Guessing minutes URL: http://www.w3.org/2012/11/28-dnt-minutes.html
People with action items: joanne singer

[End of scribe.perl diagnostic output]