ISSUE-219: Limitations on use in a 3rd party context of data collected in a 1st party context

Context separation

Limitations on use in a 3rd party context of data collected in a 1st party context

State:
PENDING REVIEW
Product:
Compliance Current
Raised by:
Walter van Holst
Opened on:
2013-10-02
Description:
The current standard allows for a) 1st parties that sometimes also are 3rd parties to b) use data gathered in that 1st party quality when in a 3rd party quality. This runs counter to reasonable user expectations and against the very core issue: the tracking across different contexts. Therefore:

"the third party MUST NOT use data about previous network interactions in which it was a third party, outside of the permitted uses as defined within this recommendation and any explicitly-granted exceptions, provided in accordance with the requirements of this recommendation."

Should replaced with:

"the third party MUST NOT use data bout previous network interactions in which it was a party, outside of the meritted uses as defined within this recommendation and any explicitly-granted exceptions, provided in accordance with the requirements of this recommendation."
Related Actions Items:
No related actions
Related emails:
  1. Re: tracking-ISSUE-272: first- and third-party interactions [TCS Last Call] (from npdoty@w3.org on 2015-11-06)
  2. Batch closing of old issues (from jbrookman@cdt.org on 2015-03-24)
  3. RE: issue-219 and editors/working draft (was Re: [TCS] comments on 17 Feb 2015 editors draft) (from michael.oneill@baycloud.com on 2015-03-23)
  4. issue-219 and editors/working draft (was Re: [TCS] comments on 17 Feb 2015 editors draft) (from npdoty@w3.org on 2015-03-22)
  5. RE: [TCS] comments on 17 Feb 2015 editors draft (from michael.oneill@baycloud.com on 2015-03-21)
  6. Re: CFO rationale for ISSUEs 219 and 235 (from npdoty@w3.org on 2015-03-09)
  7. CFO rationale for ISSUEs 219 and 235 (from npdoty@w3.org on 2015-03-09)
  8. Deadline: Tonight (7/9): Call for Objections on use of first party data in third party context, data append (ISSUE 219 and ISSUE 170) (from jbrookman@cdt.org on 2014-07-09)
  9. Announcement of Calls for Objections on ISSUE-219 (from ninja@w3.org on 2014-06-25)
  10. Re: Agenda for June 25 TPWG call (from sstamm@mozilla.com on 2014-06-25)
  11. Re: ISSUE-219 (context separation) (from jbrookman@cdt.org on 2014-06-25)
  12. RE: ISSUE-219 (context separation) (from michael.oneill@baycloud.com on 2014-06-25)
  13. Re: ISSUE-219 (context separation) (from Brooks.Dobbs@kbmg.com on 2014-06-25)
  14. RE: ISSUE-219 (context separation) (from michael.oneill@baycloud.com on 2014-06-25)
  15. Re: ISSUE-219 (context separation) (from walter.van.holst@xs4all.nl on 2014-06-24)
  16. Re: ISSUE-219 (context separation) (from walter.van.holst@xs4all.nl on 2014-06-24)
  17. RE: ISSUE-219 (context separation) (from michael.oneill@baycloud.com on 2014-06-24)
  18. RE: ISSUE-219 (context separation) (from michael.oneill@baycloud.com on 2014-06-24)
  19. Re: ISSUE-219 (context separation) (from jbrookman@cdt.org on 2014-06-24)
  20. Re: ISSUE-219 (context separation) (from john@consumerwatchdog.org on 2014-06-24)
  21. Re: ISSUE-219 (context separation) (from Brooks.Dobbs@kbmg.com on 2014-06-24)
  22. Re: ISSUE-219 (context separation) (from john@consumerwatchdog.org on 2014-06-24)
  23. RE: ISSUE-219 (context separation) (from wileys@yahoo-inc.com on 2014-06-24)
  24. Re: ISSUE-219 (context separation) (from jbrookman@cdt.org on 2014-06-24)
  25. Re: ISSUE-219 (context separation) (from achapell@chapellassociates.com on 2014-06-24)
  26. Re: ISSUE-219 (context separation) (from john@consumerwatchdog.org on 2014-06-24)
  27. Re: ISSUE-219 (context separation) (from walter.van.holst@xs4all.nl on 2014-06-24)
  28. Re: ISSUE-219 (context separation) (from ninja@w3.org on 2014-06-24)
  29. Agenda for June 25 TPWG call (from ninja@w3.org on 2014-06-24)
  30. Re: ISSUE-219 (context separation) (from ninja@w3.org on 2014-06-20)
  31. Re: ISSUE-219 (context separation) (from jbrookman@cdt.org on 2014-06-19)
  32. Re: ISSUE-219 (context separation) (from john@consumerwatchdog.org on 2014-06-19)
  33. ISSUE-219 (context separation) (from jbrookman@cdt.org on 2014-06-19)
  34. Agenda for June 18 TPWG call (from ninja@w3.org on 2014-06-17)
  35. Re: [ISSUE-206] Service Provider (and related ISSUE-219 question) (from jbrookman@cdt.org on 2014-06-16)
  36. Re: [ISSUE-206] Service Provider (and related ISSUE-219 question) (from tien@eff.org on 2014-06-11)
  37. Re: [ISSUE-206] Service Provider (and related ISSUE-219 question) (from fielding@gbiv.com on 2014-06-11)
  38. Re: [ISSUE-206] Service Provider (and related ISSUE-219 question) (from fielding@gbiv.com on 2014-06-11)
  39. Re: [ISSUE-206] Service Provider (and related ISSUE-219 question) (from jbrookman@cdt.org on 2014-06-11)
  40. Re: [ISSUE-206] Service Provider (and related ISSUE-219 question) (from vigoel@adobe.com on 2014-06-11)
  41. Re: [ISSUE-206] Service Provider (and related ISSUE-219 question) (from jbrookman@cdt.org on 2014-06-11)
  42. Re: [ISSUE-206] Service Provider (and related ISSUE-219 question) (from vigoel@adobe.com on 2014-06-11)
  43. RE: [ISSUE-206] Service Provider (and related ISSUE-219 question) (from michael.oneill@baycloud.com on 2014-06-11)
  44. Re: [ISSUE-206] Service Provider (and related ISSUE-219 question) (from jbrookman@cdt.org on 2014-06-11)
  45. Re: Agenda for June 11 TPWG call (from singer@apple.com on 2014-06-10)
  46. Agenda for June 11 TPWG call (from ninja@w3.org on 2014-06-09)
  47. RE: issue-170 (from michael.oneill@baycloud.com on 2014-06-06)
  48. Re: [ISSUE-206] Service Provider (and related ISSUE-219 question) (from fielding@gbiv.com on 2014-06-06)
  49. ISSUE-219 (Limitations on use in a 3rd party context of data collected in a 1st party context) (from jbrookman@cdt.org on 2014-06-05)
  50. Re: [ISSUE-206] Service Provider (and related ISSUE-219 question) (from jbrookman@cdt.org on 2014-06-05)
  51. RE: Issue-170 (from michael.oneill@baycloud.com on 2014-06-04)
  52. Re: Issue-170 (from rob@blaeu.com on 2014-06-04)
  53. Re: Issue-170 (from jack@networkadvertising.org on 2014-06-03)
  54. Re: Issue-170 (from rob@blaeu.com on 2014-06-03)
  55. Re: Issue-170 (from jack@networkadvertising.org on 2014-06-03)
  56. Re: Issue-170 (from john@consumerwatchdog.org on 2014-06-03)
  57. Re: Issue-170 (from ninja@w3.org on 2014-06-03)
  58. Agenda for June 4 TPWG call (from ninja@w3.org on 2014-06-02)
  59. Issue-170 (from michael.oneill@baycloud.com on 2014-05-30)
  60. Cancelled: May 28 TPWG call (from ninja@w3.org on 2014-05-27)
  61. Re: Agenda for May 21 TPWG call (from sstamm@mozilla.com on 2014-05-21)
  62. RE: Agenda for May 21 TPWG call (from wileys@yahoo-inc.com on 2014-05-21)
  63. ISSUE-170: Data Append and First Parties (from robsherman@fb.com on 2014-05-21)
  64. Re: Agenda for May 21 TPWG call (from singer@mac.com on 2014-05-20)
  65. Agenda for May 21 TPWG call (from ninja@w3.org on 2014-05-19)
  66. Re: tracking-ISSUE-219 (from fielding@gbiv.com on 2013-10-09)
  67. Re: tracking-ISSUE-219 (from npdoty@w3.org on 2013-10-09)
  68. RE: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from wileys@yahoo-inc.com on 2013-10-08)
  69. RE: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from michael.oneill@baycloud.com on 2013-10-08)
  70. RE: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from wileys@yahoo-inc.com on 2013-10-07)
  71. RE: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from wileys@yahoo-inc.com on 2013-10-07)
  72. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from dwainberg@appnexus.com on 2013-10-04)
  73. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from dwainberg@appnexus.com on 2013-10-04)
  74. RE: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from michael.oneill@baycloud.com on 2013-10-04)
  75. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from walter.van.holst@xs4all.nl on 2013-10-04)
  76. RE: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from michael.oneill@baycloud.com on 2013-10-04)
  77. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from dwainberg@appnexus.com on 2013-10-04)
  78. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from dwainberg@appnexus.com on 2013-10-04)
  79. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from dwainberg@appnexus.com on 2013-10-04)
  80. RE: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from michael.oneill@baycloud.com on 2013-10-04)
  81. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from walter.van.holst@xs4all.nl on 2013-10-04)
  82. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from walter.van.holst@xs4all.nl on 2013-10-04)
  83. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from mts-std@schunter.org on 2013-10-04)
  84. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from mts-std@schunter.org on 2013-10-04)
  85. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from dwainberg@appnexus.com on 2013-10-03)
  86. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from john@consumerwatchdog.org on 2013-10-03)
  87. RE: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from michael.oneill@baycloud.com on 2013-10-03)
  88. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from robsherman@fb.com on 2013-10-03)
  89. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from dwainberg@appnexus.com on 2013-10-03)
  90. RE: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from michael.oneill@baycloud.com on 2013-10-03)
  91. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from walter.van.holst@xs4all.nl on 2013-10-03)
  92. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from robsherman@fb.com on 2013-10-03)
  93. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from walter.van.holst@xs4all.nl on 2013-10-02)
  94. Re: tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from jbrookman@cdt.org on 2013-10-02)
  95. tracking-ISSUE-219 (Context separation): 3rd parties that are 1st parties must not use data across these contexts [Compliance Current] (from sysbot+tracker@w3.org on 2013-10-02)

Related notes:

Per CfO, I've implemented Option B (to prohibit use of data collected in another context) in this diff:
https://lists.w3.org/Archives/Public/public-tracking-commit/2015Feb/0003.html

Nick Doty, 18 Feb 2015, 05:03:49

Display change log ATOM feed


Chair, Staff Contact
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 219.html,v 1.1 2019/02/01 09:32:36 vivien Exp $