IRC log of dnt on 2013-06-05

Timestamps are in UTC.

15:53:54 [RRSAgent]
RRSAgent has joined #dnt
15:53:54 [RRSAgent]
logging to
15:53:56 [trackbot]
RRSAgent, make logs world
15:53:56 [Zakim]
Zakim has joined #dnt
15:53:58 [trackbot]
Zakim, this will be
15:53:58 [Zakim]
I don't understand 'this will be', trackbot
15:53:59 [trackbot]
Meeting: Tracking Protection Working Group Teleconference
15:53:59 [trackbot]
Date: 05 June 2013
15:54:17 [npdoty]
npdoty has changed the topic to: agenda:
15:54:26 [npdoty]
zakim, this will be TRACK
15:54:26 [Zakim]
ok, npdoty; I see T&S_Track(dnt)12:00PM scheduled to start in 6 minutes
15:55:13 [npdoty]
regrets+ johnsimpson, aleecia, jmayer, peterswire, chris_iab
15:55:17 [npdoty]
chair: schunter
15:56:50 [Brooks]
Brooks has joined #dnt
15:56:52 [jackhobaugh]
jackhobaugh has joined #dnt
15:57:18 [eberkower]
eberkower has joined #dnt
15:57:47 [Zakim]
T&S_Track(dnt)12:00PM has now started
15:57:54 [Zakim]
15:57:56 [Zakim]
+ +1.202.347.aaaa
15:58:20 [jackhobaugh]
Zakim, 347.aaaa is jackhobaugh
15:58:20 [Zakim]
sorry, jackhobaugh, I do not recognize a party named '347.aaaa'
15:58:40 [fielding]
fielding has joined #dnt
15:58:56 [moneill2]
moneill2 has joined #dnt
15:58:59 [adrianba]
adrianba has joined #dnt
15:59:00 [npdoty]
Zakim, aaaa is jackhobaugh
15:59:00 [Zakim]
+jackhobaugh; got it
15:59:07 [npdoty]
regrets+ susanisrael
15:59:34 [Zakim]
15:59:48 [Zakim]
15:59:56 [moneill2]
zakim, [IPCaller] is me
15:59:56 [Zakim]
+moneill2; got it
16:00:13 [Zakim]
16:00:15 [Zakim]
16:00:21 [vinay]
vinay has joined #dnt
16:00:22 [rigo]
zakim, mute me
16:00:22 [Zakim]
Rigo should now be muted
16:00:24 [WaltMichel]
WaltMichel has joined #DNT
16:00:52 [rachel_n_thomas]
rachel_n_thomas has joined #dnt
16:00:55 [kulick]
kulick has joined #dnt
16:01:00 [justin]
justin has joined #dnt
16:01:14 [Zakim]
16:01:19 [Ari]
Ari has joined #dnt
16:01:21 [Zakim]
16:01:44 [Zakim]
16:01:45 [Zakim]
+ +1.650.595.aabb
16:01:47 [Zakim]
16:01:48 [Zakim]
16:01:54 [Zakim]
16:01:55 [Zakim]
16:01:56 [hefferjr]
hefferjr has joined #dnt
16:02:00 [npdoty]
Zakim, ??P28 is schunter
16:02:00 [Zakim]
+schunter; got it
16:02:06 [adrianba]
zakim, [Microsoft] is me
16:02:06 [Zakim]
+adrianba; got it
16:02:09 [Zakim]
16:02:13 [Zakim]
16:02:29 [kulick]
i can scribe
16:02:40 [npdoty]
scribenick: kulick
16:02:49 [kulick]
thomas: brad is too quick
16:02:55 [magee2023263538]
magee2023263538 has joined #dnt
16:02:56 [Yianni]
Yianni has joined #dnt
16:03:02 [Zakim]
16:03:12 [JC]
JC has joined #DNT
16:03:13 [Zakim]
16:03:14 [Zakim]
16:03:15 [npdoty]
16:03:29 [David_MacMillan]
David_MacMillan has joined #dnt
16:03:30 [Zakim]
16:03:38 [Zakim]
16:03:45 [Chapell]
Chapell has joined #DNT
16:03:48 [Yianni]
Zakim, mute me
16:03:48 [Zakim]
Yianni should now be muted
16:03:49 [Zakim]
16:04:15 [schunter]
schunter has joined #dnt
16:04:21 [Zakim]
16:04:30 [Zakim]
16:04:37 [Zakim]
16:04:52 [kulick]
schunter: main goals to go over all main goals to close them or make progress on them
16:05:04 [kj]
kj has joined #dnt
16:05:04 [kulick]
... end call with associated actions for all issues
16:05:24 [kulick]
... listed issues in agenda which could benefit for discussion
16:05:41 [kulick]
... next item open actions, overdue action
16:05:43 [schunter]
16:05:44 [Zakim]
16:06:06 [kulick]
... next item 312... Justin
16:06:10 [npdoty]
note we have several quite old actions that I didn't close during cleanup because I wasn't sure about the status
16:06:13 [npdoty]
16:06:13 [trackbot]
ACTION-312 -- Justin Brookman to merge financial logging language -- due 2013-04-01 -- OPEN
16:06:13 [trackbot]
16:06:14 [kulick]
... due April 1st
16:06:25 [npdoty]
I think Justin might have actually done this already :)
16:06:28 [Zakim]
+ +1.678.492.aacc
16:06:29 [WileyS]
WileyS has joined #dnt
16:06:36 [kulick]
justin: superceded by conversation
16:06:41 [ninjamarnau]
ninjamarnau has joined #dnt
16:06:42 [kulick]
schunter: closing this action
16:06:46 [kulick]
.... adrian on call?
16:06:49 [Zakim]
16:06:51 [kulick]
... action 365
16:06:53 [rigo]
trackbot, close action-312
16:06:53 [trackbot]
Closed ACTION-312 Merge financial logging language.
16:07:01 [justin]
Superseded or done, either way it can be closed.
16:07:11 [kulick]
... over
16:07:16 [npdoty]
16:07:16 [trackbot]
ACTION-368 -- Chris Pedigo to work on updated "service provider"/"processor" definition (with vinay) -- due 2013-02-27 -- OPEN
16:07:16 [trackbot]
16:07:17 [kulick]
adrian: right
16:07:24 [rigo]
trackbot, close Action-365 overtaken by events
16:07:24 [trackbot]
Sorry, rigo, I don't understand 'trackbot, close Action-365 overtaken by events'. Please refer to <> for help.
16:07:26 [kulick]
schunter: <which item?
16:08:01 [kulick]
... will send reminder to associated folks
16:08:02 [Chapell]
Shane is only on IRC
16:08:09 [npdoty]
skipping 368, 369, 375, 376, 377 for absent
16:08:13 [WileyS]
Thank you Alan
16:08:18 [npdoty]
rigo, are you on the call?
16:08:24 [rigo]
16:08:27 [rigo]
ack me
16:08:28 [kulick]
... nick, can you send reminder?
16:08:46 [kulick]
... would like clean up
16:08:51 [kulick]
who is speaking?
16:08:51 [rachel_n_thomas]
folks, the DAA Summit is taking place in DC today, so I know that a lot of folks are tied up there at the moment.
16:08:57 [kulick]
... action 405
16:09:29 [kulick]
rigo: 405 is same as <>... susan is getting decision on audience measurement.
16:09:53 [kulick]
... once feedback, need to provide text and see if addresses Jeff's FAQ
16:10:08 [kulick]
.... please keep open... i will set date to next week
16:10:19 [kulick]
schunter: next action about AU OBA guidelines
16:10:22 [kulick]
rigo: done
16:10:26 [kulick]
.... can be closed
16:10:27 [npdoty]
close action-383
16:10:27 [trackbot]
Closed ACTION-383 Ask Malcom Crompton about the Australian OBA guidelines.
16:10:33 [kulick]
not OBA guidelines in AU at the moment
16:10:51 [kulick]
schunter: done with overdue action items
16:11:05 [kulick]
... nick can you send reminder
16:11:28 [vinay]
Rigo - aren't the ADAA best practice guidelines here:
16:11:36 [kulick]
npdoty: yes, i sent some and i will continue to send. also for those we dont know if we can close.
16:11:37 [Zakim]
16:11:51 [kulick]
schunter: would appreciate delivery dates for associated open action items
16:11:56 [npdoty]
Zakim, who is on the phone?
16:11:57 [Zakim]
On the phone I see eberkower, jackhobaugh, Fielding, moneill2, WaltMichel_Comcast, Rigo, [CDT], [Adobe], +1.650.595.aabb, npdoty, schunter, kulick, adrianba, Peder_Magee, Yianni
16:11:57 [Zakim]
... (muted), David_MacMillan, [Microsoft], chapell, [Apple], +1.678.492.aacc, ninjamarnau
16:12:15 [kulick]
... issues in 3 cats
16:12:30 [Zakim]
16:12:31 [kulick]
. 1. to be discussed, 2. unclear, 3) need decision
16:12:41 [jeffwilson]
jeffwilson has joined #dnt
16:12:47 [kulick]
... issue 137, whether need service provider flag
16:13:08 [kulick]
singer: I am in process of finding my previous write ups
16:13:21 [kulick]
... conclusion: can sail without the flag if we need to
16:13:40 [kulick]
... yes, we can express what we want to thru each of the cases
16:13:42 [npdoty]
Zakim, who is making noise?
16:13:53 [kulick]
schunter: you want discussion with aleecia and jonathan
16:13:59 [Zakim]
npdoty, listening for 11 seconds I heard sound from the following: [Apple] (77%)
16:14:01 [kulick]
singer: yes, let's reopen the discussion
16:14:21 [kulick]
schunter: instead of separate call, you will discuss on the list and then call, if need be
16:14:22 [fielding]
dsinger, was that
16:14:24 [npdoty]
Zakim, drop aabb
16:14:24 [Zakim]
+1.650.595.aabb is being disconnected
16:14:25 [Zakim]
- +1.650.595.aabb
16:14:29 [npdoty]
Zakim, drop aacc
16:14:29 [Zakim]
+1.678.492.aacc is being disconnected
16:14:31 [Zakim]
- +1.678.492.aacc
16:14:37 [Zakim]
16:14:41 [kulick]
... next issue... <mnissed>
16:14:56 [npdoty]
16:14:56 [trackbot]
ISSUE-200 -- Transitive exceptions -- open
16:14:56 [trackbot]
16:14:59 [Zakim]
+ +1.650.595.aadd
16:15:04 [kulick]
issue 200
16:15:07 [Brooks_]
Brooks_ has joined #dnt
16:15:11 [Zakim]
+ +1.678.492.aaee
16:15:11 [kulick]
... trasitive exception
16:15:29 [kulick]
rigo: is 1st party recv site wide exceptions
16:15:47 [kulick]
... <behind, sorry>
16:16:10 [kulick]
... would have transitory perms for eveyone in the auction, but w/o adding to profile
16:16:11 [Brooks]
aacc is Brooks
16:16:26 [kulick]
... shane mentioned that if i have webside exception, i want to be able to add to my profiles
16:16:38 [kulick]
... only on this edge case do we have disagreement
16:17:07 [kulick]
... the text reflects the main thing that with web wide exception allows for adding tp profiles but is not inline with our proposal
16:17:14 [kulick]
... i will work on text
16:17:30 [kulick]
... about some with web wide exception can add to profile
16:17:34 [kulick]
schunter: why cant you?
16:17:45 [kulick]
... seems reasonable to do this
16:17:59 [kulick]
... why does it not work in auction
16:18:14 [WileyS]
If we equate a WW UGE to equate to OOBC then I don't see an issue here
16:18:31 [kulick]
rigo: b/c if you have user granted exc, if you have real estate on the page, transitory dont apply
16:18:32 [WileyS]
WW UGE (Web-Wide User Granted Exception) - OOBC (Out of Band Consent)
16:18:42 [kulick]
... only applies if you dont have direct access to the browser
16:18:58 [kulick]
... question is who is paying for the doubt, user or company
16:19:12 [kulick]
... shane wants user to pay, i want company to pay
16:19:25 [kulick]
schunter: there are multiple issues intermingled here
16:19:33 [kulick]
... 1 issue (missed)
16:19:45 [kulick]
... 2 what extent are you allow to store permissions
16:19:53 [Brooks]
16:19:58 [kulick]
... other opionions?
16:19:58 [npdoty]
Zakim, aaee is Brooks
16:19:58 [Zakim]
+Brooks; got it
16:20:03 [npdoty]
16:20:06 [kulick]
16:20:07 [dsinger]
dsinger has joined #dnt
16:20:09 [schunter]
ack np
16:20:18 [kulick]
nick: clrifiying question
16:20:34 [kulick]
... this case seems about where user doesnt interact with user directly
16:20:39 [kulick]
... server to server
16:21:04 [kulick]
... I thot <missed>
16:21:21 [npdoty]
one relevant email:
16:21:28 [npdoty]
Zakim, drop aadd
16:21:28 [Zakim]
+1.650.595.aadd is being disconnected
16:21:29 [kulick]
rigo: you can indirect
16:21:29 [Zakim]
- +1.650.595.aadd
16:21:57 [kulick]
... we want to avoid reprogramming all auction systems to be rewired to work for redirects
16:22:06 [schunter]
issue 1: Storage of transaction data (if you get an exception that has been transferred)
16:22:08 [Zakim]
+ +1.650.595.aaff
16:22:36 [kulick]
... we were trying to provied a kind of container
16:22:47 [kulick]
schunter: propose that we see rigo and shane's proposals
16:23:00 [npdoty]
Zakim, drop aaff
16:23:00 [Zakim]
+1.650.595.aaff is being disconnected
16:23:02 [Zakim]
- +1.650.595.aaff
16:23:05 [kulick]
rigo: cant do before june 26
16:23:18 [kulick]
schunter: assigning to shane, then
16:24:03 [kulick]
npdoty: this is for action item 203
16:24:11 [kulick]
schunter: correct, please update accordingly
16:24:17 [kulick]
npdoty: what is the work
16:24:32 [kulick]
schunter: spell out agreements and alternatives accordingly
16:24:41 [dsinger]
do we need to remember the 'acting as a service provider to a 3rd party with consent'?
16:24:45 [kulick]
... add a comment and push deadline by a week
16:24:46 [dsinger]
16:25:06 [Zakim]
+ +1.323.253.aagg
16:25:11 [dsinger]
16:25:27 [kulick]
singer: tech poss to say i am a site acting as a 3rd party with consent
16:25:34 [npdoty]
yes, thanks for clarifying for me
16:25:39 [kulick]
rigo:problem is you need prior aggrement
16:25:49 [kulick]
... auction works on post bid agreement
16:25:52 [kulick]
singer: okay
16:26:06 [kulick]
schunter: btw - i opened issue 200, which was closed
16:26:19 [kulick]
... in an old issue
16:26:26 [npdoty]
re-opened action-203, with notes
16:26:45 [kulick]
... should action 396 be associated with this issue
16:26:49 [kulick]
npdoty: yes
16:27:00 [kulick]
schunter: nick, can you report on the progress on this
16:27:29 [kulick]
npdoty: daivd put in text for transitive redirect case, but not server to server case
16:27:49 [kulick]
... C for consent, but need to add new qualifier key
16:27:54 [kulick]
<correct ?>
16:28:06 [npdoty]
16:28:12 [kulick]
schunter: david will add to the text
16:28:22 [npdoty]
use "C" for consent, and a new qualifier "t" for transferred
16:28:26 [kulick]
16:28:47 [kulick]
schunter: this closes 168 ?
16:28:48 [fielding]
why don't you just use a different TSV, like T
16:28:56 [npdoty]
16:28:57 [kulick]
siger: yes will cover the 2 cases
16:29:11 [schunter]
16:29:14 [schunter]
ack n
16:29:15 [npdoty]
16:29:17 [kulick]
<who is speaking>
16:29:49 [kulick]
no reason to respond with 'C'... <missed>... why not just create a new status of 't'
16:30:09 [kulick]
fielding: they may have consent, but also have trasferred consent
16:30:30 [kulick]
... you want them to be diff signals instead of adding 't' as a qualifier
16:30:37 [kulick]
npdoty: worksforme
16:30:46 [kulick]
... i'll update mailing list with that alt
16:30:56 [kulick]
schunter: anything else on the issues we wanted to discuss?
16:31:05 [kulick]
... moving on to where status is unclear
16:31:07 [rigo]
16:31:07 [trackbot]
ISSUE-153 -- What are the implications on software that changes requests but does not necessarily initiate them? -- pending review
16:31:07 [trackbot]
16:31:09 [kulick]
... issue 153
16:31:11 [npdoty]
I think fielding is right, that better handles distinguishing between the transferred case and the independently-having-user-granted-exception case
16:31:17 [npdoty]
open action-396
16:31:28 [kulick]
... there shouldnt be mods between UA and server
16:31:33 [kulick]
... i would close this issue
16:31:39 [kulick]
.... did i overlook something?
16:31:41 [schunter]
16:31:45 [fielding]
So, create a new TSV (perhaps "T") to indicate the the third party does not have consent directly from the user but does have transferred permission from the transitive permission.
16:31:46 [schunter]
16:31:49 [kulick]
... issue 153
16:31:58 [npdoty]
action-396: provide an update, as suggested by Fielding, to use a different tracking status value
16:31:58 [trackbot]
Notes added to ACTION-396 Provide pending review text for signal of transferred/redirected exception (issue 168).
16:32:14 [kulick]
which one?
16:32:36 [kulick]
rigo: related to open action ???
16:32:49 [kulick]
npdoty: it is in pending review as of October
16:32:51 [npdoty]
16:33:07 [kulick]
... jonathan has proposed text
16:33:14 [kulick]
... but there are other alts
16:33:20 [kulick]
... <missed>
16:33:50 [npdoty]
with David Singer, I suggested that we add a requirement that any software that modifies also follow the consent requirements as defined in Section 3
16:33:57 [fielding]
I think this is tied up with the compliance issue?
16:34:00 [Chapell]
16:34:00 [kulick]
rigo: as soon as alt nick mentioned is in the spec we can close the issue
16:34:05 [Chapell]
agree with roy
16:34:13 [Chapell]
there is a key dependency here
16:34:16 [kulick]
schunter: need a volunteer
16:34:22 [npdoty]
16:34:29 [kulick]
rigo: add to 285? and open with new due date ?
16:34:35 [Chapell]
assuming that the group finds consensus re: the de-identification proposal
16:34:40 [schunter]
16:34:44 [npdoty]
ack Chapell
16:35:15 [dsinger]
I added Nick's text to the notes of the action.
16:35:18 [kulick]
chapell: no opinion on this lang so long as group has some info on de-id... however it that doesnt move forward, we need more on this
16:35:28 [justin]
I think it's tied up with *other* compliance issues than deidentification . . .
16:35:33 [kulick]
<think I messed up alan's comments>
16:35:45 [justin]
But still tied up with other ongoing issues.
16:35:48 [npdoty]
my proposal with dsinger was a MUST, rather than a best practice, but Jonathan proposed this alternative
16:35:52 [Chapell]
+1 to justin
16:36:06 [npdoty]
I agree, I don't see the particular connection to de-identification, except for deidentification being an important issue
16:36:16 [kulick]
chapell: not sure what this adds
16:36:56 [kulick]
... de-id is a recognition that there would be invalid DNT signals... we dont know if we can distinguish btw them and that would be built into the sighanl
16:37:04 [kulick]
...dwhat does it add
16:37:19 [kulick]
rigo: the scenario is related to a transparent proxy
16:37:20 [Zakim]
- +1.323.253.aagg
16:37:33 [kulick]
... this is a clear req that software can circumvent
16:37:49 [kulick]
... what are valid toekns
16:38:04 [kulick]
... <missed>
16:38:27 [kulick]
... need to send a header that you are dismissing if you believe invalid
16:38:38 [aleecia]
aleecia has joined #dnt
16:38:47 [kulick]
chapell: why is this a must if called as a best practice
16:38:52 [dsinger]
…and we add to that the consent requirements must be held to
16:38:57 [kulick]
schunter: should be a must if y7ou modify
16:39:04 [kulick]
... another use case
16:39:05 [npdoty]
my proposal from last July:
16:39:09 [Zakim]
+ +1.650.723.aahh
16:39:15 [npdoty]
"> Software outside of the user agent that causes a DNT header to be sent (or modifies existing headers) MUST NOT do so without following the requirements of this section; such software is responsible for assuring the expressed preference reflects the user's intent."
16:39:29 [aleecia]
zakim, aahh is aleecia
16:39:29 [Zakim]
+aleecia; got it
16:39:45 [kulick]
... any intermediatary needs to make sure if support user choice the same as broswer <right?>
16:39:53 [kulick]
chapell: i would move to make must
16:40:05 [npdoty]
Chapell, you can see my "MUST" proposal in IRC above, or in link above
16:40:10 [kulick]
singer: it must follow reqs for setting DNT header
16:40:37 [kulick]
schunter: can it delegate to extension
16:40:57 [kulick]
... as a whole it should happen, some could be by UA and some by extensions
16:41:00 [justin]
Whatever we decide here, it needs to be mapped to whatever we decide on UA requirements in Compliance:
16:41:07 [kulick]
... end product must satisfy reqs
16:41:14 [npdoty]
I proposed text in July 2012, pasted above
16:41:17 [kulick]
chapell to provide requirements
16:41:33 [kulick]
chapell: singer's lang better
16:41:48 [kulick]
schunter: nick, p[ls mod existing action and assign to alan?
16:41:52 [kulick]
npdoty: yes
16:42:01 [kulick]
schunter: thx
16:42:15 [aleecia]
listen only mode
16:42:20 [kulick]
... welcome aleecia
16:42:25 [aleecia]
(Zakim dropped me multiple times this morning already)
16:42:25 [kulick]
... issue 195
16:42:33 [npdoty]
action: chapell to propose new text regarding other software (perhaps building off of npdoty, dsinger)
16:42:33 [trackbot]
Created ACTION-414 - Propose new text regarding other software (perhaps building off of npdoty, dsinger) [on Alan Chapell - due 2013-06-12].
16:42:34 [kulick]
... proposal from ronan
16:42:38 [kulick]
... handling OOB consent
16:42:42 [npdoty]
action-414: issue-153
16:42:42 [trackbot]
Notes added to ACTION-414 Propose new text regarding other software (perhaps building off of npdoty, dsinger).
16:42:47 [kulick]
... 'p' potential consent
16:42:56 [kulick]
... accpt, reject, oither?
16:43:08 [kulick]
... not clear if people are convinced
16:43:19 [kulick]
singer: leaky hole
16:43:20 [aleecia]
I'm 408
16:43:21 [rigo]
agrees with dsinger that this is a leaky hole
16:43:34 [aleecia]
Or rather, was, until joining via work phone
16:43:36 [kulick]
... dont think any users will do this... it seems dangerous
16:43:39 [hefferjr]
16:43:49 [kulick]
schunter: site needs more than 2 secs to get consent
16:43:50 [npdoty]
16:43:51 [rigo]
16:44:00 [kulick]
... so w/o delaying we need another way
16:44:21 [kulick]
singer: user should be able to find from control link
16:44:27 [kulick]
schunter: I would support this lang
16:44:37 [hefferjr]
the information does not necessarily exist at that point in time (as discussed previously)
16:44:42 [npdoty]
16:44:43 [kulick]
... we should not go into details of timing for retrieval
16:44:52 [kulick]
singer: yea
16:45:05 [schunter]
16:45:11 [kulick]
schunter: at control link user can retrienve this but no speak to timing
16:45:12 [schunter]
ack r
16:45:16 [schunter]
ack he
16:45:18 [npdoty]
q+ rigo
16:45:23 [kulick]
ronan: did discuss timing
16:45:25 [justin]
Where is this language?
16:45:29 [kulick]
... 24-48 hrs?
16:45:40 [npdoty]
16:45:42 [kulick]
... data may not be collected in time
16:45:53 [rigo]
16:45:56 [kulick]
schunter: exact hours creates debate
16:46:16 [aleecia]
(this sounds exactly like what a SHOULD is for)
16:46:24 [kulick]
.... therefore we should leave it out and explain why you need more time at the link
16:46:25 [dsinger]
….I fear that any 'come-back-later' is a gaping hole that the nefarious will drive trucks of bad behavior through
16:46:33 [justin]
I had proposed two amendments: can't be used for personalization and can't subsequently reject consent as invalid. I don't think those are adequately reflected in that text.
16:46:34 [rigo]
16:46:47 [kulick]
singer: i dont think it is a gapping hole
16:46:52 [fielding]
There was a question about short term data retention permission being sufficient to make this TSV no longer needed. Did we confirm that or not?
16:46:55 [kulick]
... bad sites will abuse this
16:47:09 [npdoty]
justin, if you can remind us with a text proposal, that would be great
16:47:10 [schunter]
16:47:13 [schunter]
ack np
16:47:17 [fielding]
16:47:19 [kulick]
coorrect: singer: I think IS a gapping hole
16:47:42 [kulick]
npdoty: understand the concern, would be bad if 'p' was over used
16:47:42 [justin]
I can take an action to update this. hefferjr had agreed in concept with the amendments, but not sure it was ever put into text.
16:47:50 [kulick]
... meant for exceptional cases
16:48:01 [hefferjr]
16:48:17 [kulick]
... we could update to say "in this exceptional case..." and see if over used and come back to this
16:48:17 [schunter]
16:48:21 [schunter]
ack ri
16:48:53 [kulick]
rigo: service could send 'p' to evybody
16:49:04 [kulick]
... and then say we find out later who we have for
16:49:06 [npdoty]
yes, rigo is right, the "P" would be used by any such service in all of its responses
16:49:14 [schunter]
16:49:17 [schunter]
I disagree.
16:49:19 [kulick]
... brtowser is unable to determine if data collection is propotionate
16:49:41 [npdoty]
action: brookman to provide text proposal regarding limitations on using a Potential Consent signal
16:49:41 [trackbot]
Created ACTION-415 - Provide text proposal regarding limitations on using a Potential Consent signal [on Justin Brookman - due 2013-06-12].
16:49:50 [kulick]
... <gist is will be abused>
16:49:58 [schunter]
The "P" does not give any extra permissions. It just is a relaxation of the information requirement.
16:50:16 [kulick]
... "p" opens too much
16:50:19 [npdoty]
rigo: "P" signal would be sent for everyone
16:50:27 [kulick]
schunter: our understanding might be diff then
16:50:39 [kulick]
... "p" doesnt give extra perms
16:50:52 [kulick]
... it just says i cannot tell you at this point
16:51:01 [kulick]
... it doesnt allow you to do anything with the data
16:51:10 [kulick]
... you must be on safe side
16:51:21 [dsinger]
I really fear 'P' is an invitation for sites to be lazy. If it's any amount of work to do the check that 'C' requires to work at the control link, sites will say 'P' to everyone all the time.
16:51:38 [npdoty]
I think schunter is right that this does not create a new permitted use or new retention possibility, it's just a different signal back to the user
16:51:39 [dsinger]
The *is* a short-term storage permitted use already.
16:51:41 [kulick]
... doesnt give extra perms, but delays cheking for consent
16:51:53 [dsinger]
s/The *is*/There *is*/
16:52:22 [kulick]
... alt discussed is just declare '1' or '3'. as '3' you still have perms to say if I have consent to use the data
16:52:40 [schunter]
16:52:41 [kulick]
... if find out that I can consent then I can keep your data
16:52:44 [schunter]
ack fi
16:52:54 [kulick]
fielding: same point as schunter
16:52:59 [kulick]
... other alt
16:53:35 [aleecia]
DNT fails.
16:53:45 [kulick]
... to the dangerous loophole concern:
16:54:09 [kulick]
no danger implied by holding danger for time to identify consent, here we are making it more explicit
16:54:15 [schunter]
16:54:21 [kulick]
... danger notion doesnt match
16:54:34 [npdoty]
I think the danger might be that signals will stop losing their meaning if "P" is always returned and the user never knows if they are being tracked with consent
16:54:38 [schunter]
ack r
16:54:39 [kulick]
schunter: if add under '3', people dont understand if stored long term
16:54:41 [schunter]
ack h
16:54:43 [dsinger]
…agree with Roy that the short-term raw data retention is there and OK. The question is whether the use will know whether there is retention and tracking beyond that. P makes it effectively impossible for the user to know, and it's too attractive for sites to say P all the time.
16:54:45 [kulick]
ronan: echo matthias
16:54:56 [kulick]
... no permited use... it is permitted retention
16:55:07 [kulick]
... text also has should determine in real time
16:55:27 [kulick]
... 'p' prtovides more transparency
16:55:34 [dsinger]
16:55:36 [dsinger]
16:55:40 [kulick]
... '3' works but is less transparent to users
16:55:47 [kulick]
singer: i dont agree
16:55:49 [fielding]
dsinger, but that is still better than receiving 3 (and actually keeping data if there is consent) or not being able to send any response because we forbid these systems from complying with DNT
16:55:56 [npdoty]
ack dsin
16:56:08 [rigo]
Roy, I think you assume that the browser is not reacting while I assume that the browser reacts, thus my different opinion. Under your assumption, Roy, I would agree with you...
16:56:15 [hefferjr]
16:56:28 [kulick]
... alot of sites will read this as i dont need to create ctonrol link <?>
16:56:41 [justin]
This only applies to market research companies, not OBA companies (assuming my amendment goes through).
16:56:43 [kulick]
... 3 times to check for consent
16:56:56 [kulick]
... 1. as user interaction
16:57:07 [kulick]
... 2. user visits control link
16:57:16 [kulick]
... you hav minutes at this point
16:57:21 [npdoty]
justin, but users have an interest in knowing what's going on whether the business practice is OBA or market research, yeah?
16:57:30 [kulick]
... 3. 24-48 hours later after data agg
16:57:48 [schunter]
Suggested way forward: "say that the control link provides information "as soon as technically possible"" and try to add the extensions of Justin
16:57:55 [kulick]
... okay with 1 and 2, but feel 3 is too big a hole
16:58:07 [kulick]
schunter: control link should provide as technically possible
16:58:20 [fielding]
justin, yes -- I am assuming this excludes personalization
16:58:21 [justin]
npdoty, Yes, I have concerns either way. I don't love this rule, just trying to make it as palatable as possible.
16:58:23 [kulick]
singer: but you cannot find out sometimes
16:58:43 [kulick]
... need to say that control link will tell you whether you have consent or not
16:58:58 [npdoty]
fielding, justin, as this doesn't add new permitted uses, I think it necessarily excludes using the data for personalization before consent is determined
16:59:00 [kulick]
schunter: justin mention some reaonable constraints
16:59:20 [kulick]
... i suggest moving forward with control link text w/o time
16:59:23 [npdoty]
16:59:23 [trackbot]
ACTION-414 -- Alan Chapell to propose new text regarding other software (perhaps building off of npdoty, dsinger) -- due 2013-06-12 -- OPEN
16:59:23 [trackbot]
16:59:31 [justin]
singer, I have an action to provide text, will circulate to list.
16:59:33 [npdoty]
16:59:33 [trackbot]
ACTION-415 -- Justin Brookman to provide text proposal regarding limitations on using a Potential Consent signal -- due 2013-06-12 -- OPEN
16:59:33 [trackbot]
16:59:40 [rigo]
16:59:45 [kulick]
... then wew ill review revised text
16:59:54 [npdoty]
action-415: dsinger can add this new text to the spec, and allow group review
16:59:54 [trackbot]
Notes added to ACTION-415 Provide text proposal regarding limitations on using a Potential Consent signal.
17:00:00 [kulick]
... should add explict that 'p' does not provide usage of the data
17:00:02 [schunter]
17:00:05 [schunter]
ack h
17:00:09 [dsinger]
17:00:09 [trackbot]
ACTION-415 -- Justin Brookman to provide text proposal regarding limitations on using a Potential Consent signal -- due 2013-06-12 -- OPEN
17:00:09 [trackbot]
17:00:13 [kulick]
ronan: find with no time
17:00:23 [kulick]
... still gives us 72 hours
17:00:37 [justin]
npdoty, You might be right about that. Still want to make clear that you can't reject DNT:1 signal later.
17:00:49 [kulick]
... how about outer bound
17:01:34 [kulick]
schunter: outer bound means you have to delete data if regardless if you know if you have consent or not
17:01:53 [kulick]
ronan: outer bound is privacy enhancing
17:02:13 [schunter]
17:02:14 [rigo]
17:02:16 [schunter]
ack ri
17:02:16 [npdoty]
is the outer bound implied as an outer bound for retention? or outer bound for returning a signal back to the user?
17:02:25 [kulick]
rigo: 1 question, 1 remark
17:02:38 [kulick]
... when have 72 hours outer bound... should say up to 72 hours
17:02:42 [kulick]
... question
17:02:56 [kulick]
... roy's remark made me rethink my pos
17:03:08 [kulick]
... do browser intend to have reaction on response
17:03:12 [schunter]
The outer bound for retention is the maximum time you may need to determine consent. If you need longer, you may be forced to answer "I was unable to find out whether I had consent from you in a timely fashion, therefore I did not keep your data."
17:03:19 [Zakim]
17:03:38 [kulick]
<missed.... sorry rigo, you are hard to scribe>
17:03:57 [aleecia]
Rigo - there is more to life than browsers
17:03:59 [npdoty]
I don't think there is any scenario where after an amount of time a service will have a definite answer on consent because it's always possible that for new requests the consent may have received in the meantime
17:04:01 [npdoty]
17:04:08 [Zakim]
17:04:13 [kulick]
npdoty: 1 concern
17:04:19 [WileyS]
As with other items, I believe we should avoid arbitrary timeframes in normative text but could offer thoughts in non-normative
17:04:58 [kulick]
schunter: wait and look at text then move forward
17:05:02 [rigo]
NP: if p would be predominant the browser couldn't inform the user anymore in time
17:05:19 [fielding]
well, the sender of P still needs to obtain that consent -- I have a hard time understanding what the problem would be that browsers can't mess up the UI.
17:05:35 [kulick]
npdoty: david to work with ronan
17:06:00 [kulick]
schunter: 137
17:06:06 [kulick]
... in david's hands
17:06:12 [kulick]
... <what number>
17:06:15 [npdoty]
action: singer to review potential consent proposal (including updates from justin), may provide alternative regarding control link
17:06:15 [trackbot]
Created ACTION-416 - Review potential consent proposal (including updates from justin), may provide alternative regarding control link [on David Singer - due 2013-06-12].
17:06:21 [dsinger]
17:06:27 [kulick]
... 416
17:06:30 [npdoty]
17:06:31 [trackbot]
ISSUE-151 -- User Agent Requirement: Be able to handle an exception request -- open
17:06:31 [trackbot]
17:06:37 [kulick]
... on 151...
17:06:39 [rigo]
RW: only concerned if the browser reacts on DNT signals by e.g. sending less chatter or personal data, then p is dangerous as it mainly requires the browser to open up as a reaction. So the browser would have to block things in p as the state is unclear
17:06:52 [kulick]
... not a must, but a should... some say it doesnt matter
17:06:56 [npdoty]
17:06:59 [schunter]
17:07:06 [schunter]
ack n
17:07:10 [rigo]
17:07:16 [fielding]
rigo, no more than it would have to do so for sites that don't support DNT at all.
17:07:22 [kulick]
npdoty: the must req is just having a section in the spec
17:07:36 [dsinger]
17:07:40 [kulick]
... do we have alt text for proposal
17:07:41 [Chapell]
17:07:43 [npdoty]
q- ...
17:07:45 [npdoty]
q- in
17:07:47 [rigo]
fielding: right, but then P won't by Ronan anything anyway
17:07:58 [rigo]
q- later
17:07:59 [schunter]
17:08:07 [schunter]
ack da
17:08:08 [kulick]
schunter: do we need alt text?
17:08:26 [npdoty]
ack dsing
17:08:34 [kulick]
singer: spoke about this in camb
17:08:38 [eberkower]
eberkower has joined #dnt
17:08:45 [kulick]
... would be redundant to add
17:09:08 [kulick]
... want to see must inserted to avoiud abuse
17:09:08 [schunter]
17:09:15 [fielding]
well, that effectively means we should remove UGE from the spec.
17:09:15 [schunter]
ack C
17:09:19 [npdoty]
might have missed that last point, dsinger -- you want to add an explicit "MUST" here
17:09:28 [kulick]
chapell: how is this significanntly diff from discussion 30 mins ago
17:09:35 [npdoty]
... or you want to *not* say "MUST"?
17:09:37 [kulick]
... software altering/sending signal
17:09:42 [kulick]
... why is this diff?
17:09:42 [npdoty]
17:09:42 [trackbot]
ACTION-151 -- JC Cannon to write up personalization-without-tracking on loggedinness (with David and Shane) -- due 2012-03-28 -- CLOSED
17:09:42 [trackbot]
17:09:45 [npdoty]
17:09:46 [trackbot]
ISSUE-151 -- User Agent Requirement: Be able to handle an exception request -- open
17:09:46 [trackbot]
17:09:55 [fielding]
17:10:00 [kulick]
... isnt this just an exaqmple of software changing signal
17:10:18 [kulick]
npdoty: this is related to browser, not UA
17:10:27 [npdoty]
s/not UA//
17:10:34 [kulick]
schunter: all UA must have exception APIs
17:10:42 [dsinger]
the other practical point is that there is no functional difference between a UA that doesn't implement and a UA that always says 'no'.
17:10:43 [schunter]
17:10:49 [schunter]
ack rig
17:11:00 [dsinger]
I am completely opposed to a MUST
17:11:00 [kulick]
... convergin to a must
17:11:06 [adrianba]
does the spec say that the api is optional?
17:11:33 [npdoty]
the current text in the spec does not include a MUST or indication that it's optional
17:11:35 [fielding]
17:11:36 [kulick]
singer: if will be abuse, i am against must
17:11:48 [kulick]
chapell: not sure how we address that
17:12:07 [npdoty]
singer: if sites will use this as a reason to ignore the user's signal, then I am against adding a MUST
17:12:13 [kulick]
rigo: biggest dang for DNT are people not here just imp to spawn dnt headers
17:12:20 [kulick]
... kills our ecosystem
17:12:33 [Chapell]
WileyS may want to weigh in on this
17:12:46 [kulick]
... my aim was to protect the eco system
17:12:56 [dsinger]
Also, we heard in Cambridge that sites would make no practical difference to the users, whether DNT is set or not; under those circumstances, why would sites ask, and why would users grant, an exception?
17:13:00 [kulick]
... by those investing and have exception, you cannot ignore them
17:13:11 [kulick]
... and claim compliance
17:13:40 [dsinger]
The issue of equipment/software that randomly injects DNT signals is real, and will exist whether or not we write this into the spec. We need a serious discussion on how to handle this.
17:13:40 [adrianba]
in the end everything is optional for implementers but unless the spec says the feature is optional you can't claim to comply with 100% of the requirements in the spec if you do not implement all the non-optional pieces
17:13:54 [kulick]
... if other better way to exclude bad routers and killers of ecosystem, i can drop issue ???101???
17:14:06 [kulick]
singer: i dont have intermediate evildoer problem
17:14:17 [npdoty]
rigo, I think our text responses to issue-153 are likely to prohibit the invalid spawning of signals without user consent; adding an additional emphasis that the JavaScript API must be implemented may not help us
17:14:18 [Chapell]
I propose we table this discussion
17:14:22 [kulick]
... needs seriously discussion... must in text doesnt matter
17:14:37 [npdoty]
17:14:52 [fielding]
17:15:05 [npdoty]
I believe we have already rejected the idea of orphaning legacy agents by changing DNT: 1 to a different value later
17:15:07 [kulick]
... changing from dnt:1 to dnt:something might be good idea
17:15:14 [kulick]
<not scribing jokes>
17:15:37 [kulick]
... suggest not tying with extra musts
17:15:51 [Chapell]
+1 to Roy
17:15:59 [kulick]
<missed roy's>
17:16:06 [adrianba]
writing MUST in spec doesn't change if it gets implemented
17:16:13 [rigo]
IMHO this is why I raised the issue, so we have to ponder and noodle on it
17:16:15 [kulick]
fielding: sites have to imp OOB consent mech
17:16:27 [justin]
Two browsers have said they don't want it, and I know other advocates (and Ed Felten) have expressed concerns about putting a MUST in here. Not sure there is consensus.
17:16:30 [npdoty]
dsinger: adrian has indicated that he is working on implementing it; other companies are unable to comment
17:16:57 [kulick]
... only reason to justify in the spec and this everyone <missed> ... if in spec should be must, if not remove from spec altogher
17:17:04 [npdoty]
we could mark it as risk, but I agree with adrian that adding more MUSTs doesn't seem to make it *more* likely to be implemented
17:17:13 [rigo]
17:17:18 [fielding]
17:17:32 [kulick]
singer: if adding musts on UA, we need more musts on sites
17:17:49 [fielding]
MUST implement the WKL is a huge requirement on sites
17:17:56 [kulick]
schunter: i believe sites already have quite a few musts
17:18:05 [rigo]
17:18:06 [kulick]
... how to move forward
17:18:17 [kulick]
... must or not must... that is the question
17:18:18 [justin]
Chair's decision seems to be right approach here.
17:18:18 [schunter]
17:18:24 [npdoty]
we can postpone this discussion, I was just asking whether we need alternatives from the current text
17:18:25 [npdoty]
17:18:30 [dsinger]
yes, I am saying that
17:18:34 [kulick]
rigo: compromise?
17:18:35 [rigo]
ack rig
17:18:38 [schunter]
"to MUST or not to MUST" ;-)
17:19:01 [fielding]
we could make it conditional : sites that block on the basis of TSV responses MUST implement the UGE?
17:19:13 [fielding]
17:19:43 [schunter]
Way forward: "SHOULD" and wait for last call
17:19:45 [kulick]
... if leave open in lastr call and have in cr exit criteria, then make exception api a should and how it works how bad the ambient header noise is
17:19:55 [kulick]
singer: seeing experience is good
17:20:07 [kulick]
schunter: add as should and evaluate at last call
17:20:08 [fielding]
SHOULD is fine
17:20:21 [Chapell]
I'm not sure we have the right folks on the call --- we should leave open for now
17:20:36 [kulick]
rigo: SHOULD now
17:20:43 [npdoty]
we would mark it in the ISSUE, and then include text in our last call/cr announcements
17:20:48 [dsinger]
we should insert the 'UAs should implement the exception API" and we add a NOTE saying "under consideration, for last call, to be a MUST"
17:21:05 [Chapell]
If memory serves, WileyS had a strong opinion on this issue - and he is not on the call
17:21:16 [schunter]
17:21:17 [kulick]
... and issue 151, resolved or postponed with comment we have this resolution we want to test and if need be, this can become a MUST
17:21:19 [npdoty]
Chapell, I don't think we're closing the issue right now (matthias would send around email about it), just a possible way forward
17:21:23 [npdoty]
Zakim, who is making noise?
17:21:29 [rigo]
zakim, who is making noise?
17:21:31 [npdoty]
Zakim, drop hefferjr
17:21:31 [Zakim]
hefferjr is being disconnected
17:21:32 [Zakim]
17:21:35 [Zakim]
npdoty, listening for 10 seconds I heard sound from the following: schunter (51%)
17:21:41 [schunter]
17:21:48 [Zakim]
rigo, listening for 12 seconds I heard sound from the following: schunter (54%)
17:21:58 [Chapell]
npdoty sounds good. thanks
17:21:59 [kulick]
schunter: we have a way forward... action in singer to add a should
17:22:05 [kulick]
17:22:13 [hefferjr]
sorry about that, this technology is beyond me
17:22:29 [npdoty]
action: singer to provide proposal regarding SHOULD and last call / CR notes regarding implementing exceptions API
17:22:29 [trackbot]
Created ACTION-417 - Provide proposal regarding SHOULD and last call / CR notes regarding implementing exceptions API [on David Singer - due 2013-06-12].
17:22:32 [kulick]
rigo: progress. yah
17:22:39 [npdoty]
action-417 due 06-19
17:22:39 [trackbot]
Set ACTION-417 Provide proposal regarding SHOULD and last call / CR notes regarding implementing exceptions API due date to 06-19.
17:22:41 [kulick]
schunter: issue 164
17:22:45 [npdoty]
17:22:46 [trackbot]
ISSUE-164 -- To what extent should the "same-party" attribute of tracking status resource be required -- open
17:22:46 [trackbot]
17:22:54 [kulick]
... 3 alts
17:23:02 [kulick]
... 1. completely optional
17:23:12 [kulick]
... 2. mulitple domains should declare
17:23:27 [kulick]
3. UA may assume you are diff parties if you dont declare
17:23:38 [kulick]
... 3. UA may assume you are diff parties if you dont declare
17:23:42 [schunter]
17:23:46 [kulick]
... my fav is 3
17:23:48 [rigo]
my suggested text:
17:23:53 [npdoty]
do we have text proposals for the alternatives?
17:24:02 [moneill2]
+1 for C
17:24:21 [rigo]
npdoty, see end of my email
17:24:22 [kulick]
... any other points
17:24:29 [fielding]
I said above (missed) that sites already have to implement OOB consent. The premise for having UGE in the spec is that sites will eventually be able to use it when all browsers implement UGE -- otherwise, sites have to keep using OOB consent forever. That is why the spec needs to require implementation of UGE, or remove the functionality from the spec because it is redundant.
17:24:48 [dsinger]
yes, UAs may question why you claim '1' status when you appear unrelated to the first party
17:25:14 [kulick]
... unless objection... option C (3 in scribe notes... doh!)
17:25:21 [rigo]
schunter: accept that text and put in the spec:
17:25:33 [fielding]
okay, not sure I am happy with exact wording
17:25:44 [schunter]
we can fine-tune the wording.
17:26:06 [npdoty]
I think rigo is proposing no new requirements, but the recommendation, with Roy clarifying wording
17:26:10 [kulick]
schunter: actio to Roy to put in spec
17:26:36 [kulick]
... 1 more item
17:26:36 [rigo]
npdoty, yep no new requirements, just non-normtive text
17:26:43 [kulick]
... issue 161
17:26:46 [dsinger]
17:26:46 [trackbot]
ISSUE-161 -- Do we need a tracking status value for partial compliance or rejecting DNT? -- pending review
17:26:46 [trackbot]
17:26:52 [Zakim]
17:26:57 [npdoty]
action: fielding to add text to spec regarding conditions where it would be useful to indicate same-party member
17:26:57 [trackbot]
Created ACTION-418 - Add text to spec regarding conditions where it would be useful to indicate same-party member [on Roy Fielding - due 2013-06-12].
17:27:26 [rigo]
17:27:27 [kulick]
... jonathan is okay with '!' but has concerns with 'd'
17:27:41 [kulick]
... '!' is accepted
17:27:45 [npdoty]
action-418: can work off of, but Rigo certainly accepts any improvements in language
17:27:45 [trackbot]
Notes added to ACTION-418 Add text to spec regarding conditions where it would be useful to indicate same-party member.
17:28:00 [kulick]
... 'D' means i disregard your signal
17:28:04 [dsinger]
The point is that IF they are going to disregard you, at least tell the user
17:28:06 [rigo]
17:28:06 [Zakim]
17:28:08 [schunter]
17:28:13 [schunter]
ack rigo
17:29:02 [npdoty]
q+ to ask indeterminate or non-compliant
17:29:04 [kulick]
singer: concern is more suttle... disregard is compliant... need add to text that compliance is indetermine in this case
17:29:11 [kulick]
... if 'D' at least tell why
17:29:33 [kulick]
rigo: from legal, '!' and 'D' is the same
17:30:03 [dsinger]
so, I want to add to 5.2.8 "The compliance of the Disregard signal is indeterminate; it may be compliant or not compliant, depending on the reasons or circumstances."
17:30:31 [dsinger]
17:30:34 [dsinger]
17:30:35 [schunter]
+ explain why somewhere
17:30:40 [schunter]
ack np
17:30:40 [Zakim]
npdoty, you wanted to ask indeterminate or non-compliant
17:30:47 [kulick]
... i understand concern, but abuse would be highlighted soon
17:31:13 [kulick]
npdoty: i thot '!' doesnt mean compliance... <???missed>
17:31:23 [adrianba]
17:31:26 [Zakim]
17:31:33 [dsinger]
I also want a required "why" somewhere in the WKR
17:31:39 [schunter]
17:31:42 [schunter]
ack d
17:31:52 [kulick]
schunter: might need to postpone due to time.
17:31:59 [npdoty]
npdoty: I thought "!" indicated non-compliance and must not be used in compliance; we could do the same with "D", to say that it's never compatible with complying with a user's preference
17:32:07 [fielding]
17:32:10 [schunter]
ack ad
17:32:13 [kulick]
singer: want to see why is disregarded and user can act upon that
17:32:20 [kulick]
adrian: agreed with david
17:32:21 [npdoty]
dsinger, current text requires explanation in the privacy policy
17:33:01 [Zakim]
17:33:02 [kulick]
... i think signal should be 'D' disregard the signal b/c upon reason I dont think i should follow it b/c it is believe the source is not compliant or not readable
17:33:14 [rigo]
because I'm not able to honor, so +1 to adrianba
17:33:16 [Zakim]
17:33:18 [rigo]
17:33:28 [dsinger]
…maybe I am under a court order to keep complete records of my visitors because I did something bad in the past. Under those circumstances, I have to disregard you...
17:33:29 [kulick]
schunter: action item to update text?
17:33:32 [schunter]
ack fi
17:33:33 [Zakim]
17:33:36 [kulick]
speaker? fielding?
17:33:40 [schunter]
17:33:41 [schunter]
17:34:21 [schunter]
"D should be used in exceptional cases and policy should explain when it is used"
17:34:26 [kulick]
fielding: should add info as to non-compliance in policy
17:34:32 [kulick]
... i dont want in spearate field
17:34:51 [dsinger]
totally fine if the policy has to explain when 'D' may be used. As long as we require the explanation somewhere, that's fine.
17:35:12 [npdoty]
might be hard to get agreement on "in exceptional cases" if implementers believe they will use it predominantly
17:35:12 [fielding]
17:35:30 [kulick]
schunter: 'D' in exceptional cases, but policy says why/when not respected
17:35:33 [fielding]
"An origin server that sends this tracking status value MUST detail within the server's corresponding privacy policy the conditions under which a tracking preference might be disregarded."
17:35:43 [npdoty]
dsinger, adrian, if you're happy with the existing text which requires "privacy policy", then we don't need a new action
17:35:47 [dsinger]
so, summary: (1) say it should be 'rarely' used; (2) say that the compliance is indeterminate; (3) say that the privacy policy must explain
17:35:53 [kulick]
... update text and see if jonathan's concern is mitigated
17:36:36 [kulick]
schunter: roy is taking action item
17:36:48 [npdoty]
action: fielding to update Disregard signal with conditions (rarely and indeterminate)
17:36:48 [trackbot]
Created ACTION-419 - Update Disregard signal with conditions (rarely and indeterminate) [on Roy Fielding - due 2013-06-12].
17:36:52 [kulick]
... for 1 and 2 of singer's comment above
17:37:08 [npdoty]
action-419: dsinger: so, summary: (1) say it should be 'rarely' used; (2) say that the compliance is indeterminate; (3) say that the privacy policy must explain
17:37:08 [trackbot]
Notes added to ACTION-419 Update Disregard signal with conditions (rarely and indeterminate).
17:37:11 [dsinger]
yes, Rigo, that's the point of 'rarely' used
17:37:31 [kulick]
rigo: concern is where you claim something you do not do
17:37:40 [kulick]
schunter: give rigo action for text
17:37:46 [Zakim]
17:37:58 [npdoty]
action: rigo to propose non-normative text on use of Disregard signal
17:37:58 [trackbot]
Created ACTION-420 - Propose non-normative text on use of Disregard signal [on Rigo Wenning - due 2013-06-12].
17:37:59 [kulick]
... 137 is big concern
17:38:02 [fielding]
actually, one problem with "rarely" is what that means: MSIE 10 will be disregarded whether it is rare or not
17:38:26 [kulick]
... bye
17:38:47 [Zakim]
17:38:49 [kulick]
<scribe needs to leave> bye
17:38:55 [npdoty]
thanks to kulick for scribing!
17:38:57 [kulick]
kulick has left #dnt
17:39:07 [Zakim]
17:39:08 [Zakim]
17:39:09 [Zakim]
17:39:11 [Zakim]
17:39:11 [Zakim]
17:39:13 [Zakim]
17:39:13 [Zakim]
17:39:14 [Zakim]
17:39:15 [Zakim]
17:39:17 [npdoty]
Zakim, list attendees
17:39:17 [Zakim]
As of this point the attendees have been eberkower, +1.202.347.aaaa, jackhobaugh, Fielding, moneill2, WaltMichel_Comcast, Rigo, [CDT], [Adobe], npdoty, +1.650.595.aabb, kulick,
17:39:20 [Zakim]
... Aleecia, schunter, adrianba, Peder_Magee, [DAA], [Microsoft], Yianni, David_MacMillan, chapell, +1.678.492.aacc, ninjamarnau, JeffWilson, hefferjr, +1.650.595.aadd,
17:39:20 [Zakim]
... +1.678.492.aaee, Brooks, dsinger, +1.650.595.aaff, +1.323.253.aagg, +1.650.723.aahh
17:39:20 [Zakim]
17:39:20 [Zakim]
17:39:25 [Zakim]
17:39:27 [Zakim]
T&S_Track(dnt)12:00PM has ended
17:39:27 [Zakim]
Attendees were eberkower, +1.202.347.aaaa, jackhobaugh, Fielding, moneill2, WaltMichel_Comcast, Rigo, [CDT], [Adobe], npdoty, +1.650.595.aabb, kulick, Aleecia, schunter, adrianba,
17:39:27 [Zakim]
... Peder_Magee, [DAA], [Microsoft], Yianni, David_MacMillan, chapell, +1.678.492.aacc, ninjamarnau, JeffWilson, hefferjr, +1.650.595.aadd, +1.678.492.aaee, Brooks, dsinger,
17:39:27 [Zakim]
... +1.650.595.aaff, +1.323.253.aagg, +1.650.723.aahh
17:39:30 [npdoty]
rrsagent, please draft the minutes
17:39:30 [RRSAgent]
I have made the request to generate npdoty
17:39:46 [npdoty]
rrsagent, make logs public
20:28:27 [schunter1]
schunter1 has joined #dnt