16:54:52 RRSAgent has joined #dnt 16:54:52 logging to http://www.w3.org/2014/12/17-dnt-irc 16:54:54 RRSAgent, make logs world 16:54:54 Zakim has joined #dnt 16:54:56 Zakim, this will be TRACK 16:54:56 ok, trackbot; I see T&S_Track(dnt)12:00PM scheduled to start in 6 minutes 16:54:57 Meeting: Tracking Protection Working Group Teleconference 16:54:57 Date: 17 December 2014 16:58:57 T&S_Track(dnt)12:00PM has now started 16:59:05 +npdoty 17:00:41 justin has joined #dnt 17:01:10 regrets+ schunter 17:01:27 Zakim, who is on the phone? 17:01:27 On the phone I see npdoty 17:01:57 dsinger has joined #dnt 17:02:04 +Chris_Pedigo 17:02:13 fielding has joined #dnt 17:02:15 +[IPcaller] 17:02:22 +Wendy 17:02:23 zakim,[IPCaller] is me 17:02:24 +moneill2; got it 17:02:30 +[Apple] 17:02:40 zakim, [apple] has dsinger 17:02:40 +dsinger; got it 17:02:45 +[FTC] 17:02:50 +Fielding 17:03:26 vincent has joined #dnt 17:03:30 WileyS has joined #dnt 17:03:45 +justin 17:04:13 +WileyS 17:04:36 Carl_Cargill has joined #dnt 17:04:37 +vincent 17:04:49 +Carl_Cargill 17:05:22 scribenick: wseltzer 17:05:45 zakim, agenda? 17:05:45 I see nothing on the agenda 17:05:52 justin: First issue, gateway, tracking status value 17:05:52 issue-262? 17:05:52 issue-262 -- guidance regarding server responses and timing -- pending review 17:05:52 http://www.w3.org/2011/tracking-protection/track/issues/262 17:06:10 ... Shane, any comments? 17:06:20 ... Main issue whether we'll allow gateways to signal N or T 17:06:37 +q 17:06:38 ... Roy said, sure, N, if they can say with conficence everyone theyre sharing with agrees not to track 17:06:58 ... Vincent sent a note this morning (US time), saying it shoudl send G regardless 17:07:03 removing those is fine with me … I was just trying to capture all the requested input 17:07:08 ack wileys 17:07:09 Agree to Roy only on "G", agree with Rob & T on removing T and N - disagree with Mike 17:07:26 WileyS: I agree with Roy on G 17:07:33 T = vomcemt 17:07:34 ... I agree with Rob and Vincent on removing T and N 17:07:42 ... G is a safer signal 17:07:42 s/vomcemt/vincent 17:07:59 kulick has joined #dnt 17:08:00 ... There may be edge cases where T or N work, but don't know that we want to go that route 17:08:08 ... Disagree with Mike's comment from earlier today 17:08:16 ... Want to keep the gateway as neutral as possible 17:08:32 ... they don't build their own profiles; cross-site tracking only to degree they meet permitted uses 17:08:34 +q 17:08:45 moneill2, did you have a problem with just using the Tk response header from the bid winner? 17:08:47 i/First issue,/Topic: TPE Last Call Comments/ 17:09:01 +kulick 17:09:12 WileyS: gateway not trying to take position for sites it services; let them speak for themselves 17:09:25 ... spoke with other gateways, none retains info in a bid-loss scenario 17:09:27 thanks for checking on that, WileyS 17:09:45 ... would only send G if if felt bid losers are retaining no tracking data; bid winner will respond for itself. 17:10:00 ... That seems shortest way to say all 3 elements 17:10:16 justin: So, you'd be fine with proposed deletion of 2 paragraphs, ok with Roy's language? 17:10:28 WileyS: Yes, of course needing to see final language 17:10:38 justin: delta between Roy's description and permitted uses 17:11:22 ... we should all be on same page on what gateway is permitted to retain 17:11:22 Gateways faciliate frequency capping 17:11:32 ah, oky 17:11:32 ... I thought other folks weren't expecting permitted uses by gateway 17:11:35 ack mon 17:11:48 moneill2: 2 aspects in what I put on the list 17:12:03 ... gateway has to extend preference 17:12:32 q+ 17:12:33 ... but it can't tell difference between site-specific and general preference 17:12:40 I thought Roy’s text said you need to forward the “expressed preference” 17:12:48 WileyS, could we have example of contract/ToS of ad-exchange to check the status of service provider? try to find some but it's hard to find except for doubeclick 17:13:09 ... difference between gateway and normal situation is that there's no element on the page by which user can ID gateway 17:13:56 ... consider polaris technical blocking, on what elements will it apply? 17:14:23 Vincent, those contracts are covered by NDA so I'm not able to distribute 17:15:04 ... use the controller property as way for gateway to tell UAs which parties have received the data 17:15:09 I think a server can use the controller property that way right now, if it wants to 17:15:32 justin: vision of G.... 17:15:56 ... if the gateway is sending info and don't know what recipients will do with it, what shoudl they send? 17:16:02 ... T, as Roy said? 17:16:06 ack fielding 17:16:09 q+ 17:16:10 WileyS, is there a generic template (not an actual contract) that could use? 17:16:33 fielding: to Mike's concerns. When users sends DNT:1 to gateway, it's saying "you can share with other parties" 17:16:38 I think even without that paragraph in question, the server can send “T” back if it’s going to be tracking 17:16:48 ... so it doesn't matter whether it's site-specific or general 17:16:58 Fair point, thanks npdoty, I think that's right. 17:17:09 Though not sure why we shouldn't explicitly say it in the document. 17:17:13 +q 17:17:19 q- 17:17:20 ack mo 17:18:26 q+ 17:18:39 could the gateway get a webwide exception anyway? 17:18:43 Site-wide would cover the exchange use case! 17:18:55 q+ on the T response value 17:18:58 site-wide covers all parties on that site 17:19:15 Site X and it's partners... 17:19:15 If the hosting site (Newspaper) has a site exception, all 3rd parties on that site get dnt:0 17:19:24 Zakim, who is making noise? 17:19:34 npdoty, listening for 10 seconds I heard sound from the following: [Apple] (20%), Fielding (54%) 17:19:35 I also think that site-wide would cover Ad-X 17:20:12 q? 17:20:20 q+ 17:20:32 moneill2: I can't see how if the gateway gets a DNT:0 it doesn't pass it on 17:20:51 s/moneill2/dsinger/ 17:20:54 fielding: that doesn't have to be part of our protocol 17:21:01 ack npd 17:21:01 npdoty, you wanted to comment on the T response value 17:21:36 npdoty: even if we delete the T and G paragraph, we might have situations when G doesn't fit 17:21:48 I mean, if the site has agreed to additional restrictions, then it should be telling the exchange through the exchange's API (usually the resource URIs) 17:22:21 ... where you're not going to get more information via TK header 17:23:18 ack vincent 17:23:21 I think the “N” when all my gateway parties have already agreed is possible, but not a particularly important case 17:23:28 justin: Looking for something for an exchange to send back when it can't vouch for everything down the line 17:23:34 BTW, we are talking about http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#TSV-G 17:24:13 vincent: perhaps add requirement that gateway should not seek sitewide exception 17:24:37 ... I meant web-wide exception 17:24:59 again, having permission from the user is not a concern of ours. Think Nielsen. 17:25:11 if it gets a web-wide exception by convincing me that it’s a really trustworthy site, sounds good to me 17:25:54 “we always work with this group of companies, and they make up a really good service” 17:26:03 q? 17:26:53 justin: is it appropriate to ask someone working as an exchange to do something quite different 17:27:03 ok, sounds good to me then 17:27:29 justin: Vincent, are you ok removing language around T, giving ability to send N? 17:27:49 yes, fine with me 17:27:50 not removing language about T, but removing language about N 17:28:10 Well, there is always the ability to not send G. 17:28:21 s/around T, giving ability to send N/around N, giving ability to send T/ 17:28:48 if you’re not tracking, you can send N, as described in the other sections 17:29:00 Right, it is really just advice. 17:29:08 sharing is tracking 17:29:36 It could be a gateway that only exists on one party's site 17:30:03 dsinger: Need a note that transferring information to another party may be considered tracking? 17:30:52 justin: I thought it was clear in the definition of tracking, but add a note if you think useful 17:30:52 q? 17:30:55 "When a third party to a given user action receives a DNT:1 signal in a related network interaction that party MUST NOT collect, share, or use tracking data related to that interaction;" 17:31:22 q+ 17:31:23 I believe that's a TCS issue, not TPE 17:31:45 ack npd 17:31:47 to Vincent, that seems pretty clear: a gateway asking another 3rd party to satisfy is necessarily sharing, isn’t it? 17:32:06 Correct - OOBC 17:32:17 OBC/UGE 17:32:26 q? 17:32:45 I think we don’t have a solution for losing bidders to claim out-of-band consent, as they don’t have the ability to communicate that to the end user 17:32:50 dsinger, yes hence the discussion about the service provider status 17:32:59 q? 17:33:16 q+ 17:33:21 ack vincent 17:33:27 q+ 17:33:45 vincent: could we see a template of a contract with an ad exchange? 17:33:46 How about we re-visit the definition of "tracking" ... ;) 17:33:52 ... not the confidential details 17:33:52 Another option would be to redefine the term "tracking" :-D (My x-mas gift to the working group) 17:33:53 j/k 17:34:06 is this different from “service provider” definition that we already have settled? 17:34:46 vincent: TOS of ad exchange, so we could see if they're service providers 17:35:00 relevant section of “service provider” definition from compliance: 17:35:03 ack fielding 17:35:04 has no independent right to use the data other than in a permanently deidentified form (e.g., for monitoring service integrity, load balancing, capacity planning, or billing); 17:35:34 fielding: I used "service provider" from discussion; could instead replace with terms applying to gateways 17:35:34 schunter has joined #dnt 17:35:42 q? 17:35:44 justin: that sounds useful 17:35:57 fielding: we do use service provider in another definition, but not so important 17:36:05 q? 17:36:24 issue-260? 17:36:24 issue-260 -- method for validating DNT signal from user -- raised 17:36:24 http://www.w3.org/2011/tracking-protection/track/issues/260 17:36:33 justin: sounds like progress, wait for the editors to come back with text 17:36:56 email from fielding http://lists.w3.org/Archives/Public/public-tracking/2014Dec/0020.html 17:37:05 The response doesn't meet industry's needs here and will continue to be the primary reason others will not support this standard voluntarily. 17:37:37 Can we apply a CfO here? 17:37:41 justin: Shane, do you want us to go through Call for Objections process on this? 17:38:11 WileyS: I believe we'd already covered this pre LC 17:38:15 ... it came up again at LC 17:38:27 is there a way that WileyS or others would see a way that would meet those needs? 17:38:43 ... since it already went through CfO, and chairs determined not to address; we're still getting objections 17:38:50 ... I don't know if a CfO now will change anything 17:39:00 ... We were hoping for a technical solution 17:39:08 ... here, we don't have the multiple options on the table. 17:40:18 justin: chairs have said that of the options before the group, I agree with Roy's approach 17:40:26 I’m not sure which previous CfO is the relevant one 17:40:28 I think the response is “there is no other way it can be”, alas. There is no answer to “does the user really really really mean it?” (except asking the user again, which is always posisble) 17:41:05 if we don’t have plausible options, then I would agree that the CfO doesn’t really make sense as a process step 17:41:18 ... if it's an issue blocking CR, say it then 17:41:20 q? 17:41:27 ... so I'd suggest we move on, close 17:41:51 Topic: Compliance issues 17:41:58 justin: Last issues in TCS, use of tracking 17:42:03 ack npd 17:42:18 npdoty: I haven't made changes since last week, but several changes before last week's call 17:42:23 http://www.w3.org/wiki/Privacy/TPWG/Editorial_corrections 17:42:42 I heard npdoty is keeping a list, like santa 17:42:45 issue-203? 17:42:45 issue-203 -- Use of "tracking" in third-party compliance -- open 17:42:45 http://www.w3.org/2011/tracking-protection/track/issues/203 17:42:59 npdoty: made some changes last week to address scope 17:43:43 fielding: still have to review. Likely concerns along the lines of what Vincent quoted 17:43:59 I would welcome any clarifications on that point (data collection that could only happen in one context) 17:44:00 ... will try to review this week 17:44:12 q+ 17:44:25 justin: I'll send email re orphaned issues 17:44:31 ack npd 17:45:04 npdoty: I'd welcome good thorough reviews from folks. I'll try to make my changes before Christmas 17:45:09 ... and then welcome re-readers 17:45:43 justin: encourage you all to re-read, report bugs and issues 17:46:15 q? 17:46:23 ... we'll send updated timelines 17:46:59 ... Plan for TCS last call soon; as Nick says, open issues are editorial, not substantive 17:47:26 yeah, I think we’ll be ready for Last Call on Compliance in January 17:47:48 dsinger: You'll see an email "this is the LC candidate"? 17:48:00 sounds right to me, dsinger 17:48:06 justin: we can CR TPE before TCS to LC 17:48:09 (I agree that TPE can go to CR before) 17:48:38 npdoty: they don't have to go to CR at the same time 17:48:56 justin: we need to resolve the gateway issue; editorial changes to TPE 17:49:00 q? 17:49:06 ... think both can move forward in January 17:49:17 ... when editors think docs are ready 17:49:27 q? 17:49:50 q? 17:50:16 -WileyS 17:50:17 -kulick 17:50:17 -Chris_Pedigo 17:50:19 -Carl_Cargill 17:50:19 -justin 17:50:20 -[FTC] 17:50:21 -npdoty 17:50:23 -[Apple] 17:50:25 [adjourned] 17:50:29 thanks wseltzer for scribing 17:50:30 -Wendy 17:50:32 -vincent 17:50:33 happy holidays to all 17:50:34 -moneill2 17:50:37 trackbot, end meeting 17:50:37 Zakim, list attendees 17:50:37 As of this point the attendees have been npdoty, Chris_Pedigo, Wendy, moneill2, dsinger, [FTC], Fielding, justin, WileyS, vincent, Carl_Cargill, kulick 17:50:45 RRSAgent, please draft minutes 17:50:45 I have made the request to generate http://www.w3.org/2014/12/17-dnt-minutes.html trackbot 17:50:46 RRSAgent, bye 17:50:46 I see no action items