15:56:22 <RRSAgent> RRSAgent has joined #dnt
15:56:22 <RRSAgent> logging to http://www.w3.org/2014/09/24-dnt-irc
15:56:24 <trackbot> RRSAgent, make logs world
15:56:24 <Zakim> Zakim has joined #dnt
15:56:26 <trackbot> Zakim, this will be TRACK
15:56:26 <Zakim> ok, trackbot; I see T&S_Track(dnt)12:00PM scheduled to start in 4 minutes
15:56:27 <trackbot> Meeting: Tracking Protection Working Group Teleconference
15:56:27 <trackbot> Date: 24 September 2014
15:56:42 <justin> justin has joined #dnt
15:57:27 <Zakim> T&S_Track(dnt)12:00PM has now started
15:57:34 <Zakim> +npdoty
15:59:08 <eberkower> eberkower has joined #dnt
15:59:08 <fielding> fielding has joined #dnt
16:00:24 <Zakim> +Fielding
16:00:37 <Zakim> +RichardWeaver
16:00:46 <Richard_comScore> Richard_comScore has joined #dnt
16:01:07 <Zakim> +[FTC]
16:01:26 <Zakim> +justin
16:01:28 <npdoty> Zakim, who is making noise?
16:01:29 <justin> zakim, who is on the phone?
16:01:29 <Zakim> On the phone I see npdoty, Fielding, RichardWeaver, [FTC], justin
16:01:38 <Zakim> npdoty, listening for 10 seconds I heard sound from the following: [FTC] (34%)
16:02:20 <Zakim> +eberkower
16:02:28 <npdoty> regrets+ cargill, sidstamm
16:02:29 <eberkower> Zakim, please mute me
16:02:29 <Zakim> eberkower should now be muted
16:02:40 <justin> Let's give everyone 1-2 more minutes, then we'll go through the Last Call changes.
16:02:41 <dsinger> dsinger has joined #dnt
16:02:47 <Zakim> +ChrisPedigoOPA
16:02:49 <npdoty> agenda+ TPE Last Call comments
16:02:56 <npdoty> agenda+ "tracking" in compliance
16:03:04 <npdoty> agenda+ reminders
16:03:07 <npdoty> agenda+ aob
16:03:16 <ChrisPedigoOPA> ChrisPedigoOPA has joined #dnt
16:03:24 <Zakim> +[Apple]
16:03:25 <dsinger> zakim, [apple] has dsinger
16:03:25 <Zakim> +dsinger; got it
16:03:27 <npdoty> npdoty has changed the topic to: 24 Sept, agenda: http://www.w3.org/mid/3769008A-1BC7-433F-AD26-3F6BB6285536@w3.org
16:04:02 <moneill2> moneill2 has joined #dnt
16:04:12 <justin> zakim, who is on the phone?
16:04:12 <Zakim> On the phone I see npdoty, Fielding, RichardWeaver, [FTC], justin, eberkower (muted), ChrisPedigoOPA, [Apple]
16:04:12 <npdoty> scribenick: npdoty
16:04:14 <Zakim> [Apple] has dsinger
16:04:18 <Zakim> +[IPcaller]
16:04:29 <npdoty> justin: want to talk about changes to TPE in the last couple weeks
16:04:36 <justin> zakim, ipcaller is moneill2
16:04:36 <Zakim> +moneill2; got it
16:04:44 <npdoty> ... few remaining issues in compliance
16:04:45 <moneill2> zakim, [IPCaller] is me
16:04:45 <Zakim> sorry, moneill2, I do not recognize a party named '[IPCaller]'
16:05:02 <npdoty> Zakim, take up agendum 1
16:05:02 <Zakim> agendum 1. "TPE Last Call comments" taken up [from npdoty]
16:05:21 <kj> kj has joined #dnt
16:05:43 <Zakim> + +1.813.907.aaaa
16:05:44 <npdoty> fielding: make DOM API attribute nullable in WebIDL description ("?")
16:06:12 <npdoty> ... only change to the document; editorial.
16:06:21 <fielding> issue-240?
16:06:21 <trackbot> issue-240 -- Do we need to define context? -- closed
16:06:21 <trackbot> http://www.w3.org/2011/tracking-protection/track/issues/240
16:06:33 <fielding> issue-254?
16:06:33 <trackbot> issue-254 -- public access devices in intermediaries text -- pending review
16:06:33 <trackbot> http://www.w3.org/2011/tracking-protection/track/issues/254
16:06:35 <npdoty> this list of pending review may be helpful: https://www.w3.org/2011/tracking-protection/track/products/6
16:06:43 <justin> zakim, aaaa is hober?
16:06:44 <Zakim> +hober?; got it
16:07:22 <npdoty> fielding: comment was about adding requirements to an example
16:07:51 <npdoty> ... existing example was about a kiosk environment that might have defaults outside of our control. but if a user brings in their own device, we don't expect the network to change their preferences
16:07:55 <rvaneijk> rvaneijk has joined #dnt
16:08:37 <npdoty> ... suggestion was a clarification for a kiosk environment where users log in and establish a profile, including a DNT setting
16:08:39 <eberkower> it could be Ronan Heffernan from Nielsen. He isn't on IRC so he can't respond
16:08:49 <dsinger> q+ to ask about policies for sites
16:09:12 <npdoty> Zakim, hober? may be heffernan
16:09:12 <Zakim> +heffernan?; got it
16:09:12 <eberkower> zakim, aaaa is likely hefferjr
16:09:13 <Zakim> I don't understand 'aaaa is likely hefferjr', eberkower
16:09:19 <npdoty> ack dsinger
16:09:19 <Zakim> dsinger, you wanted to ask about policies for sites
16:09:35 <Zakim> +rvaneijk
16:09:40 <npdoty> dsinger: do we need a section to talk about sites that have a policy?
16:09:46 <eberkower> Zakim, aaaa is ronan heffernan
16:09:46 <Zakim> I don't understand 'aaaa is ronan heffernan', eberkower
16:09:47 <Zakim> +MECallahan
16:09:54 <mecallahan> mecallahan has joined #DNT
16:09:58 <justin> zakim, who is on the phone?
16:09:58 <Zakim> On the phone I see npdoty, Fielding, RichardWeaver, [FTC], justin, eberkower (muted), ChrisPedigoOPA, [Apple], moneill2, heffernan?, rvaneijk, MECallahan
16:10:00 <npdoty> ... like a first-party site that wants all visitors to have DNT set for their visitors
16:10:02 <Zakim> [Apple] has dsinger
16:10:32 <npdoty> fielding: can set a header field where it's under the user's control. don't need to specify ever possible way.
16:10:35 <dsinger> “An HTTP intermediary must not add, delete, or modify a tracking preference expression in a request forwarded through that intermediary unless the intermediary has been specifically installed or configured to do so by the user making the request. For example, an Internet Service Provider must not inject DNT:1 on behalf of all users who have not expressed a preference.”
16:10:55 <npdoty> ... there was a debate about institutional setting, but conclusion was that it wasn't a user preference.
16:11:31 <npdoty> dsinger: rather, I mean for the site being visited. should a site be able to say that there's a policy of only visiting with DNT?
16:11:34 <Zakim> +Brooks
16:11:35 <Brooks> Brooks has joined #dnt
16:11:46 <justin> q?
16:11:48 <npdoty> fielding: no great objection, but probably raises more problems than it solves.
16:12:00 <npdoty> dsinger: probably right, just raising it as a possibility.
16:12:18 <fielding> issuse-258?
16:12:28 <npdoty> issue-258?
16:12:28 <trackbot> issue-258 -- automatic expiration of a tracking preference -- pending review
16:12:28 <trackbot> http://www.w3.org/2011/tracking-protection/track/issues/258
16:12:55 <npdoty> justin: automatic expiration of the DNT signal or exceptions to it
16:13:07 <npdoty> fielding: TPE would specify a mechanism, requiring automatic expiration
16:13:33 <dsinger> q+ to ask why would a site need automatic expiration?
16:13:39 <npdoty> ... 1) we don't really require how it's set in the first place. 2) always under control of the user agent, so the user can control it, demand it of their user agent rather than have it be set by a server
16:13:54 <npdoty> justin: or the site itself could self-impose an expiration based on the user's own preferences
16:14:07 <npdoty> fielding: right, it just wouldn't be visible to the protocol
16:14:30 <rvaneijk> I am fine with a seperate issue.
16:14:41 <npdoty> fielding: rob had suggested a separate parameter when asking for an exception, which could be raised as a separate issue
16:14:54 <Zakim> +Jeff
16:15:10 <npdoty> ... could be useful if where the server is located requires a specific time (via a law, say)
16:15:20 <npdoty> ... but normally we would implement that with an expiring cookie
16:15:26 <moneill2> +q
16:15:34 <npdoty> ... have a user-granted exception and a cookie telling you how long to maintain that preference
16:15:45 <justin> ack ds
16:15:45 <Zakim> dsinger, you wanted to ask why would a site need automatic expiration?
16:16:05 <npdoty> dsinger: not hard to add an optional parameter. but not clear why the site would need to detail the expiration
16:16:35 <npdoty> ... user agents might handle and might want to handle expiration
16:16:47 <npdoty> fielding: could be a regulatory requirement
16:16:58 <rvaneijk> the requirement is not set  in stone, it is rather: no longer than necessary
16:17:11 <justin> ack mo
16:17:15 <npdoty> justin: article 29 or similar could say that exceptions are only valid for a certain time
16:17:24 <npdoty> dsinger: could just add a cookie as well
16:17:26 <npdoty> q+
16:17:45 <npdoty> moneill2: don't want it to be a cookie because it would also need to be communicated to all your third parties
16:17:55 <npdoty> ... API is controllable by the JavaScript on the server
16:18:13 <npdoty> ... makes sense to store in the database a duration
16:18:32 <npdoty> ... wouldn't cause a lot of trouble
16:18:36 <justin> ack npd
16:18:45 <Zakim> +kulick
16:20:08 <moneill2> +q
16:20:26 <justin> ack mo
16:20:37 <npdoty> npdoty: have a cancel/removeException method for this purpose. gives flexibility about when you cancel
16:21:04 <kulick> kulick has joined #dnt
16:21:23 <Zakim> -moneill2
16:21:49 <Zakim> +[IPcaller]
16:21:59 <moneill2> zakim, IPCaller is me
16:21:59 <Zakim> +moneill2; got it
16:22:19 <npdoty> ... useful for when sites need to cancel, whether after a duration or for any other reason
16:22:24 <fielding> I suggest we make it a new issue and then request specific proposal for changes to spec.
16:22:30 <npdoty> moneill2: what about web-wide exception?
16:22:34 <npdoty> npdoty: have removeWebWideTrackingException as well
16:22:35 <rvaneijk> give users the opportunity to reconsider their choice and change settings after the initial decision and at any time; let the user examine the (automated) choices that have been made with regards to Web Tracking in an easy way; and remind the user that choices regarding the (automated) settings for Web Tracking can be revoked at any time and make sure that a revision of any such choices is technically possible in an easy way that does not put any undue bur[CUT]
16:22:39 <rvaneijk> individual
16:23:01 <npdoty> npdoty: can accomplish with existing functionality, would increase testing costs
16:23:17 <rvaneijk> <copy past from the berlin group paper web tracking and privacy http://www.datenschutz-berlin.de/attachments/949/675.46.13.pdf
16:23:29 <npdoty> moneill2: but could increase transparency to have that duration in the same place, so that users can review it
16:24:03 <moneill2> ok
16:24:06 <npdoty> justin: seems agreement that expiration is something we might want. unclear whether existing functionality or whether we want something new
16:24:06 <justin> q?
16:24:20 <fielding> rvaneijk, I believe those are all controlled by the UA rather than the protocol
16:24:48 <npdoty> action: o'neill to propose specific language for expiration in the user-granted exception API parameters
16:24:48 <trackbot> Created ACTION-458 - Propose specific language for expiration in the user-granted exception api parameters [on Mike O'Neill - due 2014-10-01].
16:24:50 <dsinger> if someone could propose specific changes, that might help
16:24:59 <rvaneijk> @fielding, you may be right, I will discuss with moneill2
16:25:31 <npdoty> fielding: one remaining assigned to me is whether we should describe JSON as ABNF or prose or non-standard formal annotations of JSON -- purely editorial issue but might result in a change
16:25:45 <npdoty> issue-260?
16:25:45 <trackbot> issue-260 -- method for validating DNT signal from user -- raised
16:25:45 <trackbot> http://www.w3.org/2011/tracking-protection/track/issues/260
16:26:01 <npdoty> fielding: added more of the comments to issue-260, to better document that issue
16:26:33 <dsinger> on Shane, see <http://lists.w3.org/Archives/Public/public-tracking/2014Feb/0045.html>
16:26:40 <npdoty> justin: related to an older proposal about signing or otherwise verifying DNT signals.
16:27:00 <npdoty> ... followed up with editors about possible responses (143 and 260 addressed at once)
16:27:11 <npdoty> ... reasonable way to move forward?
16:27:28 <npdoty> fielding: yep. regrets for this coming week.
16:27:51 <npdoty> justin: dsinger update?
16:28:08 <npdoty> dsinger: converging, but waiting for feedback from Microsoft, who I know have implemented the exceptions
16:28:16 <npdoty> ... want to get their feedback; they have concrete experience
16:28:48 <npdoty> ... 4 or 5 proposed by Anne van K, about exceptions API changes
16:29:01 <npdoty> justin: anything else?
16:29:26 <npdoty> dsinger: need to double-check that we have all the issues covered
16:29:55 <fielding> https://www.w3.org/2011/tracking-protection/track/products/6
16:30:13 <fielding> PENDING REVIEW means the editor is "done" and awaiting WG decision
16:31:49 <npdoty> npdoty: summary about CR transition process. respond to all Last Call comments, try to get feedback. transition meeting with Director, based on those responses
16:31:55 <npdoty> topic: Compliance
16:32:08 <npdoty> justin: sent out the Call for Objections on Audience Measurement
16:32:21 <npdoty> ... discussion on the list. please make sure those requirements end up in the CfO questionnaire
16:32:29 <npdoty> ... outstanding CfO on de-identification
16:32:45 <npdoty> ... options are language worked out by a lot of us on the calls, and the safe harbor proposal from Jack
16:32:55 <npdoty> ... please give us your feedback on that in the next couple of days
16:33:09 <npdoty> ... one CfO closed, only a couple responses, on link shorteners
16:33:19 <justin> q?
16:33:33 <npdoty> ... only comments were opposed to silence, wanted to add language. so we'll go ahead with adding that language (that nick had worked out with some)
16:33:46 <npdoty> action: doty to add shortened URL language to Compliance
16:33:46 <trackbot> Created ACTION-459 - Add shortened url language to compliance [on Nick Doty - due 2014-10-01].
16:34:00 <npdoty> Zakim, take up agendum 2
16:34:00 <Zakim> agendum 2. ""tracking" in compliance" taken up [from npdoty]
16:34:03 <kulick> http://www.w3.org/wiki/Privacy/TPWG/Change_Proposal_Tracking_Third_Party_Compliance
16:34:38 <npdoty> justin: dsinger proposal was just changing to refer to "tracking" in the existing requirements
16:34:46 <rvaneijk> npdoty, this is still M1 status, right?
16:35:01 <npdoty> justin: fielding had a proposal on prohibiting tracking, remove 1st/3rd party distinction
16:35:14 <ChrisPedigoOPA> q+
16:35:20 <npdoty> ... but that might avoid our past discussions on first/third party distinction
16:35:37 <justin> ack chris
16:35:41 <npdoty> ... fielding had additional proposal on a first-party permitted use to recognize the distinction
16:35:53 <rvaneijk> justin, npdoty, this is still M1 status, right?
16:36:00 <npdoty> ... not sure how to narrow down these proposals to consensus now
16:36:11 <npdoty> ChrisPedigoOPA: my concern about proposal 3 is well-known
16:36:12 <justin> rvaneijk, yes, I think so . . . don't think we're quite close enough to firm options.
16:36:27 <npdoty> ... think proposal 4 from fielding is essentially just re-wording what we've already agreed to
16:36:38 <npdoty> ... can we get a summary of dsinger's proposal?
16:36:54 <npdoty> q+ on "tracking data"
16:37:10 <npdoty> dsinger: proposed this before in order to use defined terms
16:37:20 <npdoty> ... but tracking as more tunnel-vision proposal from before
16:38:06 <npdoty> ChrisPedigoOPA: think there might be less dispute on this one
16:38:07 <Zakim> -Brooks
16:38:11 <justin> ack npd
16:38:11 <Zakim> npdoty, you wanted to comment on "tracking data"
16:38:14 <npdoty> justin: don't intend to use CfO
16:39:09 <justin> FYI, npdoty's email summarizing the four proposals: http://lists.w3.org/Archives/Public/public-tracking/2014Sep/0016.html
16:39:41 <fielding> q+
16:39:45 <justin> ack field
16:41:00 <justin> scribenick: mecallahan
16:41:01 <mecallahan> mecallahan to scribe
16:41:26 <fielding> q+
16:41:26 <mecallahan> npdoty:  two isues.  1) dont want to change the structure
16:42:10 <mecallahan> npdoty: 2) first party permitted use defintion.  this does not see to track "purpose" this recommendation is more of a "status".
16:42:25 <dsinger> the permitted use would be a ‘referal permitted use’ which would only be available to first parties
16:42:29 <schunter> schunter has joined #dnt
16:42:44 <mecallahan> inpdoty:  it is strange to have this use as a purpose
16:42:50 <dsinger> ‘I am the first party and claim the referal permitted use’
16:43:14 <mecallahan> jnpdoty:  3) how would we handle downstream data?
16:44:19 <mecallahan> justin:  under roy's proposal, a party cannot retain third party data if stored with other third party data.  why is that a problem?
16:44:54 <mecallahan> npdoty:  if a third party collects but does not track, it doesnt seem fair to let the third party collect and share third party data (and allow other third parties to track?)
16:45:14 <mecallahan> justin:  i thought you couldnt send data downstream?  Roy:  yes,
16:45:36 <mecallahan> npdoty:  you have to put a prohibition on downstream in other sections
16:46:10 <justin> q?
16:46:17 <mecallahan> justin:  is there a substantive difference between the two?  which framework less confusing to implementers?
16:46:23 <rvaneijk> I need more time to review the two proposals.
16:46:24 <justin> ack fielding
16:46:48 <mecallahan> fielding:  a brief caution.  the statement "this is what we agreed to earlier" is not yet a group decision.
16:47:12 <mecallahan> fielding:  not everything is a working group decision.
16:47:16 <mecallahan> Justin:  i dont care.
16:47:49 <mecallahan> justin:  if the group thinks fieliding's version is better, we should go with that.
16:47:49 <npdoty> I'm not suggesting that the structure of the document is a past WG decision. I was referring to the general prohibition against collecting, retaining, using data collected as a third-party.
16:48:24 <mecallahan> justin:  i think the major objections with fielding's proposal (major questions on obligations on first parties) may have been addressed.
16:48:32 <npdoty> q+ to ask if we are down to two proposals
16:48:44 <mecallahan> justin: do folks need more time to consider the options?  justin views the options as the same.
16:49:06 <justin> ack npd
16:49:06 <Zakim> npdoty, you wanted to ask if we are down to two proposals
16:49:31 <mecallahan> npdoty:  question on which version do people want to go with?  if the proposals are 1 and 4 in the wiki, we can also consider Roy's proposal 3
16:49:44 <mecallahan> justin: does David singer still support option 2?
16:49:48 <fielding> I can drop option 3 in the interests of time.
16:49:57 <npdoty> yeah, I support "Proposal 1" (an iteration on dsinger's proposal)
16:49:59 <dsinger> …needs to think.
16:50:26 <kulick> we've always left the editor's draft with the options to see the deltas easily if nothing else
16:50:26 <npdoty> (I prefer it over the editor's draft text, I think)
16:50:38 <dsinger> whatever we do has to be harmonious with, and use, our definition of tracking, IMHO
16:50:50 <mecallahan> Justin: does anyone support the existing language in editor's draft?  if not, presumption going with one of the alternatives.  folks should review other optiosn.  which one would be more understandable?
16:51:07 <npdoty> kulick, yeah, we can leave the text in the wiki, but still useful to know which proposals we're pursuing
16:51:13 <justin> q?
16:51:21 <mecallahan> justin:  there is agreement on what we are trying to accomplish, open question on which one is more understandable/useful?
16:51:33 <mecallahan> justin: not sure what else there is for discussion.
16:52:03 <mecallahan> justin;  e.g., graduated response in the security language.  anything else?
16:52:10 <mecallahan> justin:  let justin know.
16:52:22 <fielding> npdoty, I am absolutely certain that we did not decide on any general prohibition against collecting data as a third party
16:52:35 <justin> q?
16:52:44 <mecallahan> justin: anything else to discuss before closing call?
16:52:48 <npdoty> fielding, that's a high level of certainty :)
16:53:15 <Zakim> -[FTC]
16:53:19 <Zakim> -rvaneijk
16:53:20 <Zakim> -[Apple]
16:53:20 <Zakim> -ChrisPedigoOPA
16:53:21 <Zakim> -justin
16:53:21 <Zakim> -kulick
16:53:21 <Zakim> -RichardWeaver
16:53:23 <Zakim> -heffernan?
16:53:27 <Zakim> -npdoty
16:53:28 <mecallahan> Justin:  next week focus?  no Singer and Fielding.  maybe a short call, depeding on TCS.
16:53:30 <Zakim> -MECallahan
16:53:31 <Zakim> -moneill2
16:53:33 <Zakim> -eberkower
16:53:34 <mecallahan> bye.
16:53:34 <Zakim> -Jeff
16:53:39 <npdoty> thanks, mecallahan, for filling in as scribe
16:53:45 <Zakim> -Fielding
16:53:46 <Zakim> T&S_Track(dnt)12:00PM has ended
16:53:46 <Zakim> Attendees were npdoty, Fielding, RichardWeaver, [FTC], justin, eberkower, ChrisPedigoOPA, dsinger, moneill2, +1.813.907.aaaa, heffernan?, rvaneijk, MECallahan, Brooks, Jeff, kulick
16:53:46 <npdoty> Zakim, list attendees
16:53:47 <Zakim> sorry, npdoty, I don't know what conference this is
16:53:56 <npdoty> rrsagent, please draft the minutes
16:53:56 <RRSAgent> I have made the request to generate http://www.w3.org/2014/09/24-dnt-minutes.html npdoty
16:54:30 <npdoty> rrsagent, bye
16:54:30 <RRSAgent> I see 2 open action items saved in http://www.w3.org/2014/09/24-dnt-actions.rdf :
16:54:30 <RRSAgent> ACTION: o'neill to propose specific language for expiration in the user-granted exception API parameters [1]
16:54:30 <RRSAgent>   recorded in http://www.w3.org/2014/09/24-dnt-irc#T16-24-48
16:54:30 <RRSAgent> ACTION: doty to add shortened URL language to Compliance [2]
16:54:30 <RRSAgent>   recorded in http://www.w3.org/2014/09/24-dnt-irc#T16-33-46