W3C

- DRAFT -

Tracking Protection Working Group Teleconference

19 Oct 2016

See also: IRC log

Attendees

Present
npdoty, mikeoneill, ChrisPedigoDCN, schunter, aleecia, jeff, simonkrauss, vincent
Regrets
wseltzer, dsinger
Chair
SV_MEETING_CHAIR
Scribe
npdoty

Contents

<schunter> Topics:

<schunter> - New Charter - Feedback

<schunter> - What to best do with the TCS (Option 1, Option 2, ...()

<scribe> scribenick: npdoty

<schunter> Simon Kraus

<schunter> Chris Pedigo

<schunter> Jeff

<schunter> Cable Labs

Simon: affiliated with CableLabs, attended previous meetings, wanted to check in

Summary

schunter: initially, many participants. group standardized one protocol for user agents to express and sites to respond with how they honor
... another piece Tracking Compliance defines behavior to respond to a Do Not Track signal
... process reached agreement, but people not sure if it's too strict or too lax
... group activated on the prospect of closing the group, in particular in response to new European regulation
... breakout at TPAC, with implementation interest
... that's the current status: trying it out, or if it doesn't work, letting go

Charter

schunter: drafted a charter and sent it around
... extend a charter for an implementation study, may or may not do spec updates
... if we see enough value, then we publish a Recommendation
... if unsurmountable problems, we cease work
... focus is on the technical piece, over the compliance piece

https://lists.w3.org/Archives/Public/public-tracking/2016Oct/att-0025/03-part

https://lists.w3.org/Archives/Public/public-tracking/2016Oct/0025.html

<vincent_> thanks npdoty

schunter: going through charter differences (see link)

mikeoneill: responded on list, important to note what the changes are
... expand on the details of the user control aspects and transparency of tracking status resource

schunter: like a feature overview?

aleecia: I think this is fine. are success criteria and exit criteria the same thing?
... don't want to hit exit criteria but not move forward

schunter: I think it's our decision not to move forward even if we have met requirements, but want to be more confident about utility

jeff: interpret "success criteria" informally, not specific to Recommendation status
... to reach Rec status, have to go through other steps of the Process document, that defines what it means to get to Rec
... maybe these are a little redundant

aleecia: frustration that we *could* push it out, but we're not going to
... so would like clarity about what it takes to get it out into the world

schunter: would be helpful if it could be more conclusive
... can discuss levels of success now to avoid confusion later

aleecia: concern that not publishing final Recommendation inhibits activity
... much more potential after it gets published [as a Recommendation] than before
... for example, press or implementer interest

mikeoneill: would matter whether feedback from regulators say it's sufficient for GDPR satisfaction

vincent_: could try to get informal feedback now

schunter: if adoption is likely after Recommendation, then success is to: publish a stable Recommendation informed by EU regulation

<schunter> Production of stable Recommendation-track specifications that is extended by the minimally required definitions of TCS and is informed by studies of the emerging EU privacy regulations. We studied the emerging EU privacy regulations and documented benefits of the TPE to comply with the emerging EU privacy regulations.

<schunter> We studied the emerging EU privacy regulations and documented benefits of the TPE to comply with the emerging EU privacy regulations.

<schunter> Production of stable Recommendation-track specifications that is extended by the minimally required definitions of TCS and is informed by studies of the emerging EU privacy regulations.

<schunter> Revised version:

<schunter> Production of stable Recommendation-track specifications that is extended by the minimally required definitions of TCS.

jeff: fine to change the success criteria. if we put our heads down and focus narrowly on Rec, without in parallel working with regulators and implementers, I'd be skeptical of the outcome
... should be parallel bootstrapping of this work with working with regulators and implementers

<schunter> The revised TPE will be informed by informed by studies of the emerging EU privacy regulations and other compliance documents.

<schunter> Bonus: We can demonstrate that TPE can simplify compliance – ideally endorsed by some EU regulators.

<Zakim> jeff, you wanted to discuss the importance of having a bootstrapping strategy

jeff: which group (this Working Group, a Community Group, something else) is going to step up to work with regulators?

<schunter> Revised success criteria

<schunter> 1. Production of stable Recommendation-track specifications that is extended by the minimally required definitions of TCS.

<schunter> 2. The revised TPE will be informed by informed by studies of the emerging EU privacy regulations and other compliance documents.

<schunter> 3. Bonus: We can demonstrate that TPE can simplify compliance – ideally endorsed by some EU regulators.

vincent_: can provide feedback based on how GDPR would be implemented in 2018, will work with Rob
... Article 29 already provided some feedback on TPE. since we have GDPR text now, should be easier to see how it complies or not
... regulators are certainly paying attention

jeff: anything you can do to encourage that activity (workshops, etc.) would be useful

vincent_: Do Not Track is being discussed as one solution to being compliant

jeff: charter has a list of dependencies and liaisons, including vague reference to working with external groups like regulators
... identifying actual groups by name that are doing specific work related to DNT would strengthen the charter

schunter: +1
... Article 29, or other bodies?

<Zakim> npdoty, you wanted to comment on "out of scope"

<jeff> Nick: Why is TCS out of scope?

<jeff> ... don't we want to review feedback to TCS?

<jeff> @@: I agree

<jeff> ... we don't want the press to see that we dropped TCS

npdoty: expect activity to focus on TPE, but don't want TCS out of scope when we are currently collecting feedback

<jeff> Aleecia: +1 to collecting feedback

<jeff> ... ds agrees

<mikeoneill> +1

ChrisPedigoDCN: I agree, we are looking at implementation, and wouldn't want to indicate lack of further work on that topic

schunter: note that we are open to different compliance regimes
... to the extent that we define terms (like "tracking"), does that limit compliance?
... I'll update the paragraph to say that we keep TCS and collect feedback, but not adding it as part of success criteria
... regarding TCS future, should we change to a Note? or, per dsinger, if there is sufficient interest, we can publish as a Rec

jeff: relatively short charter period, through August 2017. my guess is that it may be too early to make a decision
... gather implementation feedback during the year, but may not decide on its future until then

schunter: decouple, wait and see on implementation from Compliance
... what's the policy if a group ends? automatically becomes Notes?

jeff: can remain as a Candidate Recommendation, or can choose to publish as a Note

<jeff> Nick: We don't need to be that specific about TCS

<jeff> ... whether in the Charter to say it will be a Note.

<jeff> ... the group can always decide that in the middle of the charter period.

schunter: consensus is for TCS in maintenance mode, no decision on ultimate status

jeff: nothing negative to say that we're going to gather implementation feedback, that's just the next logical step at this point

[npdoty: +1]

schunter: maintain TCS, but not list it in the success criteria
... have some ideas about how to write it into the charter

ChrisPedigoDCN: not about making it a Note, but about collecting feedback

schunter: right, remains Candidate Rec while we gather information
... send an update soon, if we're fine, then go through w3c process for charter

timeline?

schunter: re-charter for 1 year, end of 2017

anything else?

thanks for joining. next call in 2 weeks

trackbot, end meeting

Summary of Action Items

Summary of Resolutions

[End of minutes]
Minutes formatted by David Booth's scribe.perl version 1.148 (CVS log)
$Date: 2016/10/19 16:50:00 $

Scribe.perl diagnostic output

[Delete this section before finalizing the minutes.]
This is scribe.perl Revision: 1.148  of Date: 2016/10/11 12:55:14  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: RRSAgent_Text_Format (score 1.00)

Succeeded: s/end of 2018/end of 2017/
Found ScribeNick: npdoty
Inferring Scribes: npdoty
Default Present: npdoty, mikeoneill, ChrisPedigoDCN, schunter, aleecia, jeff, simonkrauss, vincent
Present: npdoty mikeoneill ChrisPedigoDCN schunter aleecia jeff simonkrauss vincent
Regrets: wseltzer dsinger

WARNING: No meeting chair found!
You should specify the meeting chair like this:
<dbooth> Chair: dbooth

Found Date: 19 Oct 2016
Guessing minutes URL: http://www.w3.org/2016/10/19-dnt-minutes.html
People with action items:
[End of scribe.perl diagnostic output]