IRC log of dnt on 2013-01-09

Timestamps are in UTC.

16:49:36 [RRSAgent]
RRSAgent has joined #dnt
16:49:36 [RRSAgent]
logging to
16:49:42 [npdoty]
rrsagent, make logs public
16:49:54 [npdoty]
Chair: schunter
16:50:03 [npdoty]
Meeting: Tracking Protection Working Group teleconference
16:50:28 [adrianba]
adrianba has joined #dnt
16:51:28 [Zakim]
T&S_Track(dnt)12:00PM has now started
16:51:35 [Zakim]
+ +1.510.859.aaaa
16:51:45 [fielding]
fielding has joined #dnt
16:52:02 [npdoty]
Zakim, aaaa is npdoty
16:52:02 [Zakim]
+npdoty; got it
16:52:08 [aleecia]
aleecia has joined #dnt
16:53:10 [Zakim]
+ +1.408.674.aabb
16:53:26 [aleecia]
Zakim, aabb is aleecia
16:53:26 [Zakim]
+aleecia; got it
16:53:33 [aleecia]
16:54:21 [Zakim]
+ +1.212.380.aacc
16:54:36 [Zakim]
- +1.212.380.aacc
16:54:40 [aleecia]
Zakim, mute me
16:54:40 [Zakim]
aleecia should now be muted
16:54:58 [BrendanIAB]
BrendanIAB has joined #dnt
16:55:04 [schunter]
schunter has joined #dnt
16:55:36 [dsinger]
dsinger has joined #dnt
16:55:52 [Joanne]
Joanne has joined #DNT
16:55:53 [Zakim]
+ +1.212.380.aadd
16:56:28 [yianni]
yianni has joined #dnt
16:56:29 [npdoty]
agenda+ Next steps for compliance
16:56:37 [npdoty]
Zakim, aadd is IAB
16:56:37 [Zakim]
+IAB; got it
16:56:39 [efelten]
efelten has joined #dnt
16:56:39 [Lmastria_DAA]
Lmastria_DAA has joined #dnt
16:56:43 [Zakim]
+ +1.415.520.aaee
16:56:44 [npdoty]
Zakim, IAB has peterswire
16:56:45 [Zakim]
+peterswire; got it
16:56:46 [jeffwilson]
jeffwilson has joined #dnt
16:56:46 [samsilberman]
samsilberman has joined #dnt
16:56:53 [npdoty]
Zakim, IAB has Chris_IAB
16:56:53 [Zakim]
+Chris_IAB; got it
16:57:01 [aleecia_]
aleecia_ has joined #dnt
16:57:01 [Joanne]
Zakim, aaee is Joanne
16:57:02 [Zakim]
+Joanne; got it
16:57:02 [npdoty]
Zakim, IAB has Lmastria_DAA
16:57:03 [Zakim]
+Lmastria_DAA; got it
16:57:17 [Zakim]
+ +1.703.265.aaff
16:57:19 [Zakim]
+ +1.609.310.aagg
16:57:26 [Zakim]
16:57:31 [efelten]
Zakim, aagg is me
16:57:31 [Zakim]
+efelten; got it
16:57:33 [vincent]
vincent has joined #dnt
16:57:34 [jeffwilson]
zakim, aaff is jeffwilson
16:57:34 [Zakim]
+jeffwilson; got it
16:57:35 [Zakim]
+ +1.781.482.aahh
16:57:36 [dsinger]
zakim, [IPcaller] is me
16:57:36 [Zakim]
+dsinger; got it
16:57:48 [dsinger]
zakim, who is on the phone?
16:57:48 [Zakim]
On the phone I see npdoty, aleecia (muted), IAB, Joanne, jeffwilson, efelten, dsinger, +1.781.482.aahh
16:57:51 [Zakim]
IAB has Lmastria_DAA
16:57:51 [Zakim]
+ +1.215.286.aaii
16:57:58 [samsilberman]
zakim, aahh is samsilberman
16:57:58 [Zakim]
+samsilberman; got it
16:57:59 [jchester2]
jchester2 has joined #dnt
16:57:59 [susanisrael]
susanisrael has joined #dnt
16:58:07 [Zakim]
16:58:09 [Zakim]
16:58:13 [Chris_IAB]
Chris_IAB has joined #dnt
16:58:16 [schunter]
Zakim, ??P54 is schunter
16:58:18 [Zakim]
+schunter; got it
16:58:20 [Zakim]
+ +1.646.801.aajj
16:58:21 [BrendanIAB]
Zakim, IPcaller is probably me
16:58:21 [Zakim]
+BrendanIAB?; got it
16:58:30 [Zakim]
16:58:30 [dwainberg]
zakim, aajj is dwainberg
16:58:31 [Zakim]
+dwainberg; got it
16:58:33 [peterswire]
peterswire has joined #DNT
16:58:33 [peter-4As]
peter-4As has joined #dnt
16:58:37 [susanisrael]
zakim, 215 286 xxxx is susanisrael
16:58:37 [Zakim]
I don't understand '215 286 xxxx is susanisrael', susanisrael
16:58:42 [Zakim]
+ +1.202.587.aakk
16:58:45 [vincent]
zakim, Cyril_Concolato is vincent
16:58:45 [Zakim]
+vincent; got it
16:58:46 [npdoty]
Zakim, aaii is susanisrael
16:58:47 [Zakim]
+susanisrael; got it
16:58:48 [Zakim]
16:58:53 [Zakim]
16:58:56 [dsinger]
zakim, who is making noise?
16:58:58 [adrianba]
zakim, [Microsoft] is me
16:58:58 [Zakim]
+adrianba; got it
16:59:04 [npdoty]
Zakim, IAB has Lmastria_DAA, Chris_IAB, peterswire
16:59:04 [Zakim]
Lmastria_DAA was already listed in IAB, npdoty
16:59:04 [jchester2]
zakim, mute me
16:59:05 [Zakim]
+Chris_IAB, peterswire; got it
16:59:05 [Zakim]
jchester2 should now be muted
16:59:06 [Zakim]
dsinger, listening for 10 seconds I heard sound from the following: IAB (70%), dwainberg (76%)
16:59:11 [rigo]
rigo has joined #dnt
16:59:18 [susanisrael]
*/*sorry for getting the syntax wrong, thanks Nick
16:59:29 [rigo]
zakim, code?
16:59:29 [Zakim]
the conference code is 87225 (tel:+1.617.761.6200, rigo
16:59:30 [dan_auerbach]
dan_auerbach has joined #dnt
16:59:33 [Zakim]
+ +1.202.331.aall
16:59:40 [yianni]
Zakin, 2025874870 is yianni
16:59:50 [AdamTurkel]
AdamTurkel has joined #DNT
16:59:58 [mecallahan]
mecallahan has joined #dnt
16:59:59 [npdoty]
Zakim, aakk is yianni
16:59:59 [Zakim]
+yianni; got it
17:00:05 [Zakim]
+ +1.714.852.aamm
17:00:16 [Zakim]
17:00:17 [npdoty]
Zakim, who is on the phone?
17:00:17 [Zakim]
On the phone I see npdoty, aleecia (muted), IAB, Joanne, jeffwilson, efelten, dsinger, samsilberman, susanisrael, schunter (muted), BrendanIAB?, dwainberg, vincent, yianni,
17:00:20 [Zakim]
... adrianba, jchester2 (muted), +1.202.331.aall, +1.714.852.aamm, AnnaLong
17:00:20 [Zakim]
IAB has Chris_IAB, peterswire
17:00:21 [fielding]
zakim, aamm is fielding
17:00:21 [Zakim]
+fielding; got it
17:00:23 [Zakim]
+ +1.301.351.aann
17:00:27 [Zakim]
+ +1.650.787.aaoo
17:00:31 [AnnaLong]
AnnaLong has joined #dnt
17:00:32 [justin_]
justin_ has joined #dnt
17:00:38 [Zakim]
17:00:39 [Zakim]
+ +1.646.827.aapp
17:00:40 [rigo]
zakim, mute me
17:00:40 [Zakim]
Rigo should now be muted
17:00:44 [npdoty]
Zakim, aaoo is BillScannell
17:00:44 [Zakim]
+BillScannell; got it
17:00:51 [Zakim]
+ +1.703.438.aaqq
17:00:52 [Zakim]
+ +1.202.639.aarr
17:00:53 [hefferjr]
hefferjr has joined #dnt
17:01:05 [npdoty]
Zakim, who is on the phone?
17:01:05 [Zakim]
On the phone I see npdoty, aleecia (muted), IAB, Joanne, jeffwilson, efelten, dsinger, samsilberman, susanisrael, schunter (muted), BrendanIAB?, dwainberg, vincent, yianni,
17:01:09 [Zakim]
... adrianba, jchester2 (muted), +1.202.331.aall, fielding, AnnaLong, +1.301.351.aann, BillScannell, Rigo (muted), +1.646.827.aapp, +1.703.438.aaqq, +1.202.639.aarr
17:01:09 [Zakim]
IAB has Chris_IAB, peterswire
17:01:23 [AdamTurkel]
646-827-XXXX is adam turkel
17:01:24 [Zakim]
17:01:31 [Zakim]
+ +1.202.296.aass
17:01:33 [moneill2]
moneill2 has joined #dnt
17:01:44 [dsinger]
zakim, aapp is AdamTurkel
17:01:44 [Zakim]
+AdamTurkel; got it
17:01:45 [dan_auerbach]
301 is me
17:01:46 [vinay]
vinay has joined #dnt
17:01:58 [npdoty]
Zakim, aaqq is richardweaver
17:01:58 [Zakim]
+richardweaver; got it
17:01:59 [tlr]
zakim, aann is dan_auerbach
17:01:59 [Zakim]
+dan_auerbach; got it
17:02:02 [Brooks]
Brooks has joined #dnt
17:02:07 [Zakim]
17:02:13 [Zakim]
+ +1.678.580.aatt
17:02:19 [Chris_IAB]
Peter Swire, Lou Mastria and Chris Mejia dialing in from 212-380... together
17:02:21 [npdoty]
Zakim, aatt is Brooks
17:02:21 [Zakim]
+Brooks; got it
17:02:31 [Zakim]
+ +1.415.728.aauu
17:02:36 [vinay]
zakim, aauu is vinay
17:02:36 [Zakim]
+vinay; got it
17:02:53 [Zakim]
17:02:54 [moneill2]
zaqkim. [ipcaller] is me
17:02:56 [npdoty]
schunter: welcome all back from the holidays
17:02:58 [rvaneijk]
rvaneijk has joined #dnt
17:03:03 [npdoty]
Zakim, [IPcaller] is moneill2
17:03:03 [Zakim]
+moneill2; got it
17:03:08 [Zakim]
+ +1.646.654.aavv
17:03:09 [moneill2]
zakim, [ipcaller] is me
17:03:09 [Zakim]
sorry, moneill2, I do not recognize a party named '[ipcaller]'
17:03:10 [JC]
JC has joined #DNT
17:03:24 [npdoty]
volunteer to scribe?
17:03:29 [johnsimpson]
johnsimpson has joined #dnt
17:03:32 [Zakim]
+ +1.813.366.aaww
17:03:40 [npdoty]
scribe: susanisrael
17:03:41 [eberkower]
eberkower has joined #dnt
17:03:41 [jmayer]
jmayer has joined #dnt
17:03:41 [hefferjr]
Zakim, aaww is hefferjr
17:03:42 [Zakim]
+hefferjr; got it
17:03:48 [npdoty]
Zakim, who is on the phone?
17:03:48 [Zakim]
On the phone I see npdoty, aleecia (muted), IAB, Joanne, jeffwilson, efelten, dsinger, samsilberman, susanisrael, schunter, BrendanIAB?, dwainberg, vincent, yianni, adrianba,
17:03:51 [Zakim]
... jchester2 (muted), +1.202.331.aall, fielding, AnnaLong, dan_auerbach, BillScannell, Rigo (muted), AdamTurkel, richardweaver, +1.202.639.aarr, [CDT], +1.202.296.aass, moneill2,
17:03:51 [Zakim]
... Brooks, vinay, Craig_Spiezle, +1.646.654.aavv, hefferjr
17:03:51 [Zakim]
IAB has Chris_IAB, peterswire
17:03:54 [Zakim]
+ +1.650.465.aaxx
17:03:58 [Zakim]
17:04:02 [Keith]
Keith has joined #dnt
17:04:03 [susanisrael]
mattias: one change= caller id to be done in background; try to get on irc and tell nick who you are
17:04:07 [rvaneijk]
Hi, I will not be able to attend the call unfortunately..
17:04:09 [Zakim]
17:04:12 [eberkower]
17:04:15 [npdoty]
Regrets+ rvaneijk
17:04:21 [David]
David has joined #dnt
17:04:21 [ChrisPedigo_OPA]
ChrisPedigo_OPA has joined #dnt
17:04:23 [npdoty]
Zakim, aavv is eberkower
17:04:23 [Zakim]
+eberkower; got it
17:04:26 [susanisrael]
mattias: welcome-looking forward to a couple productive months to finish both specs
17:04:31 [WileyS]
WileyS has joined #dnt
17:04:39 [rvaneijk]
Success !
17:04:46 [susanisrael]
mattias: had productive 2012, identified issue, shouldn't be a big deal finishing this year
17:04:48 [Zakim]
17:04:52 [BillScannell]
BillScannell has joined #dnt
17:05:01 [Lia]
Lia has joined #dnt
17:05:02 [npdoty]
agenda+ Action items
17:05:05 [Zakim]
+ +1.310.392.aayy
17:05:09 [npdoty]
agenda+ Revised exceptions approach
17:05:09 [aleecia]
Zakim, agenda?
17:05:10 [Zakim]
I see 3 items remaining on the agenda:
17:05:10 [Zakim]
1. Next steps for compliance [from npdoty]
17:05:10 [Zakim]
2. Action items [from npdoty]
17:05:10 [Zakim]
3. Revised exceptions approach [from npdoty]
17:05:11 [susanisrael]
....peter would like to spend a couple min on compliance doc then i will discuss tpe. comments on agenda?
17:05:18 [npdoty]
agenda+ multiple first parties
17:05:22 [Zakim]
+ +1.408.349.aazz
17:05:24 [bryan]
bryan has joined #dnt
17:05:26 [npdoty]
agenda+ updates to JS API
17:05:34 [npdoty]
agenda+ Service Providers
17:05:42 [johnsimpson]
zakim, 310.292,aayy is johnsimpson
17:05:42 [Zakim]
sorry, johnsimpson, I do not recognize a party named '310.292,aayy'
17:05:43 [npdoty]
agenda+ Pending Review
17:05:47 [npdoty]
agenda+ Open issues
17:05:47 [Zakim]
17:05:51 [susanisrael]
Peter Swire: Happy new year. I will talk for a while to give people background of what will happen next week. ....
17:05:56 [npdoty]
Zakim, aayy is johnsimpson
17:05:56 [Zakim]
+johnsimpson; got it
17:06:02 [susanisrael] goal is to be inclusive.
17:06:09 [johnsimpson]
zakim, 310.392.aayy is johnsimpson
17:06:10 [Zakim]
sorry, johnsimpson, I do not recognize a party named '310.392.aayy'
17:06:13 [pedermagee]
pedermagee has joined #dnt
17:06:25 [justin_]
zakim, aayy is johnsimpson
17:06:25 [Zakim]
sorry, justin_, I do not recognize a party named 'aayy'
17:06:38 [susanisrael]
Wanted to get to know as many stakeholders as possible. IN those conversations was trying to identify a path forward. More than 30 meetings so far.
17:07:24 [susanisrael]
Peter: have responded to all messages and have told people when I would be in various cities. want to build confidence and get to know people. If i have not responded to you I apologize
17:07:35 [susanisrael]
ping me again if you want and we'll try to have a good discusison.
17:07:37 [tedleung]
tedleung has joined #dnt
17:08:17 [susanisrael]
Peter: in those meetings the area of de-identification or de-linking seemed quite promising. another topic was default settings and I don't expect to address that soon. But ,,,,
17:08:33 [Zakim]
+ +1.206.664.bbaa
17:08:45 [tedleung]
zakim bbaa is tedleung
17:08:56 [susanisrael]
de-identification is an area where people of different views think it would be helpful to work on this. advertising industry says they don't use pii and ngo's/advocates also interested.
17:08:58 [npdoty]
Zakim, bbaa is tedleung
17:08:58 [Zakim]
+tedleung; got it
17:09:35 [susanisrael]
It's important on compliance side. If it's not linked, you are not tracked, roughly speaking. So working on de-identification is somewhat like defining what tracking is. Not exact, but similar....
17:09:37 [Chris_IAB]
Zakim, Lou Mastria from DAA is here too, on the same line
17:09:37 [Zakim]
I don't understand you, Chris_IAB
17:09:53 [susanisrael]
so not surprising that what counts as not tracked/de-identified will be important.
17:10:21 [ifette]
ifette has joined #dnt
17:10:24 [kj]
kj has joined #dnt
17:10:47 [susanisrael]
peter: there may some win-wins that can happen here. de-linking may improve privacy but permit better utility for data. Could see wins for people who want to use data and people who don't want to be identified.
17:10:53 [ifette]
i get a busy signal when trying to call in
17:11:08 [ifette]
17:11:13 [susanisrael]
turns out to be related to permissible uses.
17:11:18 [bryan]
i cant dial in either
17:11:55 [susanisrael]
peter: with that as background we can see why this set of issues is important and will have to be addressed in any spec.seems a necessary step to any eventual standard
17:11:56 [David]
David has joined #dnt
17:12:01 [WileyS]
zakim, who is on the call?
17:12:01 [Zakim]
On the phone I see npdoty, aleecia (muted), IAB, Joanne, jeffwilson, efelten, dsinger, samsilberman, susanisrael, schunter (muted), BrendanIAB?, dwainberg, vincent, yianni,
17:12:05 [Zakim]
... adrianba, jchester2 (muted), +1.202.331.aall, fielding, AnnaLong, dan_auerbach, BillScannell, Rigo (muted), AdamTurkel, richardweaver, +1.202.639.aarr, [CDT], +1.202.296.aass,
17:12:05 [Zakim]
... moneill2, Brooks, vinay, Craig_Spiezle, eberkower, hefferjr, +1.650.465.aaxx, Jonathan_Mayer, Chris_Pedigo, [Microsoft], johnsimpson, +1.408.349.aazz, Peder_Magee, tedleung
17:12:05 [Zakim]
IAB has Chris_IAB, peterswire
17:12:20 [WileyS]
Zakim, aazz is WileyS
17:12:20 [Zakim]
+WileyS; got it
17:12:40 [susanisrael]
peter: beyond that these issues of de-identifiication are important in their own right. have been the focus of a lot of attention--in uk and through hhs in us, and canada on healthcare side has done work on this
17:13:02 [aleecia]
Uk, health & human services, Canada, FTC - sources of other thoughts on identification
17:13:19 [ifette]
17:13:21 [aleecia]
(wow, irc lag)
17:13:23 [susanisrael]
peter: a lot of technical people who have done good work on this turn out to be in the w3c process. It may be we have some meetings and do work on this, produce some white papers for people working on this.
17:13:41 [David]
Zakim, DAvid is David_MacMillan
17:13:41 [Zakim]
sorry, David, I do not recognize a party named 'DAvid'
17:13:45 [susanisrael]
this is an area where policy makers have been confused, debates contentious, maybe we can help
17:13:47 [David]
Zakim, David is David_MacMillan
17:13:47 [Zakim]
sorry, David, I do not recognize a party named 'David'
17:13:55 [susanisrael]
peter: if good work to do here, what is our path?
17:14:19 [David]
Zakim, +1.650.465.aaxx is DAvid
17:14:19 [Zakim]
+DAvid; got it
17:14:34 [susanisrael]
peter: there was a sense, in meetings that one challenge is that people some times talk past each other, use different definitions, have different threat models, don't have common vocabulary
17:15:06 [susanisrael]
peter: so this sort of technical descriptive side seems to be something where it s positive to get conversation moving.
17:15:25 [Zakim]
17:15:30 [npdoty]
if you're calling in from one of these numbers, please identify via IRC: +1.202.331.aall, +1.202.639.aarr, +1.202.296.aass, +1.408.349.aazz
17:16:11 [susanisrael]
peter: one goal i had was to make sure i had some good technical folks from different perspectives working on this, for example, EFF, and Ed Felten. IAB chris, david wainberg will be there in person, with shane wiley on phone
17:16:39 [Zakim]
17:16:44 [jchester2]
Peter: You should have presented this first to the entire group, explain your plan then move forward. That it would make it legitimate. Instead of cherry-picking people.
17:16:46 [susanisrael]
not intended to exclude others, but wanted to make sure we have the key people in the room. This weekend got enough yeses to make sure we have range of views in room to make this worthwhile.
17:16:47 [ifette]
Zakim, Google has ifette
17:16:47 [Zakim]
+ifette; got it
17:17:39 [susanisrael]
peter: Khalid El Ahmid phd with book on subject will be in dc on that date, and morning of 17th avoids conflict with NTIA that afternoon. CDT will host. 9-12:30/12:45 EDT
17:17:57 [ifette]
Is this a short notice f2f? Sorry, just dialing in now...
17:18:02 [aleecia]
6 am pacific. Spiffy
17:18:09 [npdoty]
if you're calling in from one of these Washington DC numbers, please identify: +1.202.331.aall, +1.202.639.aarr, +1.202.296.aass
17:18:39 [susanisrael]
peter: we will scribe and have call in and open invitation for people to come physically. room holds 30-35 maybe 40. If you want to come pls send email to yanni lagos
17:18:49 [bryan]
we will attend remotely
17:19:24 [susanisrael]
peter: that's just to get a sense of the numbers. IF too many will figure out a good way to proceed. Maybe limit it to 1 person/organization, but may try other things.
17:20:08 [ifette]
Object to the flurry of short-notice meetings here...
17:20:21 [susanisrael]
peter: separately, have been working with thomas roessler about meeting in brussels when i am there jan 23-35. Not grand meeting for decisions, maybe tech meeting on de-identification. include people who will be in brussels then for dpdp or otherwise.
17:20:23 [aleecia]
So Ian was not deemed a technical expert?
17:20:56 [susanisrael]
peter: this is an informal auxiliary meeting so does not need 8 weeks notice, but will try to have a call.
17:21:15 [susanisrael]
peter: now lets talk about how i think 17th meeting will go.
17:21:56 [susanisrael]
peter: for meeting on 17th, ground rules would be to focus on descriptive discussions. focus on what de-identification is, how it works.
17:22:09 [schunter]
Zakim, unmute me
17:22:09 [Zakim]
schunter should no longer be muted
17:22:14 [susanisrael]
peter: i will consider it out of order to discuss what w3c standard should include
17:22:19 [Keith]
Keith has left #dnt
17:22:32 [susanisrael]
peter: this is intended to be technical clearing of brush around technical issues.
17:22:57 [susanisrael]
mattias: quick question. so do i understand that prupose is to make tech proposals but not put anything in spec?
17:22:59 [fielding]
aleecia, apparently neither am I
17:23:23 [Joanne]
is this meeting to work through different technical use cases?
17:23:27 [Keith]
Keith has joined #dnt
17:23:39 [susanisrael]
peter: even more careful than that. having watched debate, it's not right now to draft tech specs but a step prior to that --getting understanding of common vocabulary/use cases.
17:23:53 [BillScannell]
The 17th will be a great trust-building exercise.
17:23:59 [aleecia]
Well, I guess Google and Adobe are small players :-) I'm sure this will all work out differently next time.
17:24:10 [ifette]
am I the only one who finds the irony of proposing to have the tech meeting in Europe when many of our technical participants (most browse participants, roy, etc) are in the US?
17:24:13 [susanisrael]
peter: ability of people to talk past each other in this area is great, but there is more agreement than it seems
17:24:36 [ifette]
17:24:37 [npdoty]
I think peter's suggestion was not that he found a time that worked with all technical experts, but that there was some minimum that were available, and so it would be useful to have them meet
17:24:46 [Keith]
202.296.1883 is Keith Scarborough with ANA
17:24:59 [ifette]
nick, with a small subset not including any of the browsers i'd be surprised if we saved any time
17:24:59 [susanisrael]
peter: thought would be this is a step towards face to face in mid february. i don't have text or extra pieces in my own mind. when we hvae quality people talking about de-identification we can move toward tech drafting
17:25:02 [dsinger]
zakim, who is on the phone?
17:25:02 [Zakim]
On the phone I see npdoty, aleecia (muted), IAB, Joanne, jeffwilson, efelten, dsinger, samsilberman, susanisrael, schunter (muted), BrendanIAB?, dwainberg, vincent, yianni,
17:25:05 [Zakim]
... adrianba, jchester2 (muted), +1.202.331.aall, fielding, AnnaLong, dan_auerbach, BillScannell, Rigo (muted), AdamTurkel, richardweaver, +1.202.639.aarr, [CDT], +1.202.296.aass,
17:25:05 [Zakim]
... moneill2, Brooks, vinay, Craig_Spiezle, eberkower, hefferjr, DAvid, Jonathan_Mayer, Chris_Pedigo, [Microsoft], johnsimpson, WileyS, Peder_Magee, tedleung, Bryan_Sullivan,
17:25:05 [Zakim]
... [Google]
17:25:05 [Zakim]
IAB has Chris_IAB, peterswire
17:25:05 [Zakim]
[Google] has ifette
17:25:24 [justin_]
zakim, cdt has justin_
17:25:24 [Zakim]
+justin_; got it
17:25:25 [schunter]
17:25:26 [npdoty]
Zakim, aass is KeithScarborough
17:25:26 [Zakim]
+KeithScarborough; got it
17:25:29 [susanisrael]
peter: hope is on feb 11-13 we can try to see how far we can get in mit. responsive mattias?
17:25:35 [ifette]
npdoty, it's being referred to as "The Brussles technical meeting"
17:25:35 [fielding]
at 6am ;-)
17:25:57 [susanisrael]
peter: shifting to list of some topics. Talking to Khalid about possible topics.
17:26:20 [susanisrael]
peter: what are incentives to do de-idnetification now: privacy policy, worrry about breach, etc.
17:26:21 [npdoty]
ifette, Peter had suggested that it might also be useful for those attending CPDP to talk about technology in late January in Brussels (in addition to next week in DC)
17:26:30 [susanisrael]
peter: what are measures of risk of re-identification
17:26:44 [hober]
hober has joined #dnt
17:27:08 [susanisrael]
peter: what are roles of tech safeguards vs administrative safeguards. privacy act from 70s talks about tech, admin, physical safegurads
17:27:40 [aleecia]
It might be helpful to have a reading list to level-set prior to the focused meeting
17:27:46 [susanisrael]
peter: hashing. discussion of what anybody means by magic term of persistent identifiers.
17:27:55 [npdoty]
+1 on reading list
17:28:00 [susanisrael]
that is a potential list of things that might occupy us for 3 1/2 hr meeting.
17:28:01 [fielding]
and a wiki
17:28:21 [npdoty]
if we'd like a wiki for our WG on the home page, I can set that up
17:28:26 [aleecia]
Because to fly coast to coast for 3.5 hours, and pay full fare, I'd like to make damn sure it's useful
17:28:27 [susanisrael]
peter: this work on de-identification arose from meetings with a lot of groups including jeff chester's privacy group
17:28:34 [npdoty]
... in fact, we have that set up for Privacy in general, and could set up some pages there
17:28:43 [jchester2]
That's not true, Peter. You asked for a general meeting with US NGOs. That's what the Privacy Coalition meeting in DC was about. You should have done this differently.
17:28:43 [justin_]
17:28:54 [aleecia]
+ 1 nick
17:28:54 [susanisrael]
peter: now public discussions that start next thursday. still in remedial state of seeing how to get chat to work.
17:28:55 [efelten]
It would also be useful to know who the technical experts are who will be there.
17:29:18 [justin_]
17:29:19 [jmayer]
17:29:24 [susanisrael]
peter: i apologize that i talk better than mulitask and my irc channel went dead.
17:29:26 [aleecia]
Request reading list by Saturday
17:29:36 [schunter]
thx for the help for me (I guess I forgot all about Zakim over the holidays).
17:29:41 [schunter]
17:29:47 [schunter]
ack jmayer
17:29:51 [aleecia]
(on bus, so not going to speak)
17:29:52 [justin_]
ack jmayer
17:29:53 [rigo]
ack ri
17:29:56 [schunter]
Zakim, unmute me
17:29:56 [Zakim]
schunter should no longer be muted
17:30:16 [peterswire]
peterswire has joined #DNT
17:30:32 [susanisrael]
jmayer: had a question about attendance. I understand that many members of group might be there but can organizations bring in software engineers and tech staff.
17:31:02 [bryan]
limited to W3C member organizations, right?
17:31:19 [susanisrael]
peter: want more phds and fewer jds, so yes. not trade secrets of companies but work through issues that concern companies.
17:31:23 [aleecia]
Are press invited or barred?
17:31:38 [justin_]
We don't have room for press :)
17:31:47 [bryan]
IPR policy would be a concern otherwise - as technical solutions are being discussed
17:31:49 [aleecia]
You don't have room for participants
17:31:51 [susanisrael]
peter: is it limited to w3 member organizations? staff might help but i think it could be someone there on behalf of an organization
17:32:01 [jchester2]
It needs a larger venue that CDT.
17:32:08 [aleecia]
I'm fine with that
17:32:18 [susanisrael]
peter: press? i would have expected it to be on same basis as other calls.
17:32:19 [justin_]
As am I, we were just trying to help!
17:32:21 [rigo]
zakim, mute me
17:32:21 [Zakim]
Rigo was already muted, rigo
17:32:22 [npdoty]
action: doty to set up wiki page for sharing reading list / technical papers on deidentification
17:32:22 [trackbot]
Created ACTION-347 - Set up wiki page for sharing reading list / technical papers on deidentification [on Nick Doty - due 2013-01-16].
17:32:26 [rigo]
ack ri
17:32:30 [aleecia]
Just wanted clarity (fine with no press, that is. Also fine with larger venue)
17:32:36 [susanisrael]
peter: if count gets to 50 in next few days will look for another venue
17:32:40 [susanisrael]
peter: other questions?
17:32:51 [aleecia]
17:32:52 [Zakim]
17:32:55 [rigo]
zakim, unmute me
17:32:55 [Zakim]
Rigo should no longer be muted
17:32:57 [susanisrael]
Peter: if no other questions or comments, turn this over to Mattias.
17:33:01 [aleecia]
Could someone raise that?
17:33:09 [justin_]
17:33:19 [justin_]
17:33:25 [susanisrael]
mattias: when you post you should describe goals and initial definitions would be helpful
17:33:32 [aleecia]
Thanks, Matthias -- if we could get a list of reading by sat
17:33:33 [jmayer]
Would be great to hear who the technical experts in attendance will be. Would be a shame if it's the same cast of policy and law characters. Would enjoy a deep engineering chat.
17:33:43 [susanisrael]
justin: there was agreement on irc that agenda and reading in advance would help
17:33:45 [aleecia]
That would help us all start with uniformly higher clue
17:33:49 [npdoty]
Zakim, agenda?
17:33:49 [Zakim]
I see 8 items remaining on the agenda:
17:33:50 [Zakim]
1. Next steps for compliance [from npdoty]
17:33:50 [Zakim]
2. Action items [from npdoty]
17:33:50 [Zakim]
3. Revised exceptions approach [from npdoty]
17:33:50 [Zakim]
4. multiple first parties [from npdoty]
17:33:50 [Zakim]
5. updates to JS API [from npdoty]
17:33:50 [Zakim]
6. Service Providers [from npdoty]
17:33:50 [Zakim]
7. Pending Review [from npdoty]
17:33:51 [Zakim]
8. Open issues [from npdoty]
17:34:00 [npdoty]
Zakim, who is on the phone?
17:34:00 [Zakim]
On the phone I see npdoty, aleecia (muted), IAB, Joanne, jeffwilson, dsinger, samsilberman, susanisrael, schunter, BrendanIAB?, dwainberg, vincent, yianni, adrianba, jchester2
17:34:04 [Zakim]
... (muted), +1.202.331.aall, fielding, AnnaLong, dan_auerbach, BillScannell, Rigo, AdamTurkel, richardweaver, +1.202.639.aarr, [CDT], KeithScarborough, moneill2, Brooks, vinay,
17:34:04 [Zakim]
... Craig_Spiezle, eberkower, hefferjr, DAvid, Jonathan_Mayer, Chris_Pedigo, [Microsoft], johnsimpson, WileyS, Peder_Magee, tedleung, Bryan_Sullivan, [Google]
17:34:04 [Zakim]
IAB has Chris_IAB, peterswire
17:34:04 [Zakim]
[CDT] has justin_
17:34:04 [Zakim]
[Google] has ifette
17:34:08 [susanisrael]
peter: a couple of initial docs would be hhs guidance and ico guidance that i mentioned and i will send around links
17:34:11 [aleecia]
& nick, thanks for adding them to the wiki
17:34:26 [susanisrael]
mattias: what do we do with open items on compliance spec. Pause and push again?
17:34:32 [justin_]
Can we deal with this on the next call?
17:34:33 [rigo]
17:34:39 [rigo]
ack ri
17:34:42 [aleecia]
Please do not close & recreate, but Peter dropped
17:34:51 [jmayer]
Off to Admin Law. Until next week...
17:34:59 [Zakim]
17:35:25 [susanisrael]
mattias. we need to decide soon what to do with open items on compliance spec-can discuss offline
17:35:29 [susanisrael]
peter: yes, offline
17:35:39 [peterswire]
peterswire has joined #dnt
17:35:48 [npdoty]
Zakim, take up agendum 2
17:35:48 [Zakim]
agendum 2. "Action items" taken up [from npdoty]
17:35:49 [susanisrael]
mattias: overdue action items next on agenda, will ignore compliance items and review others
17:36:10 [susanisrael]
mattias: action (343?) on nick. item 102.
17:36:14 [Zakim]
17:36:25 [peterswire]
peterswire has joined #dnt
17:36:41 [susanisrael]
npdoty: since i wrote up summary there has been active thread so i am not sure my summary on issue 112 matches what group thinks now
17:37:00 [susanisrael]
npdoty: can write up and see if there are changes. can do mine within week
17:37:15 [susanisrael]
mattias: close action, open issue bc no agreed on text
17:37:32 [susanisrael]
npdoty: just push my action out a week and i will have a proposal. not sure if only proposal
17:37:35 [aleecia]
(do we have minutes to review?)
17:37:53 [fielding]
17:37:56 [npdoty]
17:37:56 [trackbot]
ACTION-340 -- Joanne Furtsch to update on audits field proposal and any normative requirements as necessary -- due 2012-12-05 -- OPEN
17:37:56 [trackbot]
17:37:59 [susanisrael]
Mattias: ok. next action 340, update on audit fields on joanne furtsch. any news
17:38:21 [susanisrael]
joanne: iwill need a little bit of...actually thought we closed this bc fine with language in current draft of tpe
17:38:29 [susanisrael]
mattias: ok.
17:39:22 [susanisrael]
mattias: next one is 342. on me. ask for objections to new ex ception model. i will mark this as closed bc will discuss new model in a min. does not mean we agree just doesn't make sense to discuss now
17:39:31 [susanisrael]
mattias: on david action 345.
17:39:54 [npdoty]
apologies, I have responding to dsinger on my to-do list
17:40:03 [npdoty]
17:40:03 [trackbot]
ACTION-345 -- David Singer to condense non-norm examples on non-JS third parties and integrate into spec -- due 2012-12-12 -- PENDINGREVIEW
17:40:03 [trackbot]
17:40:07 [susanisrael]
dsinger: i wrote email but did not get feedback. ought to get that before close. will put it up again.
17:40:37 [susanisrael]
mattias: david resent text once. my suggestion is to put in text and can then fine tune. is non-normative text
17:40:44 [susanisrael]
dsinger: ok will integrate into text
17:40:56 [kj]
kj has joined #dnt
17:41:19 [susanisrael]
mattias: action 332 on dwainberg.
17:41:26 [npdoty]
17:41:26 [trackbot]
ACTION-332 -- David Wainberg to review TPE spec to ensure iframes are fine for exception API; if not, propose text changes -- due 2012-12-05 -- OPEN
17:41:26 [trackbot]
17:41:42 [susanisrael]
dwainberg: i did spend time on this but was a while ago. if we could push another week, i will review notes and follow up
17:41:53 [susanisrael]
mattias: ok so i think this is all the tpe related actions
17:42:04 [npdoty]
Zakim, take up agendum 3
17:42:04 [Zakim]
agendum 3. "Revised exceptions approach" taken up [from npdoty]
17:42:44 [susanisrael]
mattias: revised approach on exeptions. david has integrated into text. browser responsible for getting user preference than puts in browser for storage and may check with user if it wants
17:43:06 [schunter]
17:43:07 [npdoty]
Zakim, drop aall
17:43:07 [Zakim]
+1.202.331.aall is being disconnected
17:43:07 [adrianba]
17:43:08 [ifette]
17:43:09 [Zakim]
- +1.202.331.aall
17:43:12 [npdoty]
Zakim, drop aarr
17:43:12 [Zakim]
+1.202.639.aarr is being disconnected
17:43:12 [ifette]
to what david put in?
17:43:14 [Zakim]
- +1.202.639.aarr
17:43:17 [schunter]
ack adrianba
17:43:18 [susanisrael]
mattias: so push for later, david said we need addtional functionality and on agenda item 5 we need feedback on what david put in spec
17:43:53 [ifette]
can we get a link to the specific changed text?
17:43:57 [npdoty]
q+ to note that it's good that there are no UI requirements (but sync/async)
17:44:01 [efelten]
efelten has joined #dnt
17:44:03 [efelten]
efelten has left #dnt
17:44:06 [Zakim]
17:44:23 [susanisrael]
adrianba: i think i mentioned before but 3 points on which i have feedback. 1. need api to be able to understand whether exception granted....important bc asking owner of site to be responsible for informed consent....
17:44:40 [npdoty]
17:44:40 [susanisrael]
...they need to know if they must ask or have already asked and been granted exception
17:44:43 [Zakim]
17:44:51 [Zakim]
+ +1.202.639.bbbb
17:45:01 [susanisrael]
* cab someone else take over scribing for a while?
17:45:09 [npdoty]
scribenick: npdoty
17:45:16 [susanisrael]
adrianba: 2nd point re subdomains
17:45:23 [npdoty]
adrian: regarding subdomains, implicit parameter of the current document origin
17:45:25 [susanisrael]
*thanks nick
17:45:41 [npdoty]
adrianba: as much as I'd like that we wouldn't have to deal with subdomains, I think we will have to
17:45:48 [npdoty]
... have to deal with subdomains
17:45:58 [susanisrael]
npdoty: if you want me to take it back after a while i can scribe again after a few min
17:46:00 [npdoty]
... common out-of-band mechanism would be a cookie, which can be stored across sub-domains
17:46:30 [WileyS]
Exceptions persistence is preferred as it is at parity with the persistence of the DNT signal
17:46:32 [npdoty]
... if we don't have that capability for the exception API, then either sites will have to use both, or choose between them
17:46:55 [npdoty]
... making the exception API work in exactly the same way as cookies is going to be necessary
17:46:55 [aleecia]
Full domain will inadvertently pull in some third parties
17:47:10 [WileyS]
Aleecia - do you have examples?
17:47:13 [aleecia]
17:47:27 [npdoty]
... 3) today we have the ability to provide an array of domain strings
17:47:33 [WileyS]
That doesn't exist in the real-world. Do you have a real-world example?
17:47:46 [npdoty]
... when I request an exception, I can say that it's for a certain domain
17:47:47 [aleecia]
It does -- apple
17:47:57 [npdoty]
... currently optional, has a huge amount of complexity
17:48:04 [ifette]
+1 to adrianba
17:48:11 [npdoty]
... Microsoft, since it's optional, would ignore
17:48:19 [rigo]
aleecia, all outreach measuring in Germany is done by that reports to a common third party. So the third party uses a subdomain of the content provider
17:48:20 [WileyS]
Aleecia, are you saying there are locations where apple is being captured as a sub-domain on another 1st party site?
17:48:55 [npdoty]
... when your list changes, do you have to call it again with the full list? requires the site to manage complexity
17:49:07 [npdoty]
... would prefer to remove it completely
17:49:10 [dsinger]
hm, to adrian, it's optional on both sides, so if it's too complex for you on either side, don't use it. can you post your questions to the list?
17:49:11 [aleecia]
* can cover third parties like google or adobe, who provide analytics
17:49:12 [Zakim]
+ +1.646.666.bbcc
17:49:21 [ifette]
17:49:27 [npdoty]
... otherwise like the direction we're moving in
17:49:34 [aleecia]
We've covered this in compliance
17:49:40 [WileyS]
Aleecia, so are you saying there is a "" domain in the real-world?
17:49:49 [efelten_]
efelten_ has joined #dnt
17:49:49 [aleecia]
17:50:06 [Chapell]
Chapell has joined #DNT
17:50:15 [schunter]
17:50:16 [WileyS]
David Singer - can you comment on Aleecia's claim? Is there a "" domain that your company current supports?
17:50:24 [dsinger]
I think anything that is is under a legal SP relationship with apple (I don't actually know for certain)
17:50:26 [npdoty]
ack npdoty
17:50:26 [Zakim]
npdoty, you wanted to note that it's good that there are no UI requirements (but sync/async)
17:50:31 [susanisrael]
scribenick: susanisrael
17:50:37 [johnsimpson]
17:50:47 [rigo]
WileyS: see my example, this is the way outreach is measured in Germany
17:50:58 [schunter]
Questions that are open:
17:51:04 [schunter]
- exact set of JS APIs
17:51:06 [WileyS]
Aleecia, so if its a service provider, is that okay to you that exceptions to the host domain cover their service providers as well?
17:51:09 [schunter]
- Sync vs async APIs
17:51:14 [susanisrael]
npdoty: i appreciated that when david integrated this he eliminated ui requirements, but making api synchronous demands that user not show interactive ui and don't know why we would foreclose
17:51:15 [schunter]
- Handling of subdomains
17:51:32 [WileyS]
Rigo, I'm very familar with Germany's approach - but I don't believe that's what is being discussed here.
17:51:34 [aleecia]
What I'm saying is, let's not break that as possible, and also not rely on * all being foo
17:51:36 [dsinger]
the user agent is no longer *required* to confirm; it still may
17:51:42 [susanisrael]
....i think this is worse than old approach since user will no longer be confirning that user wants to send dnt 0.
17:51:58 [susanisrael]
.....i think it would cast doubt on what dnt 0 means
17:52:06 [schunter]
17:52:06 [WileyS]
Aleecia, as a company that would like to actually implement the W3C's version of DNT, I believe * is going to be necessary.
17:52:12 [schunter]
ack ifette
17:52:19 [fielding]
aleecia, if service providers are considered third parties, there is no incentive for siloing data by first party
17:52:21 [susanisrael]
*nick should i continue or are you scribing again?
17:52:41 [susanisrael]
ifette: agree with adrian's 3 points...
17:53:08 [susanisrael]
...there is a general trend in new apis to try to get away from asynchronous apis which are more complex to implement
17:53:37 [susanisrael]
ifette: if site is confirming, browser should store, no reason to be asynchronous.
17:53:57 [schunter]
17:54:12 [dsinger]
17:54:13 [WileyS]
+1 to Ian on site driven exception process (default)
17:54:26 [susanisrael]
ifette: think we need to keep it as model where site asks on its own real estate and explains why it is asking exception. no tsaying browsers can't confirm but don' thave to. synchronous api makes more sense
17:54:27 [schunter]
Opinion/Question: The DNT header is the only normative transmission mechanism for DNT;0 (i.e., the values returned by JS are only indicative)
17:54:33 [rigo]
I agree with Nick that a specification should not foreclose the browser confirming the storage of an exception
17:54:39 [npdoty]
it wouldn't just be the default though, it would make it impractical to implement a UI that confirmed
17:54:57 [aleecia]
I'm not sure we ought ask for reimplementations, Roy, but if you think your customers are up for it, you'd know better than I do. Is google also in? If we add "everything under *.acme must be acme," I'm fine
17:55:05 [susanisrael]
mattias: i think whatever comes back from javascript just responses on whether script was received. permission management is only about values you may or may not send.
17:55:23 [aleecia]
That would simplify a lot of problems
17:55:35 [tlr]
I'd expect objections against that from a lot of corners.
17:55:47 [dsinger]
17:55:53 [dsinger]
ack schunter
17:55:54 [schunter]
ack schunter
17:55:55 [susanisrael]
....i would go for synchronous too
17:55:56 [schunter]
ack dsinger
17:56:01 [aleecia]
Then expect me to object to treating *.acme as axiomatically first party
17:56:18 [fielding]
aleccia, ownership is irrelevant to privacy controls; I cannot even confirm your assumption regarding adobe and apple
17:56:22 [susanisrael]
dsinger: i think synchronous ok but harder for UA to confirm what user wants to do.
17:56:22 [npdoty]
17:56:32 [aleecia]
(cannot understand david)
17:56:49 [susanisrael]
....if really anal about it could hold request while confirms with user but doesn't mean api must be aynchronous.
17:56:58 [WileyS]
David - are you speaking on a speaker phone? Hard to hear you clearly...
17:57:03 [fielding]
17:57:05 [aleecia]
We've discussed this at length, months ago. My info comes from this grou
17:57:05 [susanisrael]
dsinger: leads to complication for browser
17:57:05 [schunter]
David says that user agent can reconfirm with user before actually acting on a JS request from a site. Thus sync API should be OK.
17:57:31 [susanisrael]
* thanks schunter
17:57:44 [dwainberg]
I'm having a very hard time understanding david
17:57:51 [susanisrael]
dsinger: if too complicated for browser to implement don't do it
17:58:01 [susanisrael]
hard to understand dsinger--voice is muffled
17:58:05 [aleecia]
And I'm not sure why you think ownership is irrelevant... But I suspect we're into a very different discussion there
17:58:19 [schunter]
[this comment was for aiming at the explicit/explicit lists: they are optional on both sides]
17:58:28 [schunter]
17:58:32 [aleecia]
If *.foo is not always foo, but we treat it as if it is, we're failing
17:58:35 [schunter]
ack npdoty
17:58:44 [susanisrael]
dsinger: could lead to users declining. understand caution about requiring browser confirmation but should permit it
17:58:57 [johnsimpson]
Cannot understand David
17:58:59 [Zakim]
17:59:18 [susanisrael]
npdoty: will try to respond to dsinger and repeat some
17:59:28 [aleecia]
The only way out of that is to put all liability on the first party, but that's not going to happen.
17:59:49 [ifette]
17:59:49 [susanisrael]
....1> synchronous version of api ok bc if browser wants to confirm could do after and revoke if necessary
17:59:55 [ifette]
so you lie to the site?
17:59:57 [ifette]
that's nuts
18:00:03 [WileyS]
Aleecia, if a domain holder claims * as their own, then I think we're on the same page. A domain holder should not request a full * exception if they don't manage all the sub-domains associated with the core domain.
18:00:03 [aleecia]
18:00:03 [susanisrael]
npdoty: preferable
18:00:05 [ifette]
"Yes, I have stored your request, but not really"
18:00:30 [schunter]
semantics: "Yes, I received your request and I started processing it".
18:00:47 [schunter]
"once the processing is completed, I will act on the outcome"
18:00:49 [susanisrael]
npdoty: other reason for specific lists is that user might not approve request that would cover all trackers.
18:01:02 [susanisrael]
....this was way to get more users to grant exceptions.
18:01:11 [kj]
kj has joined #dnt
18:01:19 [susanisrael]
...if ua not the one requesting exception then maybe thats not relevant
18:01:21 [fielding]
aleecia, control is the relevant issue -- the domain ownership has no relation to the companies that touch data via that domain. The only thing ownership states is who can map the address to a new destination.
18:01:38 [tlr]
fielding has it exactly right
18:01:47 [Zakim]
18:01:50 [npdoty]
the http cookie spec doesn't demand that the UA store every cookie, does it?
18:02:27 [susanisrael]
schunter: would like to close this discuss, feeling we may have consensus. no strong objection to synchronous API. Nick should also check whether his semantics covered in spec. May create issue, post resolution then close again.
18:02:32 [dsinger]
suggest (a) make sure the spec. does not preclude 'pending' the request while getting confirmation (b) adding the 'does my exception stand' APIs
18:02:36 [ifette]
npdoty, if the cookie isn't stored then we see sites using other fingerprinting which is not really a practice we want to encourage
18:02:42 [dan_auerbach]
I'm still inclined to prefer async for reasons Nick notes, though as I understand David's point, that strikes me as a reasonable alternative
18:03:03 [dsinger]
18:03:06 [susanisrael]
schunter: explicit/explicit. should have explicit. if browsers find too complext don't need to implement (david's point)
18:03:06 [schunter]
18:03:20 [npdoty]
ifette, do you think that's a reason for IETF to update the cookie spec to demand that all cookies be stored, even if the user/UA doesn't want them?
18:03:25 [ifette]
I've yet to hear any UA say that they intend to implement the specific-specific
18:03:32 [susanisrael]
dsinger: i should take action to make sure UA not precluded from confirming request.
18:03:43 [fielding]
npdoty, RFC6265 has a MAY ignore the Set-Cookie
18:03:54 [ifette]
npdoty frankly yes, i think cookie blocking has gotten us into a far worse state from the stance of transparency and user control
18:04:23 [dsinger]
action: dsinger to ensure that the exception APIs do not preclude the UA from pending the set to get user approval
18:04:24 [trackbot]
Created ACTION-348 - Ensure that the exception APIs do not preclude the UA from pending the set to get user approval [on David Singer - due 2013-01-16].
18:04:25 [susanisrael]
schunter: jscript api --will discuss in a minute. all on item 5 on agenda.
18:04:26 [npdoty]
ifette, well, that's a good thing for us to take up with Adam Barth and others, eh?
18:04:39 [ifette]
npdoty i have to pick my battles
18:04:47 [dsinger]
action: dsinger to propose 'does my exception stand' APIs for both site and web exceptions
18:04:47 [trackbot]
Created ACTION-349 - Propose 'does my exception stand' APIs for both site and web exceptions [on David Singer - due 2013-01-16].
18:04:47 [schunter]
18:04:48 [susanisrael]
schunter: keep new approach, people can generally live with it.
18:04:52 [dsinger]
ack dsinger
18:04:55 [schunter]
ack dsinger
18:04:58 [aleecia]
We have an unsolved issue that I will object strongly to
18:05:11 [npdoty]
Zakim, agenda?
18:05:11 [Zakim]
I see 8 items remaining on the agenda:
18:05:13 [Zakim]
1. Next steps for compliance [from npdoty]
18:05:13 [Zakim]
2. Action items [from npdoty]
18:05:13 [Zakim]
3. Revised exceptions approach [from npdoty]
18:05:13 [Zakim]
4. multiple first parties [from npdoty]
18:05:13 [Zakim]
5. updates to JS API [from npdoty]
18:05:13 [Zakim]
6. Service Providers [from npdoty]
18:05:13 [susanisrael]
.....schunter: item 6--multiple parties on site.
18:05:14 [Zakim]
7. Pending Review [from npdoty]
18:05:14 [Zakim]
8. Open issues [from npdoty]
18:05:17 [ifette]
aleecia, which?
18:05:17 [npdoty]
Zakim, take up agendum 4
18:05:17 [Zakim]
agendum 4. "multiple first parties" taken up [from npdoty]
18:05:25 [susanisrael]
....roy started proposing text.
18:05:31 [susanisrael]
can roy recap?
18:05:57 [aleecia]
(and I just got 2 pages of irc lag. Catching up)
18:06:08 [susanisrael]
fielding: original qu was how do we indicate in response protocol that there are multiple 1st parties on a site or page. Can we? answer was not in current spec
18:06:24 [susanisrael]
....proposal was to give an array of links that answers who first party is.
18:06:39 [npdoty]
as I understand it, the new issue would be a correspondence to issue-181, regarding multiple first parties in the Compliance doc
18:07:15 [susanisrael]
fielding: david asked when this would occur. think this is us getting rusty over break. many co-branded promotional sites.
18:07:35 [susanisrael] these cases more than one real first party receives data entered on site.
18:07:52 [Zakim]
18:08:02 [susanisrael]
solution fairly simple. haven't heard complaints re needing identifier for site.
18:08:18 [susanisrael]
....for service provider this is no harder ...
18:08:27 [npdoty]
18:08:35 [susanisrael]
schunter: my impression also is that this was fairly uncontested.
18:08:37 [schunter]
18:08:39 [fielding]
18:08:40 [schunter]
ack npdoty
18:08:50 [susanisrael]
schunter: who likes/dislikes?
18:09:11 [susanisrael]
npdoty: does this replace policy representation? or have both first party and policy and have them mean different things?
18:09:26 [peterswire]
peterswire has joined #DNT
18:09:32 [susanisrael]
fielding: latter. Like creative commons. 1st party link would simply identify first party
18:09:35 [schunter]
Basically this untangles policy and first party (that used to be intermingled9.
18:09:36 [schunter]
18:09:41 [susanisrael]
npdoty: thanks, understand now.
18:09:55 [npdoty]
right, I now see why we want to untangle those two.
18:10:26 [susanisrael]
schunter: other feedback? no? so suggest roy update spec with issue 190 next to text in spec then i will ask if there are objections, ok?
18:10:36 [susanisrael]
schunter: if no objections we will close issue 190
18:11:01 [npdoty]
action: fielding to update tpe regarding multiple first parties, per proposal in action-328
18:11:01 [trackbot]
Created ACTION-350 - Update tpe regarding multiple first parties, per proposal in action-328 [on Roy Fielding - due 2013-01-16].
18:11:14 [npdoty]
Zakim, agenda?
18:11:14 [Zakim]
I see 8 items remaining on the agenda:
18:11:16 [Zakim]
1. Next steps for compliance [from npdoty]
18:11:16 [Zakim]
2. Action items [from npdoty]
18:11:17 [Zakim]
3. Revised exceptions approach [from npdoty]
18:11:17 [Zakim]
4. multiple first parties [from npdoty]
18:11:17 [Zakim]
5. updates to JS API [from npdoty]
18:11:17 [Zakim]
6. Service Providers [from npdoty]
18:11:17 [Zakim]
7. Pending Review [from npdoty]
18:11:17 [Zakim]
8. Open issues [from npdoty]
18:11:21 [npdoty]
Zakim, take up agendum 5
18:11:21 [Zakim]
agendum 5. "updates to JS API" taken up [from npdoty]
18:11:28 [susanisrael]
schunter: closes item no 6 on agenda. No 7 is update to jscript API. couple of changes, first to move dnt property to window from navigator
18:11:50 [susanisrael] one objected. 2nd point from nick was to remove "DNT status?" since it was redundant
18:12:21 [dsinger]
18:12:22 [susanisrael]
npdoty: could call on navigator to see if will get dnt for site. now jscript should know if it has exception now without asking
18:13:01 [npdoty]
that is, it should know by checking the window.doNotTrack property what the value is for my iframe
18:13:07 [susanisrael]
dsinger: to summarize, 2 current APIs. one asks what is user preference. Other: what header would i get?
18:13:20 [susanisrael]
....different questions. we may not need to answer both.
18:13:33 [susanisrael]
dsinger: ok to discuss both
18:13:36 [npdoty]
right, I was suggesting that we don't need to be able to ask about the general preference, which I'm not sure will be a consistent concept
18:14:05 [susanisrael]
schunter: don't have notion of general preference. have header and that is preference. don't care how finegrained preference management.
18:14:11 [npdoty]
I thought fielding thought was that we did have a general preference
18:14:36 [susanisrael]
dsinger: do we delete old API and just keep one that just asks what header would i get?
18:14:44 [Zakim]
18:14:51 [efelten]
efelten has joined #dnt
18:15:14 [susanisrael]
fielding: i don't know if necessary but other API i don't understand
18:15:16 [Zakim]
18:15:26 [susanisrael]
dsinger: let's take offline, thought it was fully fleshed out
18:15:34 [susanisrael]
fielding: not in the draft
18:15:58 [susanisrael]
fielding: have APIs from amsterdam been reflected in spec?
18:16:17 [susanisrael]
dsinger: 6.6. that's the one script should be using
18:16:32 [susanisrael]
fielding: possible it's not relevant any more i have not reviewed
18:16:39 [npdoty]
dsinger, I thought the proposal was to move doNotTrack from navigator to window and drop requestDNTStatus?
18:16:49 [susanisrael]
schunter: simpler=better, and no one pushing to keep it
18:17:13 [susanisrael]
npdoty: is proposal to remove request dnt status?
18:17:23 [npdoty]
fine with me
18:17:37 [Zakim]
18:17:38 [susanisrael]
schunter: yes. will have to debug anyway, and better done in implementation than on paper
18:18:02 [susanisrael]
dsinger: not request dnt status we want to drop....navigator do not track (prompted by fielding
18:18:08 [npdoty]
is there a difference between window.doNotTrack and navigator.requestDNTStatus() ?
18:18:45 [susanisrael]
schunter: move jscript dnt status to window, remove navigator dnt
18:18:47 [fielding]
18:18:59 [susanisrael]
schunter: nick and david can you work on proposal and just do it?
18:19:24 [npdoty]
action: singer to make updates to window/navigator version of doNotTrack (with Nick)
18:19:24 [trackbot]
Created ACTION-351 - Make updates to window/navigator version of doNotTrack (with Nick) [on David Singer - due 2013-01-16].
18:19:31 [susanisrael]
schunter: second half of item 7 is while writing text david found two quesitons not answered by current api text. elaborate?
18:20:09 [susanisrael]
dsinger: api may want to respond to response re: user preference/exception grant or refusal
18:20:15 [fielding]
18:20:20 [schunter]
18:20:24 [dsinger]
18:20:24 [schunter]
ack dsinger
18:20:34 [susanisrael]
....not possible generally to find out does my exception still stand. think this is uncontroversial
18:20:35 [WileyS]
David - what is your proposal to answer those questions?
18:20:54 [WileyS]
18:20:58 [susanisrael]
schunter: suggest david update spec to answer those 2 questions
18:21:19 [npdoty]
I'm not sure I see the value in a separate API to answer those questions (separate from whether I have a DNT:0)
18:21:22 [susanisrael]
shane wiley: david, how were you expecting to answer those questions, which i think are valid
18:21:44 [susanisrael]
dsinger: want to write api that answers with simple yes/no
18:22:03 [schunter]
setter + getter
18:22:07 [susanisrael]
dsinger: confirm webwide exception, confirm site exception.....
18:22:30 [fielding]
I think it would be best if we get the current state (as believed by David and Nick and whoever else has proposals for the API) in the draft and then ask for a review of editors draft
18:22:33 [susanisrael]
schunter: david and/or nick can you update to include this change?
18:22:40 [susanisrael]
...then we can debug
18:22:42 [npdoty]
action: singer to write a confirm-exception-still-exists api
18:22:42 [trackbot]
Created ACTION-352 - Write a confirm-exception-still-exists api [on David Singer - due 2013-01-16].
18:22:42 [dsinger]
action: dsinger to design the 'confirm exceptions' APIs
18:22:42 [trackbot]
Created ACTION-353 - Design the 'confirm exceptions' APIs [on David Singer - due 2013-01-16].
18:22:52 [npdoty]
close action-352
18:22:52 [trackbot]
Closed ACTION-352 Write a confirm-exception-still-exists api.
18:23:06 [npdoty]
action-352: duplicate, see action-353
18:23:06 [trackbot]
Notes added to ACTION-352 Write a confirm-exception-still-exists api.
18:23:19 [fielding]
Note that first-party array will change this text.
18:23:37 [susanisrael]
schunter: would like to spend 4 min max on item 8. had many discussions on service providers, discussed that sp often not visible. does david's text make sense?
18:23:42 [npdoty]
Zakim, take up agendum 6
18:23:42 [Zakim]
agendum 6. "Service Providers" taken up [from npdoty]
18:23:44 [Zakim]
18:23:56 [susanisrael]
schunter: roy would you update to include first party array
18:24:04 [npdoty]
agree that we need that update
18:24:18 [susanisrael]
schunter: if you like direction, just account for first party array, we can take up updated text
18:24:35 [susanisrael]
fielding: don't necessarily like direction, but can do it
18:24:38 [WileyS]
Makes sense - will be important that there be a single first party array that all entries in the array can reference (even if across domain origin boundaries)
18:24:39 [npdoty]
action: fielding to update Service Providers proposal to incorporate first-party array
18:24:39 [trackbot]
Created ACTION-354 - Update Service Providers proposal to incorporate first-party array [on Roy Fielding - due 2013-01-16].
18:24:56 [npdoty]
18:24:56 [trackbot]
ISSUE-112 -- How are sub-domains handled for site-specific exceptions? -- open
18:24:56 [trackbot]
18:25:04 [npdoty]
18:25:05 [susanisrael]
schunter: what are next steps on subdomains (don't want to take up agenda items 9/10
18:25:07 [schunter]
18:25:15 [schunter]
ack WileyS
18:25:18 [schunter]
ack npdoty
18:25:19 [susanisrael]
.....opinions on subdomains?
18:25:36 [Zakim]
18:25:44 [aleecia]
Thank you, Shane
18:25:49 [dsinger]
18:25:55 [npdoty]
18:25:59 [schunter]
ack dsinger
18:26:00 [susanisrael]
wileys: active discussion on list/irc. subdomains must be supported in wildcard and other(?) context
18:26:03 [aleecia]
(trying to keep up here through lag)
18:26:13 [Zakim]
18:26:35 [susanisrael]
dsinger: aware there was side conversation in irc today but did not follow
18:26:41 [susanisrael]
wileys: will work with david
18:26:52 [WileyS]
Sounds good
18:27:06 [susanisrael]
schunter: suggest david makes proposal, sends to shane and aleecia see what comes back, ok?
18:27:19 [aleecia]
Happy to work with Shane & david
18:27:36 [fielding]
18:27:39 [susanisrael]
dsinger: posted jan 7
18:28:02 [susanisrael]
schunter: repost pls?
18:28:25 [susanisrael]
npdoty: i thought there was not agreement and people did not want to use cookie model
18:28:30 [dsinger]
18:28:38 [peterswire]
peterswire has joined #DNT
18:28:46 [WileyS]
Nick - what do you mean by "the cookie model"? That sub-domains be supported in exception recordings?
18:28:49 [susanisrael]
schunter: i think opinion has changed. adrian pointed out people feel they must use cookie model though they don't like it
18:28:58 [Zakim]
- +1.646.666.bbcc
18:29:13 [susanisrael]
npdoty: will take offline. will take my action on 112 to write up model not like cookies.
18:29:27 [efelten_]
efelten_ has joined #dnt
18:29:30 [tlr]
I suggest to pick either cookie model or same-origin model. Most importantly, don't add another model.
18:29:35 [npdoty]
WileyS, sorry, "cookie model" is too brief
18:29:46 [tlr]
Among the two, I'd recommend against the cookie model. But that's just me.
18:29:46 [dsinger]
the cookie model has the ugly problem of public suffixes
18:29:49 [Zakim]
18:29:56 [Zakim]
18:29:58 [susanisrael]
schunter: thanks, we did more than i expected. let's keep this pace. peter and i will synch and post agenda, happy new year.
18:30:03 [npdoty]
I thought there was support for the document origin model, which wouldn't automatically include all subdomains
18:30:07 [Zakim]
18:30:08 [Zakim]
18:30:08 [Zakim]
18:30:10 [Zakim]
18:30:14 [Zakim]
18:30:16 [Zakim]
18:30:17 [aleecia]
Nick, I think so
18:30:18 [Zakim]
18:30:20 [Zakim]
18:30:20 [Zakim]
18:30:21 [Zakim]
18:30:21 [rigo]
zakim, unmute me
18:30:21 [Zakim]
Rigo was not muted, rigo
18:30:24 [Zakim]
18:30:25 [tedleung]
tedleung has left #dnt
18:30:25 [Zakim]
18:30:27 [tlr]
dsinger, I *hope* that's where we end up...
18:30:30 [Zakim]
18:30:37 [Zakim]
18:30:38 [tlr]
just from a technical sanity perspective :)
18:30:41 [WileyS]
Nick - I'm open in either direction. If origin model, then wildcards will need to be supported.
18:30:44 [Zakim]
18:30:45 [Zakim]
18:30:45 [Zakim]
18:30:46 [Zakim]
18:30:46 [Zakim]
18:30:46 [Zakim]
18:30:47 [Zakim]
- +1.202.639.bbbb
18:30:48 [Zakim]
18:30:51 [Zakim]
18:30:52 [npdoty]
rrsagent, draft minutes
18:30:52 [RRSAgent]
I have made the request to generate npdoty
18:30:52 [Zakim]
18:30:52 [Zakim]
18:30:55 [npdoty]
Zakim, drop IAB
18:30:55 [Zakim]
IAB is being disconnected
18:30:57 [Zakim]
18:31:04 [Zakim]
18:31:08 [johnsimpson]
johnsimpson has left #dnt
18:31:10 [peterswire_]
peterswire_ has joined #DNT
18:31:36 [Zakim]
18:31:41 [Zakim]
18:31:45 [Zakim]
18:31:46 [npdoty]
Zakim, list attendees
18:31:46 [Zakim]
As of this point the attendees have been +1.510.859.aaaa, npdoty, +1.408.674.aabb, aleecia, +1.212.380.aacc, +1.212.380.aadd, +1.415.520.aaee, peterswire, Chris_IAB, Joanne,
18:31:49 [aleecia]
Who is that?
18:31:50 [Zakim]
... Lmastria_DAA, +1.703.265.aaff, +1.609.310.aagg, efelten, jeffwilson, +1.781.482.aahh, dsinger, +1.215.286.aaii, samsilberman, schunter, +1.646.801.aajj, BrendanIAB?, dwainberg,
18:31:50 [Zakim]
... +1.202.587.aakk, vincent, susanisrael, jchester2, adrianba, +1.202.331.aall, yianni, +1.714.852.aamm, AnnaLong, fielding, +1.301.351.aann, +1.650.787.aaoo, Rigo,
18:31:54 [Zakim]
... +1.646.827.aapp, BillScannell, +1.703.438.aaqq, +1.202.639.aarr, +1.202.296.aass, AdamTurkel, richardweaver, dan_auerbach, +1.678.580.aatt, Brooks, +1.415.728.aauu, vinay,
18:31:54 [Zakim]
... Craig_Spiezle, moneill2, +1.646.654.aavv, +1.813.366.aaww, hefferjr, Jonathan_Mayer, Chris_Pedigo, eberkower, [Microsoft], +1.310.392.aayy, +1.408.349.aazz, Peder_Magee,
18:31:58 [Zakim]
... johnsimpson, +1.206.664.bbaa, tedleung, WileyS, DAvid, Bryan_Sullivan, ifette, justin_, KeithScarborough, +1.202.639.bbbb, +1.646.666.bbcc, Ted_Leung
18:31:58 [Zakim]
18:31:58 [Zakim]
18:32:06 [aleecia]
Who is bill scanell?
18:32:14 [Zakim]
18:32:24 [aleecia]
Georgia tech, elsewhere?
18:33:49 [aleecia]
EMC, it seems
18:34:53 [npdoty]
Zakim, bye
18:34:53 [Zakim]
leaving. As of this point the attendees were +1.510.859.aaaa, npdoty, +1.408.674.aabb, aleecia, +1.212.380.aacc, +1.212.380.aadd, +1.415.520.aaee, peterswire, Chris_IAB, Joanne,
18:34:53 [Zakim]
Zakim has left #dnt
18:34:55 [npdoty]
rrsagent, bye
18:34:55 [RRSAgent]
I see 8 open action items saved in :
18:34:55 [RRSAgent]
ACTION: doty to set up wiki page for sharing reading list / technical papers on deidentification [1]
18:34:55 [RRSAgent]
recorded in
18:34:55 [RRSAgent]
ACTION: dsinger to ensure that the exception APIs do not preclude the UA from pending the set to get user approval [2]
18:34:55 [RRSAgent]
recorded in
18:34:55 [RRSAgent]
ACTION: dsinger to propose 'does my exception stand' APIs for both site and web exceptions [3]
18:34:55 [RRSAgent]
recorded in
18:34:55 [RRSAgent]
ACTION: fielding to update tpe regarding multiple first parties, per proposal in action-328 [4]
18:34:55 [RRSAgent]
recorded in
18:34:55 [RRSAgent]
ACTION: singer to make updates to window/navigator version of doNotTrack (with Nick) [5]
18:34:55 [RRSAgent]
recorded in
18:34:55 [RRSAgent]
ACTION: singer to write a confirm-exception-still-exists api [6]
18:34:55 [RRSAgent]
recorded in
18:34:55 [RRSAgent]
ACTION: dsinger to design the 'confirm exceptions' APIs [7]
18:34:55 [RRSAgent]
recorded in
18:34:55 [RRSAgent]
ACTION: fielding to update Service Providers proposal to incorporate first-party array [8]
18:34:55 [RRSAgent]
recorded in
18:34:57 [Zakim]
... Lmastria_DAA, +1.703.265.aaff, +1.609.310.aagg, efelten, jeffwilson, +1.781.482.aahh, dsinger, +1.215.286.aaii, samsilberman, schunter, +1.646.801.aajj, BrendanIAB?, dwainberg,
18:34:57 [Zakim]
... +1.202.587.aakk, vincent, susanisrael, jchester2, adrianba, +1.202.331.aall, yianni, +1.714.852.aamm, AnnaLong, fielding, +1.301.351.aann, +1.650.787.aaoo, Rigo,
18:35:02 [Zakim]
... +1.646.827.aapp, BillScannell, +1.703.438.aaqq, +1.202.639.aarr, +1.202.296.aass, AdamTurkel, richardweaver, dan_auerbach, +1.678.580.aatt, Brooks, +1.415.728.aauu, vinay,
18:35:02 [Zakim]
... Craig_Spiezle, moneill2, +1.646.654.aavv, +1.813.366.aaww, hefferjr, Jonathan_Mayer, Chris_Pedigo, eberkower, [Microsoft], +1.310.392.aayy, +1.408.349.aazz, Peder_Magee,
18:35:06 [Zakim]
... johnsimpson, +1.206.664.bbaa, tedleung, WileyS, DAvid, Bryan_Sullivan, ifette, justin_, KeithScarborough, +1.202.639.bbbb, +1.646.666.bbcc, Ted_Leung