IRC log of dnt on 2014-06-11

Timestamps are in UTC.

15:44:36 [RRSAgent]
RRSAgent has joined #dnt
15:44:36 [RRSAgent]
logging to
15:44:38 [trackbot]
RRSAgent, make logs world
15:44:40 [trackbot]
Zakim, this will be TRACK
15:44:41 [Zakim]
ok, trackbot; I see T&S_Track(dnt)12:00PM scheduled to start in 16 minutes
15:44:41 [trackbot]
Meeting: Tracking Protection Working Group Teleconference
15:44:41 [trackbot]
Date: 11 June 2014
15:45:32 [wseltzer]
wseltzer has changed the topic to: Agenda, June 11:
15:45:39 [wseltzer]
zakim, clear agenda
15:45:40 [Zakim]
agenda cleared
15:46:01 [wseltzer]
agenda+ Service Providers
15:46:08 [wseltzer]
agenda+ Data Append and First Parties
15:46:15 [wseltzer]
agenda+ Context Separation*_
15:46:32 [wseltzer]
agenda+ Data Minimization
15:49:44 [Zakim]
T&S_Track(dnt)12:00PM has now started
15:49:51 [Zakim]
+ +1.646.654.aaaa
15:52:36 [JackHobaugh]
JackHobaugh has joined #dnt
15:56:34 [Zakim]
15:56:43 [wseltzer]
zakim, who is here?
15:56:45 [Zakim]
On the phone I see +1.646.654.aaaa, Wendy
15:56:45 [Zakim]
On IRC I see JackHobaugh, RRSAgent, rvaneijk, hober, Zakim, walter, trackbot, wseltzer
15:56:45 [Zakim]
15:56:45 [fielding]
fielding has joined #dnt
15:57:37 [Nielsen__Raymond_]
Nielsen__Raymond_ has joined #dnt
15:57:39 [JackHobaugh]
not yet - soon
15:57:57 [Nielsen__Raymond_]
Zakim, mute me please
15:57:58 [Zakim]
sorry, Nielsen__Raymond_, I do not know which phone connection belongs to you
15:58:22 [Nielsen__Raymond_]
15:58:28 [wseltzer]
zakim, aaaa is Nielsen__Raymond_
15:58:29 [Zakim]
+Nielsen__Raymond_; got it
15:58:35 [Nielsen__Raymond_]
15:58:52 [Chris_M]
Chris_M has joined #dnt
15:59:17 [Zakim]
15:59:25 [Zakim]
15:59:39 [Zakim]
15:59:44 [magee]
magee has joined #dnt
15:59:51 [Zakim]
15:59:58 [Chris_M]
just joined the phone call
16:00:11 [WaltMichel]
WaltMichel has joined #DNT
16:00:22 [Zakim]
16:00:22 [Chris_M]
big crowed today ;)
16:00:23 [amm]
amm has joined #dnt
16:00:28 [wseltzer]
zakim, ??p5 is Chris_M
16:00:29 [Zakim]
+Chris_M; got it
16:00:39 [sidstamm]
sidstamm has joined #dnt
16:00:45 [Zakim]
16:00:47 [Zakim]
16:00:57 [wseltzer]
zakim, who is on the call?
16:00:58 [Zakim]
On the phone I see Nielsen__Raymond_, Wendy, rvaneijk, Peder_Magee, Amy_Colando, Fielding, Chris_M, Jack_Hobaugh, Chris_Pedigo, WaltMichel
16:01:09 [loan]
loan has joined #dnt
16:01:18 [Zakim]
16:01:21 [Zakim]
16:01:30 [Richard_comScore]
Richard_comScore has joined #dnt
16:01:33 [moneill2]
moneill2 has joined #dnt
16:01:34 [Zakim]
16:01:47 [Zakim]
16:02:03 [vinay]
vinay has joined #dnt
16:02:04 [justin]
justin has joined #dnt
16:02:20 [Zakim]
16:02:28 [Zakim]
16:02:28 [Zakim]
16:02:38 [Alan]
Alan has joined #dnt
16:02:39 [ChrisPedigoOPA]
ChrisPedigoOPA has joined #dnt
16:02:49 [Zakim]
16:02:52 [justin]
zakim, who is on the phone?
16:02:53 [sidstamm]
apologies all, I'm en route and having phone/irc connection difficulties
16:02:53 [Zakim]
On the phone I see Nielsen__Raymond_, Wendy, rvaneijk, Peder_Magee, Amy_Colando, Fielding, Chris_M, Jack_Hobaugh, Chris_Pedigo, WaltMichel, RichardWeaver, Aleecia, vinay, kulick,
16:02:53 [Zakim]
... Chris_IAB, [CDT]
16:02:55 [Zakim]
16:03:03 [justin]
zakim, cdt has me
16:03:04 [Zakim]
+justin; got it
16:03:09 [moneill2]
zakim, [IPCaller] is me
16:03:10 [Zakim]
+moneill2; got it
16:03:27 [wseltzer]
zakim, Chris_IAB is really Alan_IAB
16:03:28 [Zakim]
+Alan_IAB; got it
16:03:47 [wseltzer]
zakim, who is here?
16:03:49 [Zakim]
On the phone I see Nielsen__Raymond_, Wendy, rvaneijk, Peder_Magee, Amy_Colando, Fielding, Chris_M, Jack_Hobaugh, Chris_Pedigo, WaltMichel, RichardWeaver, Aleecia, vinay, kulick,
16:03:49 [Zakim]
... Alan_IAB, [CDT], moneill2
16:03:49 [Zakim]
[CDT] has justin
16:03:49 [Zakim]
On IRC I see ChrisPedigoOPA, Alan, justin, vinay, moneill2, Richard_comScore, loan, sidstamm, amm, WaltMichel, magee, Chris_M, Nielsen__Raymond_, fielding, JackHobaugh, RRSAgent,
16:03:53 [Zakim]
... rvaneijk, hober, Zakim, walter, trackbot, wseltzer
16:03:53 [Zakim]
16:03:57 [justin]
scribenick: moneill2
16:04:19 [sidstamm]
+regrets sidstamm
16:04:28 [justin]
16:04:33 [Zakim]
16:04:44 [moneill2]
<justin>: last call ending next tuesday, WP29 has commented 6 issue
16:04:46 [WileyS]
WileyS has joined #dnt
16:04:53 [Zakim]
16:04:55 [Brooks]
Brooks has joined #dnt
16:05:24 [justin]
16:05:33 [moneill2]
justin, will come back with process how to deal with comments
16:05:39 [wseltzer]
zakim, take up agendum 1
16:05:39 [Zakim]
agendum 1. "Service Providers" taken up [from wseltzer]
16:05:50 [wseltzer]
16:05:50 [trackbot]
issue-206 -- Service Provider name and requirements -- open
16:05:50 [trackbot]
16:05:58 [wseltzer]
16:05:58 [trackbot]
issue-49 -- Third party as first party - is a third party that collects data on behalf of the first party treated the same way as the first party? -- pending review
16:05:58 [trackbot]
16:06:18 [kulick]
kulick has joined #dnt
16:06:23 [wseltzer]
s/justin, /justin: /
16:06:43 [moneill2]
justin, a service provider could act to conwey data between contexts?
16:07:16 [moneill2]
fielding, key is what party are they when data is used
16:08:06 [moneill2]
fielding, whether they are service provider does not change the situation.
16:08:19 [wseltzer]
s/justin, /justin: /
16:08:28 [wseltzer]
s/fielding, /fielding: /g
16:09:08 [moneill2]
justin, a service provider may be acting for hundreds of contractee
16:09:22 [wseltzer]
s/justin, /justin: /g
16:09:42 [moneill2]
justin, maybe best deal with the issue when we talk about 219
16:10:15 [kulick]
kulick has joined #dnt
16:11:02 [Zakim]
16:11:15 [Zakim]
16:11:20 [mecallahan]
mecallahan has joined #dnt
16:11:41 [justin]
16:11:44 [moneill2]
justin, no real movement on context separation
16:12:25 [moneill2]
justin, cfo next week on 219
16:12:51 [Zakim]
16:12:52 [matt]
matt has joined #dnt
16:12:54 [wseltzer]
16:12:54 [trackbot]
issue-219 -- Limitations on use in a 3rd party context of data collected in a 1st party context -- raised
16:12:54 [trackbot]
16:13:05 [moneill2]
justin, nobody has jumped on censuss proposal
16:13:23 [justin]
16:13:57 [moneill2]
justn, other issue is data append
16:13:58 [wseltzer]
zakim, take up agendum 2
16:13:58 [Zakim]
agendum 2. "Data Append and First Parties" taken up [from wseltzer]
16:13:59 [justin]
16:14:56 [moneill2]
jsutin, 5 proposals but only 2 main ones
16:15:31 [wseltzer]
16:15:44 [johnsimpson]
johnsimpson has joined #dnt
16:15:54 [vinay]
16:16:12 [justin]
ack vinay
16:17:03 [Zakim]
16:17:16 [kj]
kj has joined #dnt
16:17:40 [johnsimpson]
16:17:49 [justin]
16:18:37 [Zakim]
16:19:17 [ChrisPedigoOPA]
16:19:30 [justin]
ack chris
16:19:32 [moneill2]
justin, table 219 for time being, maybe we can reach a consensus
16:19:33 [wseltzer]
16:21:15 [wseltzer]
16:21:58 [justin]
zakim, who is on the phone?
16:21:59 [Zakim]
On the phone I see Nielsen__Raymond_, Wendy, rvaneijk, Peder_Magee, Fielding, Chris_M, Jack_Hobaugh, Chris_Pedigo, WaltMichel, RichardWeaver, Aleecia, vinay, kulick, Alan_IAB,
16:21:59 [Zakim]
... [CDT], moneill2, hefferjr, WileyS, Brooks, MECallahan, [Facebook], MattHayes, johnsimpson
16:21:59 [Zakim]
[CDT] has justin
16:22:34 [moneill2]
ChrisPedigoPA, data append far too broad for DNT. Data might have been collected with consent
16:22:34 [WileyS]
+1 to who is speaking - Data Append has nothing to do with cross-site data collection
16:23:21 [amm]
Allowing data append = loophole large enough to destroy the standard.
16:23:40 [moneill2]
johnsimpson, my proposal would stop third party would append to first party
16:23:44 [moneill2]
16:24:00 [Chris_M]
agree, data append seems out of scope for DNT
16:24:16 [WileyS]
If data append is sourced from data with user consent or public data - how could DNT logically apply?
16:24:31 [Chris_M]
+1 to WileyS, that's right
16:24:32 [fielding]
16:24:42 [justin]
ack mo
16:24:47 [Chris_M]
I feel like we are trying to boil the privacy ocean here...
16:25:05 [amm]
Data append is not with user consent
16:25:38 [amm]
I most assuredly not not consent to the price of my home and my address being appended to Amazon's data about me
16:25:39 [Chris_M]
you don't need consent for public data
16:25:46 [Chris_M]
how about City Hall data?
16:26:01 [wseltzer]
Chris_M, depends on the jurisdiction...
16:26:15 [justin]
ack fielding
16:26:22 [Chris_M]
wseltzer, US :)
16:26:29 [WileyS]
amm - that is a legal question - not one for this working group.
16:26:33 [amm]
If we are allowing user choice around tracking, perhaps we should allow users to make choices... Rather than be surprised.
16:26:50 [amm]
By no means
16:26:51 [rvaneijk]
@ChrisM, depending on what you do with public data, you may still need valid consent, even explicit consent depending on the use
16:26:51 [wseltzer]
Chris_M, we're on the *World* wide web :)
16:27:14 [amm]
We're not talking about what happens to non-DNT users, which is a legal issue
16:27:29 [fielding]
I suggest that Vinay's text is editorial, as is Mike's (though I prefer Vinay's text). Neither is about Data Append. John's proposal was about data append.
16:28:14 [justin]
16:28:20 [Chris_M]
wseltzer, I have always advocated for a JURISDICTIONAL approach to DNT compliance-- we need to respect laws in each jurisdiction; W3C should not aim to regulate over existing laws and codes IMHO
16:28:47 [moneill2]
justin, the real issue is data append
16:28:49 [wseltzer]
16:29:29 [rvaneijk]
@Chris_M, interoperability is an important aim IMHO.
16:30:28 [moneill2]
justin, cfo should be about data append
16:30:58 [amm]
Presumably DNT:1 means something more than "we follow the minimum as established by law," or there would be no diff between DNT:1 and DNT:0.
16:31:20 [moneill2]
wendy, one issue on data append under 170, and another under 219
16:31:25 [Zakim]
16:31:45 [Chris_M]
rvaneijk, in order to get global interoperability that doesn't step on some country's laws, that forces us to abstract to a common denominator that generally works in each jurisdiction (respects their laws/codes), but then probably does not go as far as the advocates want here.
16:31:49 [fielding]
16:31:49 [trackbot]
issue-219 -- Limitations on use in a 3rd party context of data collected in a 1st party context -- raised
16:31:49 [trackbot]
16:32:06 [fielding]
16:32:06 [trackbot]
issue-170 -- Definition of and what/whether limitations around data append and first parties -- open
16:32:06 [trackbot]
16:32:25 [Chris_M]
justin, not sure what you mean by "sneak around DNT" (please explain)
16:32:33 [WileyS]
amm - DNT speaks to cross-site data collection across different contexts. It doesn't speak to Data Append. That's an entirely different topic and its going to needlessly slow down this working group to try to address it here. I could imagine a host of different technical and policy elements specific to Data Append as an isolated topic.
16:32:37 [moneill2]
justin, no data append should be in 219
16:32:47 [amm]
There is nothing even remotely illegal about protecting user privacy for those who request it.
16:33:42 [moneill2]
justin, we need to make clear when DNT set no identifiers are shared
16:34:07 [Chris_M]
hmmm, still a bit confused by "sneak around" (sorry to be obtuse)
16:34:16 [WileyS]
moneill2 - identifiers are not "cross-site data collected across contexts"
16:34:28 [moneill2]
justin, will make it more clear on list
16:34:41 [amm]
DNT has fundamentally come to be about data sharing. Saying "no third party sharing unless we call it by a different name" is pretty goofy
16:34:55 [Zakim]
16:34:59 [amm]
Court house data is third party data
16:35:00 [johnsimpson]
16:35:01 [justin]
16:35:08 [justin]
q- wselt
16:35:31 [moneill2]
<wileys>, identifiers make cross-site collection possibl;e
16:35:34 [amm]
Without specifically allowing data append, it is out of what would be allowed
16:35:50 [moneill2]
justin, data minimisation
16:36:07 [wseltzer]
i|<wileys|Topic: Data Minimization
16:36:30 [wseltzer]
16:36:46 [WileyS]
We've already been through this - unique IDs are necessary for a host of permitted uses: security, financial reporting, & frequency capping.
16:37:35 [fielding]
16:37:35 [WileyS]
moneill2 - yes, and some cross-site data collection is permitted per the permitted uses
16:37:49 [justin]
ack fielding
16:38:04 [moneill2]
<fielding>, how upto date are thse proposals?
16:39:19 [moneill2]
fielding, why
16:40:05 [moneill2]
identifiers are what makes tracking possible, if DNT set dont use them
16:40:52 [moneill2]
fieldin, limitations on permitted uses fine, data minimisation wrong place
16:44:39 [justin]
16:45:28 [fielding]
I guess I would like to see arguments as to why the suggested changes improve Data Minimization, not random other topics in compliance.
16:45:33 [WileyS]
Many permitted uses fail without a persistent, unique, anonymous identifier.
16:47:19 [wseltzer]
16:47:33 [fielding]
16:47:33 [justin]
ack ws
16:49:28 [amm]
It's been a while. Did the idea of transparency go away?
16:50:04 [rvaneijk]
I would not be in favour of short-term use of identifiers or allow for non-persistent identifiers. Uniques is what matters.
16:50:12 [WileyS]
Probabilistic identifiers (digital fingerprints) are more often less persistent than deterministic identifiers
16:50:20 [WileyS]
We will use digital fingerprints for security purposes
16:50:25 [rvaneijk]
16:50:37 [WileyS]
We need every available tool to fight the bad guys
16:50:56 [justin]
ack fielding
16:51:16 [amm]
;-) to Wendy
16:52:36 [Chris_M]
browser "fingerprint" is ephemeral
16:52:49 [rvaneijk]
It is not just the profile that is the object of concern, the automatic decision is IMHO as well enabled by unique identifiers.
16:52:58 [fielding]
If you want to disallow certain identifiers, then just disallow them one at a time. Don't mix them all up under a bad definition.
16:53:07 [wseltzer]
16:53:18 [fielding]
If you want to stop client-side storage, say that.
16:53:31 [fielding]
If you want to stop browser fingerprinting, do that.
16:53:46 [amm]
Rob, I'm not following all of what you're suggesting (and perhaps should take offline) but what do you mean by automatic decision?
16:53:56 [justin]
ack ws
16:54:48 [moneill2]
wendy, are there place where we can be clear explaining the mechanism of tracking
16:55:12 [Chris_M]
yeah, I might agree with wseltzer here, we should probably focus on the practice, not the mechanism
16:55:27 [wseltzer]
wseltzer: trying to be technology-neutral in limiting "tracking" -- can we offer useful functional definitions, not mechanism of tracking/fingerprinting ?
16:55:41 [moneill2]
justin, lets iterate on this
16:55:42 [wseltzer]
16:56:12 [justin]
16:56:18 [Chris_M]
there will always be new tracking mechanisms, yeah?
16:56:26 [wseltzer]
rrsagent, draft minutes
16:56:26 [RRSAgent]
I have made the request to generate wseltzer
16:56:46 [amm]
Jonathan's hopes not withstanding, I don't see a way to do away with high entropy identifiers in DNT. Reasonable time limits (note necessarily hard coded) and transparency seem like the way to go IMHO
16:56:48 [wseltzer]
rrsagent, make logs public
16:57:02 [Zakim]
16:57:04 [amm]
Yes, I am basically agreeing with Shane but minus loopholes
16:57:07 [Zakim]
16:57:07 [Zakim]
16:57:07 [Zakim]
16:57:07 [Zakim]
16:57:08 [Zakim]
16:57:08 [Zakim]
16:57:09 [Zakim]
16:57:09 [Zakim]
16:57:10 [Zakim]
16:57:10 [Zakim]
16:57:10 [Zakim]
16:57:11 [Zakim]
16:57:17 [Zakim]
16:57:19 [Zakim]
16:57:21 [Zakim]
16:57:22 [Zakim]
16:57:23 [wseltzer]
s/justin, /justin: /G
16:57:24 [Zakim]
16:57:25 [kulick]
kulick has left #dnt
16:57:27 [Zakim]
16:57:35 [wseltzer]
s/johnsimpson, /johnsimpson: /G
16:57:39 [amm]
Ooooh, didn
16:57:44 [wseltzer]
s/wendy, /wendy: /
16:57:53 [wseltzer]
rrsagent, draft minutes
16:57:53 [RRSAgent]
I have made the request to generate wseltzer
16:57:58 [Zakim]
16:58:04 [amm]
Didn't know there is global replace, nice
16:58:13 [wseltzer]
s/justn,/justin: /
16:58:45 [wseltzer]
16:58:53 [wseltzer]
16:59:00 [wseltzer]
rrsagent, draft minutes
16:59:00 [RRSAgent]
I have made the request to generate wseltzer
16:59:31 [fielding]
justin, I just noticed that TCS does not forbid tracking when DNT:1. That should at the start, don't you think?
17:09:48 [Zakim]
17:09:49 [Zakim]
T&S_Track(dnt)12:00PM has ended
17:09:49 [Zakim]
Attendees were +1.646.654.aaaa, Wendy, rvaneijk, Nielsen__Raymond_, Peder_Magee, Amy_Colando, Fielding, Jack_Hobaugh, Chris_M, Chris_Pedigo, WaltMichel, RichardWeaver, Aleecia,
17:09:49 [Zakim]
... vinay, kulick, justin, moneill2, Alan_IAB, hefferjr, WileyS, Brooks, MECallahan, [Facebook], MattHayes, johnsimpson