16:53:42 RRSAgent has joined #dnt 16:53:42 logging to http://www.w3.org/2013/02/06-dnt-irc 16:53:49 Zakim, this is 87225 16:53:50 ok, npdoty; that matches T&S_Track(dnt)12:00PM 16:53:55 Zakim, who is on the phone? 16:53:56 On the phone I see +1.646.654.aaaa 16:55:03 aleecia has joined #dnt 16:55:28 dwainberg has joined #dnt 16:55:50 +Aleecia 16:56:00 agenda? 16:56:07 rvaneijk has joined #dnt 16:56:19 jeffwilson has joined #dnt 16:56:38 Zakim 646 654 is eberkower 16:56:39 +??P46 16:56:47 -??P46 16:56:52 +rvaneijk 16:56:59 Zakim, aaaa is eberkower 16:56:59 +eberkower; got it 16:57:00 zakim, 646.654.aaaa is eberkwer 16:57:01 sorry, eberkower, I do not recognize a party named '646.654.aaaa' 16:57:09 dsinger__ has joined #dnt 16:57:20 zakim, aaaa is eberkower 16:57:20 sorry, aleecia, I do not recognize a party named 'aaaa' 16:57:33 ...? 16:57:37 +[IPcaller] 16:57:39 zakim, [IPCaller] is me 16:57:39 +moneill2; got it 16:57:45 + +1.703.861.aabb 16:57:57 zakim, aabb is jeffwilson 16:57:57 +jeffwilson; got it 16:58:01 +dsinger 16:58:03 dsinger__ has joined #dnt 16:58:19 Yianni has joined #DNT 16:58:19 peterswire has joined #dnt 16:58:38 JC has joined #DNT 16:58:55 +dwainberg 16:59:03 +npdoty 16:59:10 zakim, who is on the phone? 16:59:10 On the phone I see eberkower, Aleecia, rvaneijk, moneill2, jeffwilson, dsinger, dwainberg, npdoty 16:59:12 +yianni 16:59:13 :-( I'll be doing the transit run soon too (why I type more than talk now) but I'm sorry to hear your voice is gone, David 16:59:19 robsherman has joined #dnt 16:59:20 +[Microsoft] 16:59:29 +Peter_Swire 16:59:32 + +1.919.388.aacc - is perhaps AnnaLong? 16:59:52 AnnaLong has joined #dnt 17:00:03 Wileys has joined #DNT 17:00:18 felixwu has joined #dnt 17:00:27 +[IPcaller] 17:00:34 jchester2 has joined #dnt 17:00:34 hefferjr has joined #dnt 17:00:37 nick: i'm 404.385.3279 17:00:41 vincent has joined #dnt 17:00:41 + +1.212.571.aadd 17:00:47 +Keith_Scarborough 17:00:50 johnsimpson has joined #dnt 17:00:50 zakim, ipcaller is Walter 17:00:51 +Walter; got it 17:00:56 justin_ has joined #dnt 17:01:01 vinay has joined #dnt 17:01:01 jmayer has joined #dnt 17:01:04 robsherman has joined #dnt 17:01:09 Somebody appears to be on a train? 17:01:13 zakim, aadd is WileyS 17:01:16 +WileyS; got it 17:01:16 +vincent 17:01:20 Peter-4As has joined #dnt 17:01:25 +[CDT] 17:01:28 volunteer to scribe? 17:01:32 kulick has joined #dnt 17:01:35 +vinay 17:01:55 + +44.772.301.aaee 17:01:56 + +1.310.292.aaff 17:01:59 +Jonathan_Mayer 17:02:06 scribe: yianni 17:02:12 phildpearce has joined #dnt 17:02:14 scribenick: Yianni 17:02:14 bryan has joined #dnt 17:02:15 Peter: George Ivy on the phone 17:02:21 s/Ivy/Ivie/ 17:02:23 +hefferjr 17:02:30 ...Peter is contacting by email 17:02:36 zakim, aaff is johnsimpson 17:02:36 +johnsimpson; got it 17:02:43 +[Microsoft.a] 17:02:50 zakim, mute me 17:02:50 johnsimpson should now be muted 17:02:50 zakim, [Microsoft.a] is me 17:02:51 Zakim, mute Yianni 17:02:51 +adrianba; got it 17:02:53 yianni should now be muted 17:02:56 + +1.202.331.aagg 17:03:04 zakim, mute me 17:03:04 adrianba should now be muted 17:03:06 Keith has joined #dnt 17:03:07 sidstamm has joined #dnt 17:03:11 yes 17:03:12 Peter: preview for Boston face to face 17:03:15 +bryan 17:03:19 + +1.212.972.aahh 17:03:24 +Peder_Magee 17:03:25 + +1.650.391.aaii 17:03:37 ...there are URLs and slides sent around for second portion of today's call 17:03:46 ...some of that exceeded the size limits 17:03:50 +[Mozilla] 17:03:53 Zakim, Mozilla has sidstamm 17:03:53 +sidstamm; got it 17:03:59 ...Nick put into IRC, put in the URLs for second half of today 17:04:09 slides for homomorphic: http://www.w3.org/2011/tracking-protection/homomorphic.dnt.pdf 17:04:10 http://www.w3.org/2011/tracking-protection/homomorphic.dnt.pdf 17:04:19 susanisrael has joined #dnt 17:04:19 ...In terms of Boston, send some URLS for things are useful 17:04:23 +SusanIsrael 17:04:24 hwest has joined #dnt 17:04:27 measuring ad effectiveness, from FPF: http://www.w3.org/2011/tracking-protection/measuring.fpf.docx 17:04:27 yrlesru has joined #DNT 17:04:30 zakim, aiii is robsherman 17:04:30 sorry, robsherman, I do not recognize a party named 'aiii' 17:04:39 ...for agenda will add more: Monday uses, Tuesday de-identification 17:04:50 +hwest 17:04:56 zakim, aaii is robsherman 17:04:56 +robsherman; got it 17:05:17 ...Editors, Yianni, W3C staff followed his advice to get to normative language 17:05:18 Zakim, aahh is George_Ivie 17:05:18 +George_Ivie; got it 17:05:31 ...focus is on bare bones, what is actually called for in the spec 17:05:41 + +1.503.264.aajj 17:05:42 ...what are remaining issues to get to last call 17:05:51 where is barebones spec? 17:05:51 Zakim, aajj is schunter 17:05:51 +schunter; got it 17:05:59 ...please review other language to figure out how to assign action items 17:06:02 George has joined #dnt 17:06:10 + +1.202.835.aakk 17:06:14 ...list of 48 people of knowledge of coming 17:06:22 ...contact Nick if you are not on the list 17:06:24 Brooks has joined #dnt 17:06:25 Marc_ has joined #DNT 17:06:26 +Brooks 17:06:33 ...if you have topics to raise, the chair will consider 17:06:41 The stripped down compliance spec (Bare Bones) is here: http://www.w3.org/2011/tracking-protection/drafts/CambridgeBareBones.html 17:06:46 ...if you have language for barebones, get that to Heather and Justin 17:06:48 ((202) 835-9810 - Marc 17:06:50 thx 17:06:54 ...question or comments on Boston? 17:06:56 q? 17:06:57 q+ 17:07:11 Chapell has joined #DNT 17:07:11 ninjamarnau has joined #dnt 17:07:15 Zakim, aakk is Marc_ 17:07:15 +Marc_; got it 17:07:20 kj has joined #dnt 17:07:25 dsinger has joined #dnt 17:07:32 Aleecia: make sure that others are aware that a blizzard is supposed to hit on Friday night and Saturday 17:07:40 ...she is now cancelling trip 17:07:46 +ninjamarnau 17:07:53 +[Apple] 17:07:56 ...cannot afford to get stuck in Chicago and Boston 17:07:58 -dsinger 17:08:08 Boston is good at dealing with snow. Hopefully everything will be close to normal by Sunday. 17:08:09 Peter: will circulate weather to the list 17:08:11 zakim, [apple] has dsinger 17:08:11 +dsinger; got it 17:08:22 eberkower has joined #dnt 17:08:22 + +1.646.666.aall 17:08:33 Peter: Is George Ivie on the phone 17:08:47 Topic: Media Ratings Council 17:08:50 my understanding of weather prediction in ne was less clearcut as of this morning. There will be some kind of bad weather in ne but they weren't sure how bad it would be. 17:08:51 ...we are now going to hear from George 17:09:08 George: wanted to explain the role and process of Media Ratings Council 17:09:18 ...prepared a brief slide deck to guide through discussion 17:09:23 ...background of organization 17:09:29 Susan that's what's frustrating - this could all be fine. But if I'm going to get hotel & airfare back, I need to act today on the best info I have. Grrrr. 17:09:30 ...intersection of MRC and privacy 17:09:36 susanisrael, what I'm hearing is that the most reliable model says that it'll be very bad in Boston, but other models are not in agreement - I imagine it'll be a game time decision for a lot of us 17:09:43 was planning to fly out on saturday 17:09:53 which deck are we looking at? 17:09:57 ...help illustrate better the kinds of this they do to fulfill there function 17:10:00 ...going into slides 17:10:07 http://www.w3.org/2011/tracking-protection/homomorphic.dnt.pdf 17:10:08 Media Rating Council, George Ivie, on list today 17:10:11 +BerinSzoka 17:10:19 ...slide 3, histry of MRC 17:10:23 the homomorphic URL is scheduled for about 12:45 17:10:29 direct link to George's slides: http://lists.w3.org/Archives/Public/public-tracking/2013Feb/att-0012/MRC_Background_--_W3C_and_DNT_1_.pdf 17:10:31 hwest, you're probably better informed re boston. I was listening to ny area radio this morning. Weather will be friday night into saturday. I'm planning to take the train. 17:10:37 + +1.613.797.aamm 17:10:49 BerinSzoka has joined #DNT 17:10:56 ...people claimed to manipulate audience resource and got congress' attention 17:10:58 that was me just joining 17:11:05 ...looked into how media was measured in United States 17:11:36 ...help set advertising rates in program, big input on how content flows to the public 17:11:56 ...nexus because broadcast media was licensed for public, wanted fairness in ratings 17:12:13 ...hearings lasted 6 years, and government concluded that there should be regulation on how media is measured 17:12:25 ...make sure how content flows is based on real measurements 17:12:38 ...government recommended system of self regulation 17:12:47 ...dealt with broadcast radio 17:13:00 ...now media because scope has grown 17:13:27 ...administrate a voluntary process for measurement to get accredited 17:13:44 ...organization must agree to five sub bullets on page 3 17:14:28 ...Pay MRC for cost of audits, conducted by independent CPA form, MRC does not make money on audit 17:14:42 ...process is confidential, audit does not go to the public 17:14:51 ...work with members to ensure quality measurement 17:14:57 ...public only sees seal of approval 17:15:08 ...Slide 4, mission statement 17:15:09 +??P66 17:15:15 -rvaneijk 17:15:17 ...unaltered since 1960s 17:15:23 Chris Mejia of IAB just joined via blocked number 17:15:25 negative indicators -> useless. but the audit financial structure is cool 17:15:33 Zakim, ??P66 is Chris_IAB 17:15:33 +Chris_IAB; got it 17:15:42 magee2023263538 has joined #dnt 17:15:46 ...Bottom of slide is the seal that organization can use when they meet the standard 17:16:04 ...Slide 5, list of member organizations 17:16:12 +rvaneijk 17:16:16 ...145 members of MRC (as big as they have ever been) 17:16:22 sorry for joining late - where is deck? 17:16:29 ...they represent all facets of media business that rely of quality of media measurement 17:16:34 MRC deck circulated in mailing list today from swire 17:16:37 http://lists.w3.org/Archives/Public/public-tracking/2013Feb/att-0012/MRC_Background_--_W3C_and_DNT_1_.pdf 17:16:56 ...companies they audit like Neilson or allbritton, cannot be members, they essentially regulate 17:17:08 ...slide 6, types of measurement products they audit 17:17:24 ...Allbritton on the list, a measurer of radio 17:17:49 ...television, radio, print, interenet, outdoor are all a part 17:18:04 ...on the left, have been approve and have the seal 17:18:15 ...on the right, still going through all the standards to acheive the seal 17:18:25 thanks justin_ ! 17:18:32 ...slide 7, how MRC interacts with privacy 17:18:39 zakim, aall is chapell 17:18:39 +chapell; got it 17:19:08 ...Neilson recruits households to instal meters on households, they accumulate data, and they produce television ratings 17:19:17 ...all of those homes have opted-in 17:19:27 +jchester2 17:19:34 zakim, mute me 17:19:34 jchester2 should now be muted 17:19:34 ...MRI, Allbritton, it happens in all companies that they have audited 17:19:55 ...in the internet realm, you still have legacy (metered, opt-in process), but also have more passive ways to track 17:20:06 ...track by using a cookie, what ads people are exposed to 17:20:17 ...MRC is not a privacy policy organization 17:20:30 ...standards of MRC do not talk about standards of privacy, not experts in that 17:20:49 ...we do not set privacy focused standards 17:21:00 ...audits mandate some form of retention of data, not driven by privacy 17:21:05 +David_MacMillan 17:21:11 ...driven by users of data being informed when errors are made 17:21:32 We should discuss the cross-platform assessment of users, such as via: http://www.measurementnow.net/support-the-mrc.html 17:21:34 +??P17 17:21:36 David_MacMillan has joined #dnt 17:21:39 ...standards require that if you make mistakes, you need to reformulate data, so data must be retained 17:21:40 How long? 17:21:48 ...some companies say they cannot retain data for privacy purposes 17:21:53 yrlesru has joined #DNT 17:22:04 ...good example is click, if MRC says data must be retained for a year 17:22:23 ...if company says we cannot retain it at all, MRC says you do not have to retain if they have a legitimate reason 17:22:30 That's cool 17:22:33 laurengelman has joined #dnt 17:22:36 ...do not need to retain data that puts you at privacy difficulties 17:22:39 +??P19 17:22:40 Privacy policy > MRC retention standards. 17:22:44 The MRC system needs to be evaluated in terms of the data collection practices of the digital marketing industry. 17:22:50 So auditors do not require any retention period longer than the org has 17:22:53 ...consider organization privacy policies more important than MRC standards 17:23:06 ...general want retention of measurement data for 1 year 17:23:13 Zakim, ??P19 is laurengelman 17:23:13 +laurengelman; got it 17:23:15 ...MRC is about quality of measurement, not privacy 17:23:30 ...slide 8, types of things MRC deals with 17:23:41 ...cell phones versus land line phones, how do you sample 17:23:44 Some time ago we debated whether MRC mandates data collection and retention despite privacy controls. Looks like we have a definitive answer. 17:23:51 ...how to incentive people to participate in surveys 17:24:07 Yianni- to clarify for the record, George did not say that privacy policies are "more important" (but that's what you wrote) - he didn't use those words 17:24:38 Zakim, yrlesru is Frank Dawson 17:24:38 I don't understand 'yrlesru is Frank Dawson', yrlesru 17:24:39 ...slide 9 for new media 17:24:56 We should review: http://www.measurementnow.net/faqs.html 17:24:58 ...take an ad campaign tag it and see how many people were exposed to it 17:25:09 ...summarized issue on right of the slide 17:25:27 ...for user-centric most of it is opt-in 17:25:42 ...common issues are for al organizations 17:25:50 ...these are the areas we concentrate 17:25:54 q? 17:25:58 ...that is the general backgrond, do people have questions 17:26:05 q- 17:26:09 q+ 17:26:13 Peter: going to ask questions first, then people can get on the queue 17:26:15 (wasn't ack'ed from before) 17:26:19 Zakim, yrlesru is FrankDawson 17:26:19 sorry, yrlesru, I do not recognize a party named 'yrlesru' 17:26:33 Peter: Audit function- someone bought a certain things and was it delivered? 17:26:49 ...might have more like general market research, wat are race and age characteristics 17:26:57 ...are some of these audits and others market research? 17:27:06 George: we audit media research 17:27:20 ...do not answer general census data 17:27:30 David_MacMillan_ has joined #dnt 17:27:40 ...we audit a product that tracks or gains an understanding of media uses, what do people watch, listen on the radio 17:27:55 ...what internet websites do they visit, what billboards do they see when driving to work 17:28:03 Chris-IAB, He didn't say more important, but he did say that self-imposed retention limitations for privacy reasons trump the MRC's retention requirements. 17:28:10 Zakim, ??P17 is probably Frank_Dawson 17:28:10 +Frank_Dawson?; got it 17:28:12 +q 17:28:18 ...most of them are samples, standard- sample must represent population being measured 17:28:42 ...we audit the controls around the measurement and methodology as well 17:28:56 Zakim, is yrlesru here 17:28:56 yrlesru, you need to end that query with '?' 17:29:03 Peter: timing - period that a measurement is in the field, a campaign, is that days, weeks, months? 17:29:13 Zakim, is yrlesru here? 17:29:13 yrlesru, I do not see Yrlesru anywhere 17:29:23 q? 17:29:32 George: it varies. television and radio are in periods 17:29:40 ...could be a 6 or 7 day period or a 30 day period 17:29:55 Peter: survey around online? 17:30:09 Zakim, P17?? is Frank_Dawson 17:30:09 sorry, yrlesru, I do not recognize a party named 'P17??' 17:30:15 George: in digital realm it is very different, the length of campaigns are determined by marketers 17:30:26 q? 17:30:29 ...example, marketing campaign to sell a car, start 2 months out 17:30:30 Zakim, ??P17 is Frank_Dawson 17:30:30 I already had ??P17 as Frank_Dawson?, yrlesru 17:30:46 ...track campaign for entire life cycle, can track every month, week, or daily 17:30:58 ...it can be customized based on marketers demand 17:31:12 ...A month or 2 months is on the long side of a campaign 17:31:19 ack jmayer 17:31:20 ...sale at target could be 2 days before the sale 17:31:21 This is highly informative 17:31:24 q? 17:31:24 q? 17:31:42 Jonathan: Had debates on the issue of whether MRC requires certain forms of data collection or retention 17:31:55 ...rather they are general practices or give way to rules around consumer privacy 17:31:59 zakim, unmute me 17:31:59 jchester2 should no longer be muted 17:32:03 it is not unusaly for online campaigns run for more than 4 months 17:32:06 Zakim, Wileys is part of [Yahoo!] 17:32:06 I don't understand 'Wileys is part of [Yahoo!]', Wileys 17:32:17 oops, unusual 17:32:23 q+ 17:32:28 Zakim, Wileys is [Yahoo!] 17:32:28 +[Yahoo!]; got it 17:32:29 ...just wanted to confirm that MRC follows that when privacy concerns conflict with retention, privacy concerns trump ordinary business of tracking and retaining data 17:32:46 George: you are correct, mainly comes up in more passive tracking enviornment 17:32:52 David_MacMillan has joined #dnt 17:32:52 s/retention/collection and retention/ 17:32:59 kulick is part of [Yahoo!] 17:33:03 right, in the active panel market research approach won't generally have a user opt-out conflict 17:33:05 ...in everyone, we say they can follow organizational privacy concern 17:33:16 ack jchester 17:33:35 Jeff Chester: can you talk about the 3MS? initiative? 17:33:36 Zakim, kulick is [Yahoo!] 17:33:36 sorry, kulick, I do not recognize a party named 'kulick' 17:33:43 q? 17:33:53 ...can you talk about view of viewable impression? 17:34:03 George: very large topic, try to summarize 17:34:17 ...3MS was an initiative started by major trade association in media business 17:34:39 ...wanted to do was try to make digital advertising enviornment more effective 17:34:52 ...try to allign to make more measureable with other media measurement 17:35:11 ...in television only count ads that are viewed 17:35:37 ...because of technology implementation, there were no technology to determine whether someone actually saw the ad (below the fold) 17:35:50 this link jchester pointed out earlier is a helpful FAQ: http://www.measurementnow.net/faqs.html 17:35:55 ...people still paid for the ad, but the ad may have been served outside viewable space 17:36:11 ...if you want to measure digital, you had to make viewable (needed the technology) 17:36:30 ...people are using technics that they embed that determines whether ad is viewable 17:36:49 ...industry made a recomendation that we change currency from served ads to viewable ads 17:37:07 ...3MS used a large consulting firm and lots of participants, and have turned over project to MRC 17:37:08 q? 17:37:16 q+ 17:37:21 ...MRC is taking viewable content and making it operable in ecosystem 17:37:33 ...we are setting the standard of viewable, leading this now 17:37:49 ...we are aligned with this concept that ads should be monitized when viewed 17:38:10 ...another of 3MS how to do cross media standards 17:38:13 Not I 17:38:13 no audio problems here 17:38:22 npdoty: it is probably just you 17:38:29 ...basically background on project, have to have inteligent about page that you have not had before 17:38:32 it drops, but not in a very noticable way 17:38:34 audio has been fine for me 17:38:39 ...does not have any personal information about who is accessing page 17:39:14 zakim, mute me 17:39:14 jchester2 should now be muted 17:39:30 the FAQ seemed to suggest that it did include data about the audience: "Digital GRPs will be based on viewable impressions and reflect age, gender and ethnicity demographics, with ability to add further demo and behavioral targeting." 17:39:39 Chris: IAB, question with regard to details of Jonathans question 17:39:50 Yes. thanks Nick! 17:39:51 ...talked about auditing, a little less on accrediting side 17:40:13 ...Jonathan is refering to debate that when user opted out (DNT=1) 17:40:20 -Frank_Dawson? 17:40:24 +q 17:40:28 q+ 17:40:32 ack Chris_IAB 17:40:33 ...Jonathan is talking about idea that we would not do any data collection on that user for any purposes 17:40:51 That's not true. I have never suggested Do Not Track would eliminate all data collection. 17:41:01 Not "none" --- the Stanford/EFF proposal allowed for a fair amount of data collection. 17:41:12 ...you would shorten time of retention versus not collecting data at all and not being accountable in the market 17:41:34 Chris_IAB, that is what *no one* is talking about. 17:41:35 George: generally you do not see organizational policy that we will not track at all, not what MRC runs into in practce 17:41:36 q? 17:41:58 q+ 17:41:58 ...we should limiting of tracking of certain types of information, personally identifiable information or historical records of how cookies interact with people 17:42:07 +??P17 17:42:13 Q? 17:42:15 ...policies that are focused on sensitive information and generally what comes up with data retention 17:42:39 q+ 17:42:46 ...we do not see that we are tracking general ad impression, generally those are allowed to be tracked by privacy policy 17:42:52 ...have never runned into that concern 17:43:12 special meaning to "raising pen"? 17:43:17 it might be hard to speculate, but I wonder if an organization has a privacy policy to drop data from a certain set of users (or some fraction of the data from those users), whether it would still be in compliance with MRC audit requirements 17:43:17 ...there is sensitive information (we audit cable organization- what you watch on tv can be sensitive) 17:43:32 He wants to rebut Chris_IAB's mischaracterization of his position. 17:43:39 ...we respect stringent privacy policies for sensitive data 17:43:43 peterswire: it means that Jonathan wants to interject a question 17:44:33 can we let Jonathan finish? 17:44:41 Jonathan: step 1. One of the proposals in the group has not been to cease all data collection 17:44:57 ...that collection aligns with how MRC sees more senstive data 17:45:13 ...example, ad shows up on website, website can retain the fact that ad was displayed 17:45:16 wow, Jonathan: maybe you could try just a little not to make this personal and accuse people of misrepresenting you? For example, you might say, "Excuse me, but I think I haven't made my point quite clear. Let me try again." That's how adults communicate 17:45:31 ...lets suppose all of that is allowed to be retained, but all other information about user cannot be retained 17:45:34 please keep comments focused on substance, online and in voice 17:45:45 ...if DNT was to go so far, would that impression information still be okay 17:45:50 Jonathan: what you suggest is not possible 17:45:50 q? 17:45:51 ...no one has suggested that is off the table 17:46:00 q 17:46:07 q? 17:46:09 could we get an answer to Jonathan's question? 17:46:14 Um, what happened to my question? 17:46:17 Peter: could you help me understand, financial audits 17:46:29 jonathan?what happened to answer to 17:46:29 ...is there another realm of people doing financial audits? 17:46:34 if you store granular data that includes discreet identifiers they are inhernently linkable 17:46:38 indeed, I haven't heard an answer 17:46:41 +q 17:46:44 George: yes, we do not measure financial information, we measure audience 17:46:56 ...others do financial audits, did they get what they paid for 17:47:15 well, Jonathan's still in the queue: perhaps he can ask succinctly when it comes back around 17:47:15 ...Advertiser makes an investment of $100 million ad campaign, go to ad agency 17:47:28 ...tell impression of each media type, then ad agency executes 17:47:34 Peter: who should we go to? 17:47:50 George: association for online advertising for companies that do that (do not remember the name) 17:48:11 ...companies audit that the company spent $100 million, did they get the impression, should there be refunds (MRC does not do) 17:48:17 q? 17:48:44 ack peterswire 17:48:47 ack brooks 17:49:16 Brooks: okay to ask, what is the importance of those types of audits and the typical information that needs to be kept 17:49:26 we have ad association folks here; do they have a sense of what organization is in place for financial audit standards? are there other standards for us to be aware of? 17:49:30 ...purchasing for specific locale need IP information 17:49:30 I have to run to class. Here's a recap of my question: If Do Not Track were to mean a company can collected impression data (e.g. ad X was shown on site Y at time Z) but cannot collect user-specific data (e.g. no unique IDs, no IP address), would that be OK? Nobody in the group has advocated anything so restrictive, but if I understood the previous comment, Do Not Track could go that far and still align with MRC rules. 17:49:42 George: there are traditional media companies that do auditing he previous mentioned 17:49:52 jmayer: I'm going to rephrase your question anyway 17:49:52 ...in digital world, there are ad verification services 17:49:59 DoubleVerify and the like . . . 17:50:06 ...paid to follow digital advertising and see if ad met certain terms and conditions 17:50:19 ...it did not appear in harmful media enviornemnts (DIsney on a porn website) 17:50:28 q? 17:50:33 ...MRC does do audits of that sort, even wrote the standard 17:50:43 q- 17:50:47 q- 17:51:01 ...for tracking of whether certain terms and conditions are met (ex. geo-location to appear in US) 17:51:08 q+ 17:51:21 Brook: when you do that type of audit, you need to retain things like IP address (show ad did not show up in RUssia) 17:51:25 George: that is correct 17:51:33 Aleecia: 3 questions 17:51:49 ...first, are there any cases where you have required data retention for one years 17:51:58 Geroge: no, we have a standard for a year 17:52:16 Aleecia: we do not distinguish content like children data (senstitive data a part of ) 17:52:20 -Marc_ 17:52:31 ...if we limiting data rentetion data for 6 weeks, would that be a problem? 17:52:44 George: it would be a sever problem for the industry, not a problem for me 17:53:05 ...should recognize the difference between sensitive data and non-sensitive data 17:53:11 Yianni, not a "server" problem, a "severe" problem 17:53:14 for the record 17:53:22 -q 17:53:25 do MRC standards/audits explain what they consider sensitive or not sensitive? 17:53:31 s/sever problem/severe problem/ 17:53:39 Yianni, please note your typo above-- it's important for the record - thanks :) 17:54:14 Aleecia: if we decided to limit data (no IP adresss, no user id) 17:54:31 George: would not afffect auditing, but would hurt the system 17:54:34 npdoty, thanks! 17:54:46 ...people would not believe in the value of the ad because there is no intellligence around it 17:55:35 ...Not saying it has to be personal information, but they has to be intelligence around transaction to know that it has value 17:55:56 They will want to know about individuals and their behavior. 17:55:58 Aleecia: could have a count of this many people in this area code without having IP address 17:56:18 George: throwing out hypos, but not saying you need IP address. 17:56:22 -schunter 17:56:31 ...personally he does not feel they are not that sensitive 17:56:37 David_macmillan has joined #dnt 17:56:37 @Yianni, shall I take over scribing? 17:56:38 given the work done by our next speaker, we are going to shift to that part after this 17:56:41 yianni, i think george said he's not saying you DON'T need ip address 17:56:55 Yea, you can take over scribing 17:57:02 scribenick: BerinSzoka 17:57:24 jchester2, I don't think he's saying they need to measure cross-site behavior on an individual basis. He's saying the individual information is useful on measuring each separate client. 17:57:45 s/on/in 17:57:50 q- 17:57:55 ack aleecia 17:58:01 George: for the example of search marketing ... stricter privacy polices, and I can audit to that policy 17:58:08 -robsherman 17:58:10 +1, thanks very much George! 17:58:12 OK, I'm taking over scribing now... 17:58:24 thank you George 17:58:29 Useful link - Re: ClickFraud or Impression fraud, I have seen IP + user-agent + referral used to detect valid clicks and valid impression here: http://www.adometry.com/publishers-ad-networks/click-forensics/index.php 17:58:48 http://www.w3.org/2011/tracking-protection/homomorphic.dnt.pdf 17:59:03 Topic: Khaled, Homomorphic Encryption 17:59:05 -George_Ivie 17:59:08 scribenick: BerinSzoka 17:59:30 Starting now Dr. Khaled El Emam, Canada Research Chair in Electronic Health Information CHEO Research Institute and University of Ottawa http://ehip.blogs.com/about.html 17:59:53 slides not available during call 18:00:34 To summarize so I remember this later: as per George, 1 year is max retention for their audits; they could audit if we capped all retention to 6 weeks; if we limited data retention or collection to aggregate data they could audit to that. However, George strongly notes this may not be a good idea for the industry: just because they can do the audits does not mean it's a good idea for the ecosystem. But, there are no barriers to whatever we want to do based o[CUT] 18:00:35 requirements. (If someone else thinks we had a different dialog, please set me straight) 18:00:48 Khaled: I'm focused on problem of understanding ad effectiveness, especially matching individuals who saw an ad online, then went to an offline store--linking the two events together using a user ID 18:00:50 slides are available -- http://www.w3.org/2011/tracking-protection/homomorphic.dnt.pdf -- though not everyone may have reviewed the FPF document -- http://www.w3.org/2011/tracking-protection/measuring.fpf.docx 18:01:37 Khaled: "Salting" hashing means adding some random values to a hash to prevent it from being reidentified 18:02:27 if the unique user id isn't a unique identifier, it's possible to do frequency attacks on hash values 18:02:40 3 concerns have been expressed about using hash values for matching 18:03:07 -vinay 18:03:13 (frankly, this presentation being rather technical, I think it doesn't make sense to have a lawyer scribe it. can someone who knows this stuff better than me scribe this?) 18:03:44 any techies able to scribe? 18:03:48 3 different trust models when you have third parties involved 18:03:57 -Peder_Magee 18:04:36 second kind of trust model is "honest but curious" (passive adversary) 18:05:17 we use this model in health care because we assume public health providers are honest but curious--won't deliberately attack data 18:05:41 if data is breached, it's not a risk because it's not possible to extract PII from breach data 18:06:26 seriously, folks, I'm not qualified to scribe this. could someone else please take over? 18:06:29 aleecia, re your comment way earlier, i heard a little more nuance in what george said. 18:06:29 in the fully malicious case, the attacker may inject false data 18:06:32 scribenick: npdoty 18:06:52 Khaled: in terms of speed, matching algorithms can be scalable, but not all computations will work that way 18:07:07 thanks, nick! 18:07:23 ... homomorphic encryption is used in these secure, multi-party communications 18:07:40 ... a party can count the sum of a few numbers without knowing the numbers themselves 18:08:14 ... transform multiplications into sums, and vice versa 18:08:20 noting that walt michel has joined me in the room listening to Khaled's presentation 18:08:31 -moneill2 18:08:46 a * b equivalent to encrypted version of a + b 18:09:07 Khaled: easier in the context of encryption 18:09:21 ... if you're able to do addition and multiplication, able to do quite complex operations 18:09:33 +Chris_Pedigo 18:09:38 ... public key encryption 18:09:46 ... two different keys for encryption and decryption 18:09:52 +[IPcaller] 18:09:56 ... randomized public key encryption 18:10:03 zakim, [ipcaller] is me 18:10:04 +moneill2; got it 18:10:22 ... add a different random value to the same message each time 18:10:50 ... c1 and c2 are encryptions of the same data, but have a different result; this is different from hashing, which would return the same value on the same message 18:11:01 ... an important property because it removes the risk of frequency attacks 18:11:29 ... but decrypted we get the same original message 18:12:05 detailed. understatement of year so far :) 18:12:19 interesting stuff though :) 18:12:20 ... (more detailed than you might have expected; explaining notation) 18:12:43 -jchester2 18:12:45 -Chris_Pedigo 18:12:47 ... [encrypted version of a plain text] 18:12:58 ... [a] * [b] = [a + b] 18:13:09 ... by multiplying two encrypted numbers you can get the sum of the original values 18:13:29 ... [a]^b = [ab] 18:13:51 ... taking an encrypted value and raising it to the power of b and send it back to you, you get the product of a and b 18:14:15 ... deterministic matching between parties A and B 18:14:30 ... the result is 0 if the numbers are the same and a large random number otherwise 18:14:36 +Chris_Pedigo 18:14:47 q? 18:15:22 After this, I will want someone to tell me whether this allows companies to study users longitudinally while prohibiting them from ever tying the data set back to a user or device if they were strongly motivated to do so. 18:15:24 ... a standard protocol for two parties to determine whether the value is the same without revealing to either party what the other's number is 18:15:52 Setting aside the question of whether a collection of url streams over time is intrinsically identifying. 18:16:20 -chapell 18:16:34 ... the second party can't use frequency attacks to determine the value since the encrypted values are different (random public key encryption described above) 18:16:50 +Alan 18:17:06 ... sending the result back, once decrypted, reveals whether or not the value is the same 18:17:32 ... Paillier (slow, and patented) or Exponential Elgamal (very fast) 18:17:33 i am lost 18:18:07 ... for determining whether values match, this is very efficient, and quick to encrypt/decrypt 18:18:41 ... in a fully homomorphic scheme, you can do any number of operations, but not easily scalable and has problems of key management 18:19:16 ... (Gentry), currently not performant 18:19:34 peterswire: what are the key advantages? (slide 20) 18:20:07 ack justin 18:20:47 justin: ad networks that collect URL streams -- could hash that, but then could easily re-link those URLs to a single user 18:21:23 ... hypothetically, could send those URLs to some trusted party to do analysis, but couldn't re-link it to a cookie or unique user ID they use 18:21:38 ... is that what we could do with homomorphic encryption? 18:21:59 khaled: use case is linking two data sets with some user id, for example, between online and offline data 18:22:06 ... could be generalized to the example of matching URLs 18:22:54 khaled: data vault would generate the public keys and send to the different parties 18:23:28 ... site would encrypt its data and send encrypted data to the other party (the offline retailer, say) 18:23:59 ... retailer would do a comparison, but couldn't yet see the results 18:24:23 ... able to do this efficiently for very large data sets 18:24:35 ... retailer would send the comparison results back to the data vault 18:24:44 ... and could then tell you which records matched 18:26:07 ... can efficiently determine whether offline and online visitors were the same, without revealing to the retailer who visited the web site 18:26:23 ... only attack is if the retailer, in this example, introduces false data (like a famous person's ID) 18:26:47 ... would prohibit via contract and auditing; this is the malicious case 18:27:07 ... used for fraud protection and health data 18:27:24 ... I think it addresses all the problems previously raised with hashing 18:27:35 q+ 18:27:36 ... no practical issues for performance, encryption can be done in the browser 18:27:43 q? 18:27:47 peterswire: are there patent issues? is a license needed? 18:28:19 khaled: no, everything you would need is public. the "special sauce" is just for efficiency on large databases; these are all public techniques that have been around for years 18:28:40 justin: can you explain why the data vault is not trusted? 18:28:59 khaled: the data vault only gets match results, just 0s and random numbers, don't have access to any of the records 18:29:39 justin: for a single party, a web site wants to study whether they are return visitors, but wants to lose the ability to tie back to their own identifier 18:30:15 khaled: the topology would be different; would encrypt the data, go through a similar scheme, and use the data vault to decrypt the data in the end 18:30:30 bye all. wishing you a productive meeting in Boston! 18:30:36 peterswire: thanks to Khaled for going through a lot in a very short time 18:30:40 -laurengelman 18:30:48 johnsimpson has left #dnt 18:31:01 ... hope Justin and Khaled can follow up offline. if anyone can help translate those questions, let them know. 18:31:14 ... gone through a lot today, hope these background topics are useful for Boston 18:31:16 -[Apple] 18:31:17 ... thanks to everybody 18:31:17 -??P17 18:31:17 - +1.202.331.aagg 18:31:18 -rvaneijk 18:31:18 -Chris_Pedigo 18:31:18 -Peter_Swire 18:31:18 - +1.613.797.aamm 18:31:19 -hwest 18:31:19 -bryan 18:31:19 -dwainberg 18:31:20 -vincent 18:31:20 -[CDT] 18:31:20 -Keith_Scarborough 18:31:21 -hefferjr 18:31:21 -Aleecia 18:31:22 -moneill2 18:31:22 -eberkower 18:31:23 dwainberg has left #dnt 18:31:24 -ninjamarnau 18:31:24 -David_MacMillan 18:31:24 -[Yahoo!] 18:31:24 -adrianba 18:31:25 -[Mozilla] 18:31:25 -yianni 18:31:26 -jeffwilson 18:31:26 -johnsimpson 18:31:27 -Chris_IAB 18:31:33 Zakim, list attendees 18:31:33 As of this point the attendees have been +1.646.654.aaaa, Aleecia, rvaneijk, eberkower, moneill2, +1.703.861.aabb, jeffwilson, dsinger, dwainberg, npdoty, yianni, [Microsoft], 18:31:37 ... Peter_Swire, +1.919.388.aacc, +1.212.571.aadd, Keith_Scarborough, Walter, vincent, [CDT], vinay, +44.772.301.aaee, +1.310.292.aaff, Jonathan_Mayer, hefferjr, johnsimpson, 18:31:37 ... adrianba, +1.202.331.aagg, bryan, +1.212.972.aahh, Peder_Magee, +1.650.391.aaii, sidstamm, SusanIsrael, hwest, robsherman, George_Ivie, +1.503.264.aajj, schunter, 18:31:42 ... +1.202.835.aakk, Brooks, Marc_, ninjamarnau, +1.646.666.aall, BerinSzoka, +1.613.797.aamm, Chris_IAB, chapell, jchester2, David_MacMillan, laurengelman, Frank_Dawson?, 18:31:42 ... [Yahoo!], Chris_Pedigo, Alan 18:31:42 -[Microsoft] 18:31:52 RRSAgent, please draft minutes 18:31:52 I have made the request to generate http://www.w3.org/2013/02/06-dnt-minutes.html npdoty 18:32:08 rrsagent, make logs public 18:32:10 RRSAgent, please draft minutes 18:32:10 I have made the request to generate http://www.w3.org/2013/02/06-dnt-minutes.html npdoty 18:32:30 Meeting: Tracking Protection Working Group teleconference 18:32:34 chair: peterswire 18:32:44 scribe: yianni, npdoty 18:32:48 RRSAgent, please draft minutes 18:32:48 I have made the request to generate http://www.w3.org/2013/02/06-dnt-minutes.html npdoty 18:33:31 -npdoty 18:35:20 -SusanIsrael 18:36:39 yrlesru has joined #DNT 18:38:24 -Alan 18:45:28 -peterswire 18:56:06 kulick has joined #dnt 19:00:46 felixwu has left #dnt 19:05:56 kulick has left #dnt 19:18:49 -BerinSzoka 19:23:32 -Walter 19:42:16 -Brooks 20:01:36 -Jonathan_Mayer 21:01:34 - +44.772.301.aaee 21:03:59 schunter has joined #dnt 21:06:35 disconnecting the lone participant, AnnaLong?, in T&S_Track(dnt)12:00PM 21:06:37 T&S_Track(dnt)12:00PM has ended 21:06:37 Attendees were +1.646.654.aaaa, Aleecia, rvaneijk, eberkower, moneill2, +1.703.861.aabb, jeffwilson, dsinger, dwainberg, npdoty, yianni, [Microsoft], Peter_Swire, +1.919.388.aacc, 21:06:37 ... +1.212.571.aadd, Keith_Scarborough, Walter, vincent, [CDT], vinay, +44.772.301.aaee, +1.310.292.aaff, Jonathan_Mayer, hefferjr, johnsimpson, adrianba, +1.202.331.aagg, bryan, 21:06:39 ... +1.212.972.aahh, Peder_Magee, +1.650.391.aaii, sidstamm, SusanIsrael, hwest, robsherman, George_Ivie, +1.503.264.aajj, schunter, +1.202.835.aakk, Brooks, Marc_, ninjamarnau, 21:06:39 ... +1.646.666.aall, BerinSzoka, +1.613.797.aamm, Chris_IAB, chapell, jchester2, David_MacMillan, laurengelman, Frank_Dawson?, [Yahoo!], Chris_Pedigo, Alan 21:24:27 schunter has joined #dnt 21:41:02 schunter has joined #dnt 22:28:22 Zakim has left #dnt 23:49:14 schunter has joined #dnt