Tracking Protection Working Group Charter

The mission of the Tracking Protection Working Group is to improve user privacy and user control by defining mechanisms for expressing user preferences around Web tracking.

Join the Tracking Protection Working Group.

Start date 26 January 2017
End date 31 December 2017
Charter extension See Change History.
Chairs Carl Cargill, Adobe
Matthias Schunter, Intel
Team Contacts Bert Bos, (0.1 FTE)
Meeting Schedule Teleconferences: as needed
Face-to-face: face-to-face meetings may be scheduled by consent of the participants, usually no more than 1-2 per year.

Scope

The Working Group will produce a Recommendation-track specification for a simple machine-readable preference expression mechanism ("Do Not Track"). The goal is to allow users to selectively opt-in or opt-out of web tracking. This mechanism is documented in our Candidate Recommendation on “Tracking Preference Expression (TPE)” that defines mechanisms for user agents to express a general tracking preference, defines tracking status resources that allow web-sites to explain their tracking behavior to users, and provides a mechanism for users to manage site specific and broader exceptions.

The Working Group will continue Recommendation-track focus work on the TPE specification: an HTTP header to signal the preference and a site's response, and the use of an ECMAScript API or DOM property for the same purpose.

A main focus for the extended implementation phase (until Summer 2017) is to demonstrate the viability of TPE to address the requirements for managing cookie and tracking consent that satisfies the requirements of EU privacy legislation.

The working group does not plan to prescribe a specific approach/policy for web-sites to respect a user’s preference. We will continue to collect feedback and implementation experience of the Tracking Compliance and Scope (TCS) that is currently in Candidate Recommendation state. If we perceive a sufficient implementation support for TCS, we may later decide to advance it to Recommendation status.

The group will actively engage governmental, industry, academic and advocacy organizations to seek global consensus. The Working Group may investigate monitoring of implementation and conformance to Recommendations by both user agents and Web sites.

Out of Scope

The following features are out of scope, and will not be addressed by this Working group.

While guidelines that define the user experience or user interface may be useful (and within scope), the Working Group will not specify the exact presentation to the user.

The group does not plan to explore the extent to which compliance specifications have a common basis or provide a comparative assessment of example compliance options.

The Working Group will not design mechanisms for the expression of complex or general-purpose policy statements.

Success Criteria

  • Production of stable Recommendation-track specification for the Tracking Preference Expression (TPE). The TPE may require to be extended by the minimally required definitions of TCS to be self-contained.
  • The revised TPE will be aligned with the emerging EU privacy regulations and other proposed compliance documents.
  • Stretch Goal: Demonstrate how the TPE can help web-sites to achieve privacy compliance in the EU.
  • Stretch Goal: Endorsement of the proposed use of TPE to simplify compliance by some EU regulators.
  • Each specification should contain a section detailing any known security or privacy implications for implementers, Web authors, and end users.

Deliverables

More detailed milestones and updated publication schedules are available on the group publication status page.

Draft state indicates the state of the deliverable at the time of the charter approval. Expected completion indicates when the deliverable is projected to become a Recommendation, or otherwise reach a stable state.

Normative Specifications

The Working Group will deliver the following W3C normative specification:

Tracking Preference Expression (Do Not Track)

This specification defines the technical mechanisms for expressing a Do Not Track preference, for example as an HTTP header or a DOM property. It may include mechanisms for sites to signal whether and how they honor this preference.

Draft state: Candidate Recommendation

Expected completion: Q3 2017

The Working Group may deliver the following W3C normative specification:

Tracking Compliance and Scope (TCS)

This specification defines a set of practices for compliance with a user's Do Not Track (DNT) tracking preference to which a server may claim adherence.

Draft state: Candidate Recommendation

Other Deliverables

Other non-normative documents may be created such as:

  • Implementation reports for TPE that document how TPE can be used in practice. A particular focus is to demonstrate how using TPE could help companies to comply with EU privacy regulations;
  • Test suite and implementation report for the specifications or reports evaluating compliance;
  • Guides for implementation and compliance by user agents and Web sites.

Timeline

  • April 2017: CR update for TPE
  • August 2017: REC for TPE
  • August 2017: CR Update for TCS

Coordination

For all specifications, this Working Group will seek horizontal review for accessibility, internationalization, performance, privacy, and security with the relevant Working and Interest Groups, and with the TAG. Invitation for review must be issued during each major standards-track document transition, including FPWD and CR, and should be issued when major changes occur in a specification.

Additional technical coordination with the following Groups will be made, per the W3C Process Document:

W3C Groups

Accessible Platform Architectures Working Group
This Group ensures W3C specifications provide support for accessibility to people with disabilities.
Privacy Interest Group (PING)
Since the TPWG is explicitly addressing privacy, the group will work closely with the Privacy Interest Group.
Web Application Security Working Group
The TPWG may use recommendations of this group for protecting tracking status resources.

External Organizations

Article 29 Working Party
This Group was set up under the Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
IETF Applications Area and Privacy Directorate
Review of HTTP header additions and privacy implications.

The task force working on defining tracking will actively seek collaboration with external groups including: government regulators in the US, EU and other jurisdictions, existing industry self-regulatory programs, consumer protection advocacy organizations and academics.

Participation

To be successful, this Working Group is expected to have 6 or more active participants for its duration, including representatives from the key implementors of this specification, and active Editors and Test Leads for each specification. The Chairs, specification Editors, and Test Leads are expected to contribute half of a day per week towards the Working Group. There is no minimum requirement for other Participants.

The group encourages questions, comments and issues on its public mailing lists and document repositories, as described in Communication.

The group also welcomes non-Members to contribute technical submissions for consideration upon their agreement to the terms of the W3C Patent Policy.

Communication

Technical discussions for this Working Group are conducted in public: the meeting minutes from teleconference and face-to-face meetings will be archived for public review, and technical discussions and issue tracking will be conducted in a manner that can be both read and written to by the general public. Working Drafts and Editor's Drafts of specifications will be developed on a public repository, and may permit direct public contribution requests. The meetings themselves are not open to public participation, however.

Information about the group (including details about deliverables, issues, actions, status, participants, and meetings) will be available from the Tracking Protection Working Group home page.

Most Tracking Protection Working Group teleconferences will focus on discussion of particular specifications, and will be conducted on an as-needed basis.

This group primarily conducts its technical work on the public mailing list public-tracking@w3.org (archive) and GitHub. The public is invited to review, discuss and contribute to this work.

The group may use a Member-confidential mailing list for administrative purposes and, at the discretion of the Chairs and members of the group, for member-only discussions in special cases when a participant requests such a discussion.

Decision Policy

This group will seek to make decisions through consensus and due process, per the W3C Process Document (section 3.3). When the Chair puts a question and observes dissent, after due consideration of different opinions, the Chair should record a decision (possibly after a formal vote) and any objections, and move on.

The group has adopted a detailed decision policy that determines consensus by carefully selecting the proposed alternative with the “least substantiated objections”.

All decisions made by the group should be considered resolved unless and until new information becomes available, or unless reopened at the discretion of the Chairs or the Director.

This charter is written in accordance with the W3C Process Document (Section 3.4, Votes), and includes no voting procedures beyond what the Process Document requires.

Patent Policy

This Working Group operates under the W3C Patent Policy (5 February 2004 Version). To promote the widest adoption of Web standards, W3C seeks to issue Recommendations that can be implemented, according to this policy, on a Royalty-Free basis. For more information about disclosure obligations for this group, please see the W3C Patent Policy Implementation.

Licensing

This Working Group will use the W3C Document license for all its deliverables.

About this Charter

This charter has been created according to section 5.2 of the Process Document. In the event of a conflict between this document or the provisions of any charter and the W3C Process, the W3C Process shall take precedence.

Charter History

The following table lists details of all changes from the initial charter, per the W3C Process Document (section 5.2.3):

Charter Period Start Date End Date Changes
Initial Charter 2011-09-08 2012-07-31 N/A
Charter Extension 2014-04-30 none
Charter Extension 2015-12-31 none
Charter Extension 2016-12-31 none
New Charter 2017-01-26 2017-12-31

Refocused on TPE and EU compliance.