See also: IRC log
<trackbot> Date: 12 June 2013
<Chris_IAB> npdoty, good morning-- did you see my email just now?
<Chris_IAB> npdoty, got your reply just now-- thanks!
<Chris_IAB> npdoty, that's the one. slow server on my side -- thanks :)
<moneill2> zakim. [IPCaller] is me
<Chris_IAB> I just joined from a private number
<Chris_IAB> npdoty, I just joined from a private/blocked number
<eberkower> I'm over here, Zakim
<Chris_IAB> someone in Germany put us on hold?
<dwainberg> I didn't hear any of what Peter was saying.
<dwainberg> Just that he asked if I was on the call.
<npdoty> scribenick: Yianni
<schunter> http://www.w3.org/2011/tracking-protection/track/actions/overdue
matthias: posting in overdue
actions
... Rigo is first
... David
... Chris Pedigo
<aleecia> hi
matthias: Aleecia
... Shane
<npdoty> aleecia, did you have an update on your action?
matthias: Rob Sherman
... Thomas
... Richard Weaver
<aleecia> It sounded like dsinger took this one up, perhaps several times, already.
Peter: Richard needs another week on audience measurement
<aleecia> Looks like we can close it as duplicate
<fielding> I completed my two actions and moved them to pending review
Matthias: Susan Isreal
<npdoty> I think some of the action items on audience measurement have already been postponed again by a week
Peter: same project as Richard
Matthias: Justin action 401 he sent
<scribe> ...pending review
Justin: sent on a difference
action. Action 401 is difference
... reluctant to make changes to compliance spec, confused on
what he should be working on right now with June draft
Matthias: take a look at compliance related actions
<justin> Probably flux.
<Chris_IAB> I submitted action 407 today
Peter: correct to say compliance actions are in flux
Matthias: want a quick status
review of some of the issues
... pushback on issue 192 from Rob
<scribe> ...closed issue 192, but created issue 201 for Rob's concern
UNKNOWN_SPEAKER: we are down to
12 or so open issues
... quickly discuss incoming actions
<schunter> http://www.w3.org/2011/tracking-protection/track/issues/200
UNKNOWN_SPEAKER: one issue I
would like to look at is issue 200
... want to make sure that something is going on
<WileyS> +q
UNKNOWN_SPEAKER: Rigo and Shane
wanted to propose text
... Is Shane or Rigo on the call?
Peter: big W3C meeting in Japan
Shane: we have provided draft
text in conversation. we need to wrap together
... the remaining issue on caching is part of a group
conversation
... we're a server cannot speak to the server directly. Can I
turn that into draft text
Matthias: we converged on language, if we have user granted exception, website can cach and send to other servers, if you receive new information the cach has to be refreshed and passed on
Shane: only thing that is not
needed is sharing
... in exchange scenario, individual servers in situations
we're you cannot speak to user agent directly, you would rely
on last known state
... the next time you interact with user agent directly, you
would update that state
... more effort to manage state in those scenarios, but believe
you should offer those options
Matthias: behind some layers of other servers
Shane: way exchange servers work,
exchange has direct communcation with user agent and is
speaking with those participating in a bid server to server,
not speaking directly to user agent
... they may have been granted an exception, but since they
cannot speak to user agent directly, they cannot receive 0
<jmayer> +q
<efelten> If you're not speaking to the UA, how do you know which user it is?
Shane: on next interaction with user, they must update the status
Matthias: web wide exception, you know you have a user granted exception from say yesterday
Shane: all of this is done
through cookie id mapping, exception from user ABC, so I will
treat them as if I have an exception
... it is because of the disconnect, inability to talk to UA
that they need concept of caching
Nick: thanks for the explanation. Issue tracking question, 201 for tracking of caching or is it for the interaction between UGE and out of band
<jmayer> I think we should have a new ISSUE and move on. There are some engineering solutions here, but no reason to take up the call with them.
Nick: question of granting web wide exception and my interaction is passed on through an ad exchange, can you get to scenario where user cannot revoke an exception?
Shane: it would be a very narrow
use case, the only way server would never interact with UA if
they only did business through exchanges, one or two players in
the marketplace
... there are a lot of business motiviation to have direct
interaction with user
<npdoty> issue-200 for transitive exceptions and server-to-server communication; issue-201 for interaction between uge and oobc
Shane: the first time you win a
bid, you are able to serve content, at that time you are
touching user agent and can update
... cannot think of a scenario of never having a direct
interaction with user agent again
... do not think it is a realistic scenario
<npdoty> wileys, understand it might be rare for third parties get into a long-term scenario where they don't interact directly, it would just provide an incentive for getting an exception and not directly interacting with the user
Shane: I could see from a per
technical perspective, but cannot see from a business
perspective
... first you need to get the exception, start with getting
user granted exception, then cach, then move into a pure server
to server position
... could create non-normative language to say if that was your
intent, it would be inappropriate
<aleecia> jonathan?
<aleecia> we hear no one
<WileyS> Jonathan - we cannot hear you
Matthias: jonathan you were on Q for caching user granted exceptions
<WileyS> +q
Jonathan: understand use case, there are serious problems with stall dnt signals or misuse, and we can come up with something that works
<npdoty> part of the intent of web-wide exceptions has been the situation of getting an exception directly from the user (in a first-party scenario), and then applying it to a third party scenario
Shane: Nick create an action to
propose text, more than happy of adding prescriptive details,
or add text to use caching to hide from seeing dnt
signals
... we can provide true technical details in non-normative
text
Jonathan: first explore if there is a way to do this where we have no problems technically, straightforward engineering problem
<npdoty> can we have two actions then? Shane to propose as he sees it; and Jonathan on a possible cache-invalidation approach
Shane: Jonathan, why don't we split into two tracks, I do not how to predict a UGE when you do not know if that server is participating. I will move forward with draft text, understanding you will disagree
Matthias: took a while to understand precisely the scenario, then we may be able to find a technical solution
<npdoty> ACTION: wiley to provide text on caching exceptions in cases of server-to-server communication (detail on the use case, in particular) [recorded in http://www.w3.org/2013/06/12-dnt-minutes.html#action01]
<trackbot> Created ACTION-421 - Provide text on caching exceptions in cases of server-to-server communication (detail on the use case, in particular) [on Shane Wiley - due 2013-06-19].
Nick: can you give an action to Shane
Matthias: do scenario use case first, then come forward with the solution
<npdoty> jmayer, do you want an action item for a cache invalidation proposal? or just respond to Shane on mailing list?
Matthias: next item on my
list
... Justin issue 153 text
... Justin could you summarize the text
<schunter> http://www.w3.org/2011/tracking-protection/track/issues/153
<npdoty> http://lists.w3.org/Archives/Public/public-tracking/2013Jun/0061.html
Justin: basic idea, if you are in a position where you cannot determine in real time and you use the P signal
<npdoty> (this is not related to issue 153)
Justin: add a caveat, you cannot rejection signal because it is a user agent you do not like
<jmayer> +q
Justin: you have to reject a user agent in real time
Matthias: text sounds reasonable, suggest putting it in spec and giving a final review in the spec
<schunter> http://www.w3.org/2011/tracking-protection/track/issues/195
Matthias: actually issue 195
Jonathan: make sure that the
option of not having option flag preserved
... i am of the view that if you are not sure if you do not
have an exception, act as if you do not have an exception
<npdoty> "act as if you don't have an exception, and work to clarify that"
Jonathan: could iterate on the text, but some members of the group think it should not be in the document at all
Matthias: I think we can reach
consensus, the P signal does not relieve compliance at all.
Sending P does not do anything to tracking
... all it does is give more time to give answer, instead of
giving answer in one sec, you can now spend an hour
Jonathan: back to the point of
misunderstanding, a free 48 hour pass that has not been clearly
motivated with a use case
... I would like to have a real understanding of the use
case
... we can iterate on the text, but lets not assume this is
going into the document, clearly not consensus
<rvaneijk> the P flag is solving a problem for audience measurement, but frankly, the audience measurement parties should innovate IMHO.
Matthias: lets continue discussion on the list
<schunter> http://lists.w3.org/Archives/Public/public-tracking/2013Jun/0065.html
Matthias: the last piece of discussion I have is issue 153
<npdoty> jmayer, I think we've gathered some text on the use case from Ronan; if there is a lot of pushback on that, we should develop alternative text, or, if the alternative text is just silence, we might need to go through the call for objections process
Matthias: basically, proposed
text with link
... want feedback on text
<npdoty> Alan's latest: http://lists.w3.org/Archives/Public/public-tracking/2013Jun/0065.html
<Chris_IAB> I support Alan's text
<jmayer> +q
Nick: thanks Alan for providing
this, I prefer the text earlier in this version
... must be some confusion with comply with rest of this
document, determining user preference section is the key thing
we want them to comply with. is it reasonable to focus on that
then the rest of the TPE
Alan: I altered language from comments from Matthias, my perspective is that you have to otherwise comply with document anyway, not sure it is neccesary
<npdoty> +1 that compliance requires complying :)
Matthias: my mind, point was that
if somehow mess with a user agent, it is your responsible that
your extention satisfies the spec.
... need to make sure pieces in browser do not break
... one example, the browser has a user granted exception api,
and plug in does not have it
<moneill2> +q
Matthias: basically, not all plug in have to do exception API if they reliably pass information on and browser can implement as specified
Alan: question for Nick as early drafter of some of this language, we made reference to another document. I thought we were talking about technical spec and not corresponding section in compliance document
<peterswire> +q
Nick: can respond directly, we
wrote this text when there was not a seperate user agent
compliance section in compliance spec
... my point was about, if you are modifying the preference you
should satisfy the preference section
<jmayer> +q
Alan: I do not have super strong feeling, how does requiring complaince with document generally creating an issue?
<Chris_IAB> German lady is back
Nick: poiting out an ambiguity, even if you are not a server, you have to implement a server
Alan: Matthias do you have any response
Matthias: does it make sense for Nick to reword
<npdoty> I'm certainly willing to try, though I do think it'll be as Alan has described
Alan: tailor to particular part of the document we are talking about. I can certainly do that
<aleecia> :)
Nick: sounds great to have Alan do
<aleecia> x-ref is good
<npdoty> it's certainly reasonable to reference the Compliance spec, yes!
<jmayer> So, to clarify... we're reserving a decision on whether non-browser UAs have to support the exception API etc.
Peter: I think it is relevant, I think there is some W3C work to make sure we are doing the right things to intercept the complaince and tpe specs
<Chris_IAB> schunter, you have a q on this issue
Peter: i think W3C needs to get clear on what is going where
<schunter> I just realised ;-)
Alan: just making the call for consistency, so fine by me
Jonathan: I think I wound up in the same place as Alan, we will figure out exactly what requirements are imposed on non-browser UAs
Alan: discussion was tailored to should we be referecning particular section in complaince document, and should we be refering section 3 or the complace TPE
Matthias: not about non-browser
UAs, it is about intermediaries between browser UA and
user
... non-browser UAs are not part of the discussion
Jonathan: plug in would be a non-browser UA
<peterswire> From June Draft: The specification applies to compliance with requests through user agents that (1) can
<peterswire> access the general browsable Web; (2) have a user interface that satisfies the
<peterswire> requirements in Determining User Preference in the [TRACKING-DNT] specification; (3)
<peterswire> and can implement all of the [TRACKING-DNT] specification, including the mechanisms
<peterswire> for communicating a tracking status, and the user-granted exception mechanism.
Matthias: Mike is next
<aleecia> wheee
<Chris_IAB> Mike, which requirement is that?
Mike: the user agents must have default of unset, I do not think we should have must because of circumstances in Europe
<npdoty> in general, we have always accepted that legal requirements could trump our decisions
<Chris_IAB> lost Alan
Alan: my feeling on this is that we have been clear for a while that defaul needs to be unset. but one could see a scenario where certain jurisdictions - lost Alan
<johnsimpson> we keep losing Alan
<johnsimpson> ok now
Alan: (lost for about 30 seconds)
may determine that unset means something different than unset
in the US
... it is possible for the EU to interprete unset differently
than other jurisdictions
<npdoty> moneill2, to Alan's point, is it more likely that the EU would make requirements about the interpretation of unset, rather than requiring the sending of DNT:1?
<rvaneijk> I am fine with 'unset'
<Chris_IAB> this is why we need a jurisdictional approach to compliance
Matthias: we agreed to this basic language, could only send preference with express preference from user
<npdoty> is Alan's text meant to add to or replace the existing text that says "must have a default tracking preference of unset"?
Mike: Is this new text, must be set unset is difficult
<npdoty> "A user agent MUST have a default tracking preference of unset (not enabled) unless a specific tracking preference is implied by the decision to use that agent."
<efelten> Where is this new text supposed to go?
<npdoty> moneill2, the above sentence is quite old
<jmayer> +q
Matthias: otherwise the
requirements for a plug in would be different than a user
agent
... we will engineer the text a bit more on the list
... Alan to scope down to specific sections
<jmayer> -q
Matthias: I would like to hand
this over to Peter
... someone to scribe for second half?
<npdoty> Marc_, can you scribe?
<npdoty> efelten, can you scribe?
<fielding> I will
<npdoty> scribenick: fielding
<efelten> Sorry, I'm walking around. Can't scribe.
<jmayer> I'm not sure why the requirements on extensions should be the same as the requirements for a browser. We should discuss on the list.
peter: talk about June draft, but first a couple things about databases
… in last week, incredible media coverage about building databases (NSA)
<npdoty> ... concern from a former federal prosecutor that interest in ad-related databases may grow
<Chris_IAB> peterswire, with all respect, I question if your offering this analysis is appropriate?
… this whole area could be the subject of intense government interest in the days forward
<npdoty> ... as in the location example, law enforcement, a couple of individuals learn about the use of a technology, and then spread through training / education in that community
peter: how we got to the June draft
<npdoty> ... currently a national and international conversation, society-wide discussion
<jmayer> +q
peter: we are on a tight deadline, there are a lot of interdependencies between the two drafts. In order to make progress, I have been working with W3C staff to come up with a new summary draft that is a clean text close to discussion at F2F
<npdoty> june draft link: http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance-june.html
… effort in the June text is to have a shorter, cleaner, easier to read overall document that selects the options that have more overall support from the group
<npdoty> peter's email: http://lists.w3.org/Archives/Public/public-tracking/2013Jun/0031.html
… erred a little bit on getting this out to you as quickly as possible
<jmayer> Would add that DNI Clapper's strange definition of "collection" has received substantial public criticism. And yet, it's precisely the notion of "collection" that some participants have frequently advanced in this group.
… the goal is to have an overall package for review to see if this is within the ballpark of what the WG can live with
… it hasn't been clear what the group's understanding on timing of compliance … when the group expects that compliance will take effect
aleecia: there was a discussion of a testing flag … when companies assert compliance they will send something other than the test flag
… dsinger raised the issue that we might need something along the lines of versioning to indicate which version of DNT they are testing/complying to
<jmayer> +q
peter: has there been any sense that there is an expected timeline for companies to comply?
aleecia: no, companies have a choice to comply and can adopt the compliance in a timeline accordingly
<jmayer> Once again cut off by group leadership. Joy.
<aleecia> (if there's anyone who disagrees with the model that companies assert compliance when they are ready, I'd be curious to hear why; I think this one is pretty straight-forward)
<WileyS> Aleecia, agree with you.
<WileyS> Thomas, Rob V. and I have more detailed draft text on de-identification - will post soon.
peter: third topic is deidentification and three-state process red/yellow/green
… that process surfaced more issues about transition between states
<WileyS> Would suggest we use DAA de-identification language as the base - not FTC
… in light of those discussions, june draft returns to language close to the FTC language where you are one side of de-id line or the other
<WileyS> +1 to Rob - not sure why this wasn't reflected either
<rvaneijk> Definition choice is very cirical, suggestion to follow daa de-identification language must be dicsussed on the list first.
… also under part 3, there were retention limits on data … after consulting with tlr, june draft did not include those
<WileyS> Rob - agreed - we should put both up for discussion (FTC and DAA) - they're close so a hybrid should be possible.
<justin> rvaneijk, wileys, It's just the chair's proposal. There are lots of other proposals that aren't included. It's an effort to pick from among all the various options in the current editors' draft (and others).
<Chris_IAB> +1 to rvaneijk comment above
… language of UIDs was added to june draft as well
<Chris_IAB> peterswire, where is this coming from?
<Chris_IAB> peterswire, are you saying that you feel the June draft is not sufficient? I'm confused-- need clarification
… june draft contains data minimization language from the draft framework with new language on not relying on UIDs if alternatives are available
<jmayer> +q
<WileyS> Peter - this appears to miss everyones conversation in Sunnyvale (unique IDs)
<Chris_IAB> did we reference the FTC de-id language in the June draft?
<WileyS> Chris, Peter did - not "we"
… there are certain places where folks on the consumer privacy side have not got what they asked for, and places where industry has not got what they asked for
<jmayer> -q
… for example, Vinay asked on the list about "only" in the service provider text, we welcome more such input on the mailing list
… there may be other areas where the drafting group did not find text that matched where the WG views seemed to have some form of consensus, so looking for more text along those lines
… next Wed will be a much more organized review, issue by issue
<jmayer> +q
Peter: that's a mouthful, now ready to open q
<aleecia> jonathan, partly breaking up; hard to hear
<npdoty> jmayer, I can't hear you
jmayer: I am uncomfortable with the process of work here. This is the third unilateral document that has been brought to the WG [broken up]
<aleecia> losing you again
<Brooks> still can't hear
<Brooks> now audible
<justin> I am uncomfortable with the complaining about discomfort. The group has tried and failed for 2+ years to generate consensus. This was a good faith effort to identify a potential path toward consensus. I appreciate the chairs and W3C staff iterating to try to drive this forward.
… the first was a discussion framework, then an end of meeting summary, and those docs were pitched as having no decision impact
<Chris_IAB> can't hear
<npdoty> I think jmayer's three documents are: draft framework, post-meeting consensus action summary, June draft
<aleecia> silence
<WileyS> Hard to follow - is the conversation broken up for everyone else?
<johnsimpson> can't hear
<Joanne> yes Shane. can't hear him
… subsequently, both documents have been used as a description of the WG's work rather than proposals
<npdoty> ... not a political body, but a technical body, should work in a more transparent way, get back to that
… I am not willing to work this way. This is not a political process where behind the scenes negotiation determines what is in the document. This is supposed to be a public process where input is in the working group forums.
<aleecia> +1
johnsimpson: [scribe missed]
<npdoty> johnsimpson: concern about lack of non-normative text
<npdoty> ... need text to explain what the normative text means, and as in the de-identified discussion, lack of non-normative agreement can sometimes paper over gaps / lack of agreement
<johnsimpson> I expressed my concern about the lack of non-normative text. You need use cases and explanation of what text means...
<aleecia> uh.
peter: I understand that folks have concern, but this is an attempt by the chair and the W3C staff to find a path of convergence
<jmayer> Justin, if we don't have consensus, so be it. But that's no excuse for short-cutting the transparent processes.
<rvaneijk> sudden end of the meeting...
<WileyS> Guess the call is now over. :-)
<jmayer> That was abrupt.
<aleecia> wow, ok
<rvaneijk> strange process..
<Chapell> wait - what happened?
<Chris_IAB> Wiley, lol
<justin> jmayer, I don't see how putting forward a proposal isn't a transparent process.
<aleecia> do we have a process forward?
<npdoty> ... continue on mailing list and on call next wednesday
<rvaneijk> no,
<WileyS> Have a great day everyone. L8R
<peterswire> there were no more comments on the list, and that's why we ended
<aleecia> is there a time in which comments are due, and if so at what level?
<johnsimpson> there was nobody in sparkers queue so call was ended
john, can you place your comment in IRC?
<Chris_IAB> justin, I think jmayer's concern is that it's the only proposal getting to move forward...
<Chapell> I was under the impression that we might open up to more specific questions about the proposal(?)
<johnsimpson> roy it's there. Nick put it in too
<Chris_IAB> Chapell, you would be wrong
thanks
<Chapell> perhaps that's for next week?
<jmayer> Exactly, Chris. We agree!
<johnsimpson> thanks for scribing Roy
This is scribe.perl Revision: 1.138 of Date: 2013-04-25 13:59:11 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Succeeded: s/their/they're/ Succeeded: s/uncomfrotable/uncomfortable/ Found ScribeNick: Yianni Found ScribeNick: fielding Inferring Scribes: Yianni, fielding Scribes: Yianni, fielding ScribeNicks: Yianni, fielding WARNING: No "Present: ... " found! Possibly Present: Alan Ari BillScannell Brooks Chapell ChrisPedigoOPA Chris_IAB David_MacMillan JC Joanne Jonathan Justin Marc_ Mike Nick Peter Polonetsky Richard_comScore Shane WaltMichel WileyS Yianni adrianba aerber aleecia cOlsen dnt dwainberg eberkower efelten fielding hefferjr hwest jackhobaugh jmayer johnsimpson joined kj kj_ kulick left matthias mecallahan moneill2 npdoty paulohm peter-4As peterswire phildpearce rvaneijk schunter scribenick trackbot vinay vincent You can indicate people for the Present list like this: <dbooth> Present: dbooth jonathan mary <dbooth> Present+ amy Regrets: rigo wseltzer tlr dsinger Found Date: 12 Jun 2013 Guessing minutes URL: http://www.w3.org/2013/06/12-dnt-minutes.html People with action items: wiley[End of scribe.perl diagnostic output]