- From: Alan Chapell <achapell@chapellassociates.com>
- Date: Thu, 13 Jun 2013 16:57:50 -0400
- To: "Matthias Schunter (Intel Corporation)" <mts-std@schunter.org>, <public-tracking@w3.org>
- Message-ID: <CDDFA9DE.332C2%achapell@chapellassociates.com>
Hi Matthias - The problem is that this language conflicts with language being drafted in the Compliance document and will ultimately need to be harmonized with the compliance document language. That said, I'm a bit confused. Two weeks ago, I accepted the assignment (Action-231, issue-153 requirement) to edit language in this section of the TPE. That would indicate that there WAS an open issue, correct? Cheers, Alan Chapell Chapell & Associates 917 318 8440 From: "Matthias Schunter (Intel Corporation)" <mts-std@schunter.org> Date: Thursday, June 13, 2013 4:41 PM To: <public-tracking@w3.org> Subject: Re: June Draft of the DNT compliance spec Resent-From: <public-tracking@w3.org> Resent-Date: Thu, 13 Jun 2013 20:53:14 +0000 > > Hi Alan, > > from a TPE perspective, this issue has been closed and Section 3 contains our > normative text at this point. > > Regards, > matthias > > > On 13/06/2013 22:09, Alan Chapell wrote: > > >> >> >> >> Hi John - >> >> >> >> >> >> >> I'm not sure I agree that there was consensus re: User Preference language. >> It would more accurate to say that this language remained in the documents >> for a period of time because those who challenged it were told that any >> changes were out of scope of our charter. >> >> >> >> >> As we've made changes to the Compliance doc in this area, it also made sense >> to revisit corresponding language in the TPE. >> >> >> >> >> From my perspective, simply implying a tracking preference in the name of the >> plug-in or extension doesn't come close to ensuring that the User has made an >> informed decisions with respect to DNT. >> >> >> >> >> Happy to discuss further if helpful. >> >> >> >> >> >> >> >> >> >> >> >> >> >> From: John Simpson <john@consumerwatchdog.org> >> Date: Thursday, June 13, 2013 2:08 PM >> To: Justin Brookman <jbrookman@cdt.org> >> Cc: Chris Mejia <chris.mejia@iab.net>, "public-tracking@w3.org Group" >> <public-tracking@w3.org> >> Subject: Re: June Draft of the DNT compliance spec >> Resent-From: <public-tracking@w3.org> >> Resent-Date: Thu, 13 Jun 2013 18:09:00 +0000 >> >> >> >> >> >>> >>> >>> Indeed, there has long been this language in Section 3 of the TPE, >>> Determining User Preference: >>> >>> >>> >>> "A user agent MUST have a default tracking preference of unset (not enabled) >>> unless a specific tracking preference is implied by the decision to use that >>> agent. For example, use of a general-purpose browser would not imply a >>> tracking preference when invoked normally as SuperFred, but might imply a >>> preference if invoked as SuperDoNotTrack or UltraPrivacyFred. Likewise, a >>> user agent extension or add-on MUST NOT alter the tracking preference unless >>> the act of installing and enabling that extension or add-on is an explicit >>> choice by the user for that tracking preference. >>> >>> >>> >>> >>> Looks to me like it's open season on any text that many of us understood to >>> represent consensus... >>> >>> >>> >>> >>> On Jun 13, 2013, at 7:00 AM, Justin Brookman <jbrookman@cdt.org> wrote: >>> >>> >>>> >>>> I was just giving the historical context. The idea that a privacy-specific >>>> user agent could send DNT:1 without more disclosure had been agreed to for >>>> several months, and then was later revisited. Similar to the security >>>> language that had been worked out nearly a year ago . . . >>>> >>>> >>>> >>>> Please say that no one has an action item to redefine "party." :) >>>> >>>> >>>> >>>> >>>> On Jun 13, 2013, at 9:53 AM, Chris Mejia <chris.mejia@iab.net> wrote: >>>> >>>> >>>>> >>>>> >>>>> Hi Justin, >>>>> >>>>> >>>>> >>>>> >>>>> I don't believe we are in full agreement on this. Please see the text >>>>> that Alan and I submitted yesterday, on requirements for agents >>>>> sending/altering a user's preference expression. >>>>> >>>>> >>>>> >>>>> >>>>> Best, >>>>> >>>>> >>>>> >>>>> >>>>> Chris >>>>> >>>>> >>>>> ++++++++++++++++++++++++ >>>>> >>>>> Chris Mejia >>>>> >>>>> Digital Supply Chain Solutions >>>>> >>>>> Ad Technology Group >>>>> >>>>> Interactive Advertising Bureau - IAB >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> On Jun 10, 2013, at 11:37 AM, "Justin Brookman" <jbrookman@cdt.org> >>>>> wrote: >>>>> >>>>> >>>>> >>>>>> >>>>>> >>>>>> Previously, I thought we had agreement that selection of a special >>>>>> privacy-protective product or setting could imply consent to send DNT:1 >>>>>> This agreement is currently reflected in the TPE in Section 3: >>>>>> http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#deter >>>>>> mining. For example, I believe that Safari turns on DNT:1 whenever >>>>>> someone engages "Private Browsing" mode, despite no specific language >>>>>> about Do Not Track: http://www.apple.com/safari/features.html >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> However, that language/agreement may have been subsumed by more recent >>>>>> discussions. >>>>>> >>>>>> >>>>>> >>>>>> On Jun 10, 2013, at 11:15 AM, "Craig Spiezle" <craigs@otalliance.org> >>>>>> wrote: >>>>>> >>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> I apologize for possibly bringing up a closed issue, but do you see a >>>>>>> distinction between a browser or a privacy / security enhancing product? >>>>>>> I agree with what is proposed by a browser, but see there might be other >>>>>>> scenarios where the consumer is making an implied decision when >>>>>>> acquiring a third party security / privacy add-on?. >>>>>>> >>>>>>> >>>>>>> >>>>>>> Conceptually let¹s call the product Privacy and Data Protector which by >>>>>>> default out of the box offers ³maximized protection of your data >>>>>>> collection and privacy². Could one argue that one who purchases such a >>>>>>> product in effect is making an implied decision to use such >>>>>>> functionality. Better yet Ad-Block Plus? >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> From: Shane Wiley [mailto:wileys@yahoo-inc.com <http://yahoo-inc.com/> ] >>>>>>> Sent: Monday, June 10, 2013 7:17 AM >>>>>>> To: Alan Chapell; Peter Swire; public-tracking@w3.org >>>>>>> Subject: RE: June Draft of the DNT compliance spec >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> Friendly amendment suggestion: >>>>>>> >>>>>>> >>>>>>> >>>>>>> ³Šunless they have otherwise obtained consent from the user to do so.² >>>>>>> >>>>>>> >>>>>>> >>>>>>> - Shane >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> From: Alan Chapell [mailto:achapell@chapellassociates.com] >>>>>>> Sent: Monday, June 10, 2013 6:31 AM >>>>>>> To: Peter Swire; public-tracking@w3.org >>>>>>> Subject: Re: June Draft of the DNT compliance spec >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> Thanks Peter. I'm still generally uncomfortable that DNT doesn't place >>>>>>> requirements on First Parties. >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> One item of particular concern that seems to have fallen off the radar >>>>>>> is the scenario where a party collects data in a first party context and >>>>>>> attempts to use it in a third party context when DNT is enabled. I >>>>>>> thought there was agreement on this issue. However, I keep raising it, >>>>>>> and it doesn't seem to make it into the drafts. Perhaps its implied in >>>>>>> the language "Š customize the content, services, and advertising in the >>>>>>> context of the first party experience." However, it is not clear enough, >>>>>>> IMHO. >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> To address, I offer the following language to Section 4 (First Party >>>>>>> Compliance). The new language is below. >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> First Parties must not use data collected while a First Party when >>>>>>> acting as a Third-Party when DNT = 1. >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> Nick if I need to open up another issue on this, please let me know. >>>>>>> Thanks! >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> Alan >>>>>>> >>>>>>> >>>>>>> >>>>>>> From: Peter Swire <peter@peterswire.net> >>>>>>> Date: Monday, June 10, 2013 7:47 AM >>>>>>> To: "public-tracking@w3.org" <public-tracking@w3.org> >>>>>>> Subject: June Draft of the DNT compliance spec >>>>>>> Resent-From: <public-tracking@w3.org> >>>>>>> Resent-Date: Mon, 10 Jun 2013 11:47:58 +0000 >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> To the Working Group: >>>>>>> >>>>>>> >>>>>>> >>>>>>> Attached please find a June Draft of the compliance spec. The >>>>>>> spec is also available at: >>>>>>> >>>>>>> >>>>>>> >>>>>>> http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance-ju >>>>>>> ne.html >>>>>>> >>>>>>> >>>>>>> >>>>>>> This draft builds directly on the Consensus Action Summary from the >>>>>>> Sunnyvale F2F. Working closely with W3C staff, and based on numerous >>>>>>> discussions with members of the WG, this June Draft is my best current >>>>>>> estimate of a document that can be the basis for a consensus document in >>>>>>> time for Last Call. >>>>>>> >>>>>>> >>>>>>> >>>>>>> The June Draft includes a number of grammatical and stylistic >>>>>>> edits to various provisions of the previous working drafts. These sorts >>>>>>> of edits were done in hopes of adding clarity and good writing to the >>>>>>> provisions. In the spirit of humility, W3C staff and I recognize that >>>>>>> members of the WG may spot substantive objections to these stylistic >>>>>>> edits let us work within a constructive spirit of the working group >>>>>>> process to examine and, where appropriate, make changes to these edits. >>>>>>> >>>>>>> >>>>>>> >>>>>>> The Draft also addresses the four task areas included in the >>>>>>> Consensus Action Summary. In proposing language in the June Draft, my >>>>>>> intent and belief was to make good substantive judgments about an >>>>>>> overall package that may achieve consensus, as well as item-by-item >>>>>>> judgments about what is substantively most defensible within the context >>>>>>> of the WG. Clearly, the group will need to work through each piece of >>>>>>> the text, members can suggest alternatives, and we will need to >>>>>>> determine where and whether consensus exists. >>>>>>> >>>>>>> >>>>>>> >>>>>>> The June Draft contains normative text but not non-normative >>>>>>> text. In part, this reflects my view that we have the best chance to >>>>>>> work constructively on a relatively short amount of normative text. >>>>>>> Proposed non-normative text can be proposed for provisions in time for >>>>>>> Last Call. As a potentially useful alternative, W3C has various >>>>>>> mechanisms for publishing notes or other documents that illuminate a >>>>>>> standard. The best time for detailed discussion of most non-normative >>>>>>> text quite possibly will be after Last Call. >>>>>>> >>>>>>> >>>>>>> >>>>>>> The June Draft discusses only items that the W3C WG can address. >>>>>>> Clearly, the actions of others on these issues may be relevant to the >>>>>>> overall outcome. For instance, the DAA has discussed changes to its >>>>>>> code, including on its market research and product development >>>>>>> exceptions. There has been discussion of a potentially useful limit on >>>>>>> any blocking of 3d party cookies for sites that comply withDNT. There >>>>>>> may also be new and useful technical measures that would be important to >>>>>>> the future of advertising in a privacy-protective manner. The text >>>>>>> here, as indicated, addresses what would be within the compliance spec >>>>>>> itself. >>>>>>> >>>>>>> >>>>>>> >>>>>>> W3C staff and I are working on further explanatory materials >>>>>>> that will seek to clarify the changes here, and link the June Draft to >>>>>>> the issues on the WG site. >>>>>>> >>>>>>> >>>>>>> >>>>>>> The regular call this Wednesday will be an opportunity for the >>>>>>> Group to have an initialdiscussion of the June Draft. To give everyone >>>>>>> a chance to review this material, we will not be seeking to close >>>>>>> compliance issues during this Wednesday¹s calls. >>>>>>> >>>>>>> >>>>>>> >>>>>>> Thank you, >>>>>>> >>>>>>> >>>>>>> >>>>>>> Peter >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> Prof. Peter P. Swire >>>>>>> >>>>>>> >>>>>>> >>>>>>> C. William O'Neill Professor of Law >>>>>>> >>>>>>> >>>>>>> >>>>>>> Ohio State University >>>>>>> >>>>>>> >>>>>>> >>>>>>> 240.994.4142 >>>>>>> >>>>>>> >>>>>>> >>>>>>> www.peterswire.net <http://www.peterswire.net/> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> Beginning August 2013: >>>>>>> >>>>>>> >>>>>>> >>>>>>> Nancy J. and Lawrence P. Huang Professor >>>>>>> >>>>>>> >>>>>>> >>>>>>> Law and Ethics Program >>>>>>> >>>>>>> >>>>>>> >>>>>>> Scheller College of Business >>>>>>> >>>>>>> >>>>>>> >>>>>>> Georgia Institute of Technology >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>> >>>> >>>> >>>> >>>> >>> >>> >>> >>> >>> >>> >> > >
Received on Thursday, 13 June 2013 20:58:24 UTC