See also: IRC log
<npdoty> when Dave Singer sends regrets, he's still more likely than most to be on the call
<schunter1> Do we have a scribe for today?
<peterswire> no scribe yet - the person who had said yes cancelled
<npdoty> Peter's slides: http://lists.w3.org/Archives/Public/public-tracking/2013Jan/att-0139/wednesday_call.013011b.pptx.pdf
<dwainberg> I think I did 1/2 the call last week.
<dwainberg> maybe someone else can take a turn.
<schunter1> is it better now?
<schunter1> Let me fetch another phone. Sorry for the 1min delay.
<npdoty> scribenick: Yianni
Mathias: open action items, there
is no overdue action
... this hasn't happened for a year, thanks for everyone who has done there action items on time
... Nick doing caller identification
Nick: if you are on IRC and 202 please let us know who you are
Mathias: please register for Face to Face, no questions
Peter: Go through file send by
... second slides have some disclaimers
... slides are one person's attempt to summarize different perspectives
... these are not the views of Peter, he is trying to accurately say others arguments
... Why Peter is giving context
... trying to connect DNT to other debates in US and Europe generally
<eberkower> eberkower is 646-654.aall
Peter: DNT does not take place in
the working group, lots of other people care
... lots of interest in what can be done in multi-stakeholder, beyond technical
... support on both sides of Atlantic by leaders to create a standard
... five ways to describe what we are doing
<jchester2> Peter: can you repeat what you said about "top down" regulatory regime. Are you suggesting that this would be bad?
Peter: technical compliance
DNT=1, W3C in multistakeholder, example of multi-stakeholder
process relevant to US, relevant to global internet
... DNT success is more than a technical thing
<justin> I think "top down" is redundant in this context.
Peter: EU Data Protection
proposed in January a year ago
... Commission issued Draft Regulation, called a regulation not a directive
... a regulation applies directly to states, does not have to go through national legislatures
... beyond data protection about unifying Europe
<scribe> ...New report issued for hundreds of amendments
parliament, and council in Europe
... official negotations between 3 bodies
... Goal to get this done before Parliament ends
... June 2014 is next election
... Multi-stateholder processes work in European Union
... basic approach is that in EU you need law
... Lisbon treaty made it explicit that privacy is fundamental human right
... people in speeches said they had to pass draft regulation because of Lisbon Treaty
... Another approach: limiting data and harmonizing rules accross market that allows information to flow
... 95 directive: two discourses, limiting data and common market
... skeptism of self-regulation that industry has dominate role
... skeptism of multi-stakeholder process is there enough role for government to speak up
... there is a conflict brewing about the internet, if standard does not work with EU law
... regulation makes clear that US must comply with EU rule
... advertising served to EU will be governed by new EU rules
... DNT=0, March to have in Berlin a global consideration task force
... Peter giving personal sense, DNT=0 could be a choice mechanism in EU
... could be part of consent in EU privacy directive
... if DNT=0 was a step of showing consent, could be a one stop way for websites to handle
... debate in group, for including this in the process
... it is a world comliance organization, could enable global standard
... but do not need to define the rules accross the world
... meetings in Brussels
... meet wide range of advocate, governments, etc.
... W3C has previous met with DG Connect
... DG Connect would be very happy if we do make process
... DG Justice proposed the regulation with strong fundamental rights outlook
<npdoty> in case you missed the slides link from before... : http://lists.w3.org/Archives/Public/public-tracking/2013Jan/att-0139/wednesday_call.013011b.pptx.pdf
Albreicht - lead charge on writing amendments
... more focus on fundamental rights than with original regulation
... step towards more regulatory approaches
... Report mentions DNT in 2 places: one is amendment 105
... incentives to use pseudonymous data
<jchester2> NGOs do not consider the Albrecht amendments more rgeulatory--but better protecting privacy.
UNKNOWN_SPEAKER: section 15 german telemedia law
scribe: Another amendment is
limits on definition of profiling
... shows interest in technical measures with one stop compliance
... lots of amendment will be made to ALbreicht's proposal
... Meeting with EU Data Protection supervisor (50 full time employees)
... Hustinx? fundamental rights approach, and experience as Dutch leader
... One issue: whether users understand what they are agreeing to
... thinking about how a technical standard can sit into a legal structure
... shift to previous week in meetings in DC
... Meetings in White House, Cam Kerry in Commerce, and state department
... discussion with federal trade commission, spoke with Julie Brill
... Good set of contacts of US government people
<jchester2> Peter: Please explain what the conversation with the White House discussed.
processes: Obama has supported in domestic issues
... mobile privacy, big even at white house for DNT
... FTC has supported effective DNT, and will probably continue
... DNT=1 would be a highly visible success
... if it does not work, that would be highly visible as well
... EU privacy and data protection, US government has expressed a number of concerns
... EU has to much regulation here, US wants interoperability for global companies for global data flows
... DNT is an example of multi-stakeholder facilitating ineroperability
... If it fails, US has nothing to point to out of W3C process
... having success here could ease discussion on global data flows
... US and EU free trade agreement, trying to negotiate
... trying to remove barriers to free trade and service
... push to get regulatory interoperability and harmonization
... services and regulatory harmonization are at top of agenda for free trade negotiation
... Hard to get US and EU to pass a law
... multi-stakeholder could be a good model to buttress free trade approach
... Organization that want fewer regulatory models could get that through this process
... DNT is going to be viewed as part of broader debates
... what should the role be of ITU for Internet governance
... china, russia, iraq led the way to give the ITU more power, US rejected to top down approach
... EU members were alligned with US
... meetings in May, discussion of ITU and its role
... Position that US and EU have taken is that internet governance should emphasize bottom up multi-stakeholder processes
... they should not fall under top down process
... If there is a visible inability to use bottom up governance, what would that show?
... we need to show to success stories
... remind ourself of goals of this project
... its worth doing for its own sake, but also important for general internet governance
scribe: Any questions or comments?
Jeff Chester: who did you talk to at the white house and what did those discussion entail?
Peter: David Edelman works for
ecnomic council, also office of science and tech policy
... also spoke with Michael Froman
... brieder meeting with Gene Spurling and Jason?
<jchester2> what was the nature of the WH discussion. what was specificlaly said.
Peter: Cam Kerry in Commerce,
Ambassador Verveer in state department
... tried to give themes of what was said
<jchester2> Amb Verveer
Peter: EU/US dialogue, how US
domestic policy would be handled, tried to be pretty
... For Boston, focus on uses and delinking
... hoping we can get as far as we can on those issues
Peter: alerting that if you have
issues on those things, please let us know
... this is what we are going to try to work on
... request to editors, Heather West, Justin Brookman
... Yianni will be assisting, and David Singer will do some help as well
... hope to prepare a shorter, perhaps cleaner portion of the text
... goal of editors is not to make substantive changes
... Peter's own view, text of requirements (normative)
... text can be relative brief, and then have explanatory material
... can focus on normative language for Boston
... for Boston, trying to get people who are knowledgable about certain things to help
... example, MRC for auditing
... people in marketing research to maybe present
... German telemedia law
... encrption that can address some attacks of hashes, may have briefing on that
... Khaled has a detailed set of checklists of risks and harms
... have been working with Khaled to make list available
... this will turn out as an exercise of risks of re-identification
... own hope that people from different perspectives could work on
... could perhaps use check list to clarify where views about the world are similar
... then narrow to small list of where people's views of the world differ
... could simplify the normative discussion of how to proceed
<fielding> peterswire, I would like to see a real session on the definition of tracking and agreement on a scope for this work, preferably near start of F2F meeting
Peter: responding to Roy, why
uses are relevant
... any spec that emerges that allows security uses, but does not allow other uses
... any spec that emerges here that is so aggregate and so removed, it does not count as tracking
... no longer tracking because its aggregated, uses for security may not be tracking
... close overlap of what you get with uses and de-identification, you get close to the meaning of tracking
... tracking may be difficult to define, but could be able to with specific uses and de-identification
... Peter thinks that de-identification and uses is highly relevant to tracking
<fielding> we did that … it hasn't worked for the past year
Peter: can do so without argueing
about what the word tracking means
... for compliance part of Boston meeting, we are likely early in compliance
... maybe in opening remark on Monday with discussion of process
... lots of comments of when you need to raise objections
... hard to know when question is being called
<adrianba> why is it taking a long time to create a mailing list? isn't it easy to do?
Peter: Process, in first meeting, decorum is very important and has been pleasantly optimistic and hope to continue that in Boston
<npdoty> adrianba, apologies, that's a delay on my end
Peter: it is easy to do, we just have not figured how the annoucement would happen
<npdoty> ... but yes, I wanted to make sure the division of mailing lists would work correctly for clients
Matthias: my piece is very easy,
since we are making progress on open issues
... want to create more work
... want to look at raised issues
... pick some issues that we want to tackle them, or this is clearly out of scope
Matthias: main question, which of
these 10-15 we want to discuss in Boston and coming weeks
... others we can make candidates for closing
<npdoty> or the bottom half of this list: http://www.w3.org/2011/tracking-protection/track/issues/raised?sort=product
<aleecia> (can sort)
Matthias: this is a list of all TPE related issues, browse down half a page
<trackbot> ISSUE-161 -- Do we need a tracking status value for partial compliance or rejecting DNT? -- raised
Matthias: first 151:user agent requirement handle exception request
<trackbot> ISSUE-151 -- User Agent Requirement: Be able to handle an exception request -- raised
...means: do we want to mandate that user agents that can store exeptions
... are there oppinions on issue 151?
<fielding> we need the new text in TPE first … is that done now?
<aleecia> Required is too strong
<BrendanIAB> http://www.w3.org/2011/tracking-protection/track/issues/raised <- just the raised issues
<Wileys> Required is appropriate
<dsinger> are you asking for opinions on the issue, or opinions on whether we should take it up?
<aleecia> But having a
standard mechanism is reasonable
...means: Nick, question of whether to open this issue
<Wileys> It should be open already - or is this a duplicate of an already open issue?
<aleecia> What's the alternative to opening it?
<aleecia> Closing it?
...Matthias: don't want to go into full blown discussion, but no unanimous agreement
<npdoty> fielding, David added updated exceptions at least a couple weeks ago
<Wileys> I object to closing this issue
<aleecia> If we're talking
required, let's just close it
...Matthias: leaving it in the raised state, we could open it, or we could close it
... different oppinions and probably worth discussing in face to face
... will later open 151
<dsinger> on the issue itself, I think we have divergence of opinion, yes
<aleecia> Not low hanging fruit :-)
<trackbot> ISSUE-152 -- User Agent Compliance: feedback for out-of-band consent -- raised
...Matthias: Issue 152
... Is on when you are interacting with website that tracks you to remind you of out of band consent
<dsinger> I don't think I understand the issue.
<Wileys> As a reminder - this is a "MAY" if I remember correctly - as well as allowing Servers with communicating OOB exceptions to the UA
Nick: requirement of user agent to do something with information that it receives
<aleecia> Shane -- I can live with should, if a UA can implement (and not all can) then they should do so (for last issue) But I'm going to fight limiting what a UA can be back door this way :-)
<npdoty> personally, I don't think we need a UA requirement here
<dsinger> I don't think a UA requirement is needed
Matthias: how to notify use this website is claiming out of bound consent
<justin> agreed, npdoty
Matthias: currently no user agent requirement
<aleecia> Again I'm fine with this as optional but not required
Matthias: website tells user agent, I believe I have out of bound consent
<justin> does anyone want to argue for a UA requirement?
<dsinger> UAs should be *able* to check/inform etc., but we'll go crazy trying to work out what they must/should/may/should-not/must-not show :-(
Matthias: now require user agent to notify the users regularly
<Wileys> Aleecia, understood - as per our conversation last week I believe balance is important here. If UAs are permitted with only supporting DNT:1 and not DNT:0, then they are not W3C DNT compliant (in my opinion).
<aleecia> And coming up with a common approach for those who do would be handy
Matthias: question from Justin and Nick is if anyone is pushing this at all
<Wileys> Not pushing as a requirement - only as a "may"
<npdoty> I'm willing to draft an explanation of no-requirement, and see on the mailing list if anyone disagrees
Matthias: that user agent has to
give feedback with out of bound consent
... currently user agent can do whatever they like with the signals
<dsinger> as a piece of info, some folks are trying to inspire creation of a 'debugging UA' which exposes and checks all it can
<justin> Is a MAY even necessary?
Matthias: Nick's approach is right, I would like to open it
<justin> Or useful?
Matthias: if no one purshes, we can then close it
<npdoty> open issue-152
Matthias: openning 152, with hope it will be a quick one
<Wileys> Justin, I'm with you - not necessary - was okay with MAY if others were pushing for it
Matthias: 168 is a complex one
<npdoty> ACTION: doty to draft proposal that we close 152 with no UA requirements [recorded in http://www.w3.org/2013/01/30-dnt-minutes.html#action01]
<trackbot> Created ACTION-358 - Draft proposal that we close 152 with no UA requirements [on Nick Doty - due 2013-02-06].
Matthias: Is David on the call?
<justin> UAs MAY do lots of things, not sure we want to spell out all possibilities :)
<aleecia> Well, Shane, we'll see what happens with the formal objection. But for now, as things stand, your opinion is not the standard. I look forward to the final round off appeals
<trackbot> ISSUE-168 -- What is the correct way for sub-services to signal that they are taking advantage of a transferred exception? -- raised
Matthias: signal they are taking advantage of transfer exception
David Singer: origninal website had orignal consent, how does the transfer of than consent gets relayed back that there is a service agreement here on the third party side
scribe: it was a resulf tof Rigo's text, section 6.7 of TPE
Nick: do we agree with that text or new issue?
Singer: not sure how to show user
or user agent how to relay transfer in consent
... its a design issue, seperate from service provider flag
Matthias: wants to open this
Singer: I would like to work with Roy
<npdoty> dsinger, fielding, that sounds like an action item :)
Matthias: we need a proposal on the table, do in a small group
<fielding> I raised it.
Matthias: Issue 162 is also an
interesting one, doesn't say who raised it
... if user comes to DNT=1, and only part is compliance that is easy
<dsinger> I think this is the 'under construction' issue
<npdoty> is there a difference between 162 and 161?
Matthias: you comply, you don't comply: do we want anything more detailed
<aleecia> Should we add beta as an issue?
<moneill2> can we get a link
Matthias: will take it to hunt it down
Singer: this was the under contruction issue that we did not understand
<fielding> er, no, I did 161
<npdoty> aleecia, I think "under construction" and "beta" are both covered in issue 161
Singer: not yet done, so cannot claim complaince
Singer: compliance is not yet claimed by this site
<fielding> dsinger, it needs to be the TSV -- not a qualifier
<moneill2> link to 162?
Matthias: more detailed, writing down and taking a look at with whole group
<dsinger> I think it's worth having it as a qualifier so it doesn't obscure 1st/3rd claims
<dsinger> to Roy: but let's discuss
<aleecia> Action for david?
<trackbot> Error finding 'for'. You can review and register nicknames at <http://www.w3.org/2011/tracking-protection/track/users>.
Nick: 161 seems related to
... maybe we have a proposal from Roy
... do we need some additiona text before we can clearly discuss
Roy: just made a link, efficient
to discuss but is not exact text
... only difference is that David wanted to put more things in the qualifier category
... do not want to make this status equivalent to the server being compliant with DNT, they are not
<npdoty> maybe we need to find someone who objects to Roy's approach, and ask them to write up their concerns
<npdoty> could "P1" indicate non-compliant but working on 1st-party compliance?
Singer: problem is indication of working on being a first party site and third party site
<johnsimpson> seems to me that you're either compliant or you're not.
<aleecia> I can live with losing 1/3
Nick: Jonathan had some concerns that we need to work out
<dsinger> to John: you use this status, you are not (yet) compliant, clearly
<dsinger> I can live with losing 1/3 too, it's sad but maybe it makes the important clear
<npdoty> so the concern on 161 may just be confusion or misunderstanding
objection of Jonathan, way to implement protocal without complying, but message is saying it is not compliant
<dsinger> means "Construction in process; response headers, the well-known-resource, and compliance may be correct, or may not be; compliance is not (yet)
<aleecia> Adding a single line of this must only be used for testing might resolve Jonathan's concern
<dsinger> claimed for this site" or something like
<vincent> I think this is a different issue
Wainberg: we should hold off dealing with tech spec for claims of compliance
<justin> Or maybe just the word "only"
<dsinger> Jonathan confused this with a different issue, I fear
Wainberg: what's the different between I have not fully implemented but I intend to as opposed to I do not plan to implement
<npdoty> I don't think the proposed flag indicated a commitment to do something in the future, just that it was in progress
<dsinger> I think this is HUGELY important as it encourages people to work on bring-up, and not fear that they'll be criticized for mistakes while they are working on it
Roy: no matter what compliance doc says, you don't want the first response to DNT to be legally binding
<aleecia> This is a way for companies to disclaim not complying. It's a fine thing to do.
Matthias: It does not have any meaning at this point, may just be a fixed header
<justin> Of course, there is always the fear that parties will just stay in perpetual BETA to avoid responsibility.
Matthias: use as beta testing with example users, when you are comfortable, you will put the site in projection mode
<aleecia> I can live with either David or Roy's approach with small preference for Roy's
Wainberg: I would like to see text, this is on but it does not mean anything, so ignore it
Matthias: It is okay if Roy puts proposal in text in option block as issue 161
<dsinger> I'll concede to Roy, but I'd like to find some way to know which way the flag will be after it's turn off (1 or 3), if we can
<aleecia> Roy, could you also add a quick "this is for testing" line to address Jonathan's concern?
<justin> I think dwainberg just articulated jmayer's point for him, in absentia :)
<fielding> ACTION: fielding to make text proposal on ISSUE-161 in draft with option block [recorded in http://www.w3.org/2013/01/30-dnt-minutes.html#action02]
<trackbot> Created ACTION-359 - Make text proposal on ISSUE-161 in draft with option block [on Roy Fielding - due 2013-02-06].
Matthias: that's all from my point of view
<aleecia> It will help others understand what we're doing anyway
Matthias: is there any other topic that we have not discussed that people want to start discussing in Boston?
<fielding> aleecia, yes
Matthias: If Yes, you can contact Matthias
<aleecia> Thank you!
Matthias: issue 183: header status for Europe
<trackbot> ISSUE-183 -- Additional Tk header status value for EU -- raised
Matthias: proposal from Mike
... you raised an issue that servers would want to indicate they are in the EU
Mike: In the EU, not having a DNT set would be equivalent to DNT=1
<aleecia> May I, quickly?
Matthias: want to push for global
... I would like to discuss first in European context
... if certain part of protocal need extension, then can come back to TPE for European improvements
... Is that okay with you? (Mike - Yes)
Singer: I think it will be worth while (112, 167) - design issues
<trackbot> ISSUE-112 -- How are sub-domains handled for site-specific exceptions? -- open
<trackbot> ISSUE-167 -- Multiple site exceptions -- raised
Singer: working with Nick to work on design issues for Boston
Matthias: 168 is also another side group, does it make sense to keep 3 seperate
<Zakim> dsinger, you wanted to say we should have a design meeting on sub-domains (flag needed?) and also-applies-to lists, in Boston
<fielding> no, please no more parallel sessions
Aleecia: I'm fine with moving Mike's to global, not where server is located, what matters is where the person is located
<fielding> ditto what aleecia said, though that only applies for those of us who do business in EU
Aleecia: it only matters where the user is located
<npdoty> aleecia, moneill2, was the proposal that the flag indicated server location? or to indicate a level of compliance that would satisfy a certain EU regulation?
Aleecia: suggesting we do not add anything because user already knows where they are located
Matthias: we can close the meeting a bit earlier
<dsinger> we have the user's nationality and location, the party's nationality, service location, and probably a few more to thgro into the mix...
Matthias: I will work on a more
detailed agenda with Peter
... Monday and Tuesday for compliance, TPE for Wednesday
<Wileys> Matthias, can you send that out in email?
<Wileys> Agenda, yes
Matthias: any final remarks, questions?
Matthias: will send out a detailed agenda when Matthias has it
<Wileys> Thank you!
<fielding> note there is a process requirement on agenda
Matthias: hopefully we will have agenda by the end of the week
Peter: it depends, we can provide some more detailed things sooner, understanding that it may shift
<Wileys> Shifting is okay - document requirements are critical to know ASAP
<fielding> umm, agenda must be published before meeting … see process
Matthias: thanks and see you next week, if not in Boston
<johnsimpson> Will there be call-in arrangements?
<aleecia> Two weeks in advance for in person as I recall
Nick: will follow up with registration emails either today or tomorrow
<Wileys> Aleecia - that was my understanding as well - meaning this past Monday
This is scribe.perl Revision: 1.137 of Date: 2012/09/20 20:19:01 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Succeeded: s/Huxting/Hustinx/ Succeeded: s/tride/tried/ Succeeded: s/Rever?/Verveer/ Succeeded: s/cann/can/ Succeeded: s/I will/I would like to/ Found ScribeNick: Yianni Inferring Scribes: Yianni Default Present: npdoty, Aleecia, +1.240.994.aaaa, peterswire, moneill2, Fielding, schunter, dsinger, BrendanIAB?, sidstamm, JeffWilson, Brooks, dwainberg, RichardWeaver, yianni, hefferjr, BillScannell, vinay, jchester2, +1.202.643.aabb, efelten_, vincent, +1.202.639.aacc, Chris_Pedigo, +33.6.08.75.aadd, +1.202.331.aaee, Marc-GroupM, [CDT], Alan, +49.173.259.aaff, +1.202.253.aagg, samsilberman, schunter1, BerinSzoka, WileyS, hwest, +1.425.614.aahh, +1.202.344.aaii, adrianba, +1.206.658.aajj, [Microsoft], kulick, David_MacMillan, MikeZ, +44.772.301.aakk, +1.646.654.aall, eberkower, johnsimpson, +1.646.825.aamm, +1.206.658.aann, +1.919.388.aaoo, marcg, AnnaLong?, SusanIsrael Present: npdoty Aleecia +1.240.994.aaaa peterswire moneill2 Fielding schunter dsinger BrendanIAB? sidstamm JeffWilson Brooks dwainberg RichardWeaver yianni hefferjr BillScannell vinay jchester2 +1.202.643.aabb efelten_ vincent +1.202.639.aacc Chris_Pedigo +33.6.08.75.aadd +1.202.331.aaee Marc-GroupM [CDT] Alan +49.173.259.aaff +1.202.253.aagg samsilberman schunter1 BerinSzoka WileyS hwest +1.425.614.aahh +1.202.344.aaii adrianba +1.206.658.aajj [Microsoft] kulick David_MacMillan MikeZ +44.772.301.aakk +1.646.654.aall eberkower johnsimpson +1.646.825.aamm +1.206.658.aann +1.919.388.aaoo marcg AnnaLong? SusanIsrael Regrets: jmayer Got date from IRC log name: 30 Jan 2013 Guessing minutes URL: http://www.w3.org/2013/01/30-dnt-minutes.html People with action items: doty fielding[End of scribe.perl diagnostic output]