W3C

- DRAFT -

Tracking Protection Working Group Teleconference

24 Apr 2017

See also: IRC log

Attendees

Present
Bert, fielding, schunter, dsinger, wseltzer, walter, adrianba, hadleybeeman, mkwst, wileys
Regrets
David, Singer
Chair
schunter
Scribe
aleecia

Contents


schunter asks: is shane back? answer seems to be no.

<rvaneijk> Screenshots sent to the mailing list: https://lists.w3.org/Archives/Public/public-tracking/2017Apr/0035.html

schunter: discuss content & tech resolution. next step is texts and (?)
... 30 minutes, quick discussion of what changes and why
... then we discuss accept the change or not
... can go through call for objects process again
... any ?
... hearing none, gets started.

rvaneijk: can be heard :-)
... using screenshots seen dlist
... makes it easier to distringuish resources and legal grounds
... looked at two groups of actors. first, Rubicon, real time with network partners
... central Rubicon in big yellow, surrounded by nodes in the ad exchange
... in disucssion, would they rely on consent or not? come back to.
... the nodes that are still yellow in the center, resources that through referer header are pulled in and lead to analytics data for the ad exchange network
... header relations between resource and where the js is called from, originally a referer header or a location hearder if the request was redirected
... any ? on the rep of the image?

(trying to find it still!)

rvaneijk, same graph but different group of actors

Rubicon is now in grey, the other nodes in green

rvanejik, API call with UID sent to sync unique id in background, which is the rubicon ad exchange in real time

scribe: the cookie synching allows trading of uid’s.
... core of the arguement is here, around legal grounds.
... calling for specific information in the tracking status resource to distinguist different type of actors
... have the controler array to identify itself
... same party array, all resources could be listed if there’s an agreement signed or resources owned by controller itself (if you host on amazon type of resource (?)
... calling for: try to differentiate. out of band consent is important, can call for persmission for all parties as out-of-bad-consent
... but the networks are not listed on the publisher’s network and cannot rely on the out-of-band-consent of the publisher
... propose distinugishing between parties that are needed to make the real time ad exchange work, and parties that are not
... what is the extent of control of the publisher, do they have an agreement. or these resources are themselves (different)
... would help transparency
... will help parties that cannot rely on out of band consent
... proposal: enhance status resource with new, “other party” (name tbd) to enable publisher to list all resources they can identify that they want to ask for consent from user

?: can you explain in a transaction, how to distinguish between site=wide and (?)

rvaneijk: publisher identifies all the resources, all the nodes. Mike’s example of LA Times, 335 resources

<schunter> 3 tiers of parties: same-party, new website-helpers, and everyone else.

Shane: 300 listed in Yahoo’s privacy center, can have contracts with that many parties. i think you’re trying to state a site-wide exception cannot exist, disagree. how does a UA distinguish between your case and site-wide?
... not listed as same party, since they’re 3rd party. does not require all 3rd parties be enumerated.
... would be those domains under publisher’s (?)

rob: in EU need to enumerate. makes it hard to automate.

shane: not a requirement by law. this is only one technical option and could Break The Entire Standard

rob: trying to improve over cookie wall

shane: consent is the same as a cookie wall. not all publishers can identify all actors

(cannot tpe as fast at they can argue)

shane: a publisher *can* know 3rd parties and this proposal breaks that

rob: transparency not control. additional object, why would it break the model

schunter: echo

<wileys> This list can be accomplilshed MANY ways

<wileys> Does not require DNT to support this outcome

schunter: rob is saying, he believes under EU law you have to list everyone who’s collecting data. Shane, saying no, stie-wide exception is enough. Rob is saying we can implement both options.
... everybody who’s not a first party is still getting data should be listed

Shane: saying, how does the browser manage this?
... if a publisher says, i have a site-wide exception, provides in the TSR and does not fill out Rob’s field, what does the UA do? is this an optional field, and if optional, how does a browser handle populated or not? Rob is attempting to push more requirements on the browser and trying to avoid that

schunter: anything the browser should do with this or just record it?

<wileys> But that is for the browser to decide - not Rob

rob: browser discussion leads to ad blocking. one hand, browser not block anything. other hand, block everything except what’s consented. middle ground between ad blocking options is a consent-based middle ground that DNT can address
... browsers handling this info is out of scope for us. providing this info allows browsers to not break (ad networks?)

<wileys> +q

rob: in order to let programatic ads survive rather than be blocked by default, this missing property allows browsers to

schunter: same party gets DNT:1 everyone else blocked, but with additional field those guys not blocked because friends of the publisher, so get special treatment

wileys: confounding two topics. ad blocking would not occur if all parties have consent or valid processing basis, but that’s not true.
... on the issue of allowing a transaction to occur, if a publisher states site-wide exception, they understand the expanse of that permission, browser should do nothing more than register when the exception occurred. can confirm after to make sure contracts and lists in place, but all browser does is send dnt:0 for the same-party domain
... this is how we developed the standard.

schunter: let’s keep ad blocking out now.
... browser can only send dnt:0 for everything listed in same party area and the like

wileys: and all parties under, all domains under xyz.com should get a dnt:0 if registered a site-wide exception. that’s how we built it to date.

schunter: i think rob doesn’t want to change that. if not sub-sites of yahoo, like the rubicon thing, the other nodes would not get a dnt:0

wileys: but my list could be on a web page.
... should be all domains under those registered under the first party domain

schunter: but then who they are is unknown

wileys: no requirement to list, is over-loading the TSR
... could manage in our privacy centers, the well-known location could hold this. attempting to make it machine readable.
... some are www.adnetwork.com or adnetwork2.com, we’d have to list *all* of those on Rob’s proposal. if a domain is not listed, the brwoser should send dnt:1 even though a site-wide exception have been issued for the parent domain
... ask the browser, or the publisher needs to ask the end user, trying to udnerstand the full scope of interactions in Rob’s structure, breaks many of the conventions we agreed upon

rob: site-wide exception only goes as far as the parties can be identified up front, or else it’s a wild card
... for unknown puposes
... legal consent for ePriv (won’t allow that)

<fielding> I thought our goal was to move the specificaton closer to actual implementations. It sounds to me like folks want to start over with a new API and a completely different consent mechanism based on imagined implementations. I won't argue that either is a better way forward, but I will argue that we can't do the latter on this schedule.

rob: if there are restrictions on site-wide limitations, if that could lead to compliance we wouldn’t need this discussion. but most publishers cannot identify all parties up front. and yes, browser needs to decide, can be conversation with user or automatically.
... ability to express consent through browser settings is long established
... dnt can do so much better than current cookie settings of 1st or 3rd party, doesn’t help publisher either

wileys: have ability to manage individual cookies.
... you didn’t rebuke anything i’ve stated.
... pushes the browser into a legal position to arbitrate valid consent or not

schunter: not so clear, Shane you believe site-wide consent is dnt:0 goes to everything on yahoo.com?

wileys: everything underneath gets dnt:0, on purpose, today
... requirement to list all 1st party, so yimg.net would be on our first party list. if user grants, yahoo takes on the legal responsibility that we request and record that exception, any 3rd parties we have relationships. Rob presumes websites are unable to do this so he’s adding a new option, but we’d break how the TPE works today for a presumed problem (that Shane disagrees exists)
... there are many other solutions v programatically - trying to make 3rd party lists machine readable to put browsers in the

schunter: don’t see how it breaks anything when it’s informational. don’t agrree with your argument

shane: but if people populate it, then you put the browser in that position

schunter: don’t think so. let’s do call for objections,

? : annoyed by how this is being chaired

<wileys> Please speak

scribe: ignoring the queue
... shane saying outragous things about EU law

<wileys> Go ahead Walter

Walter: a few things. Shane is right about TPE so far, but that is because TPE so far is (unclear?)
... site-wide exception makes perfect sense if server believes in permission before hand

<wileys> That was why the site-wide exception was built in the first place - 1st parties themselves are not subject to DNT!

Walter: not out-of-band consent but specific permission needs specific consent (eu law)
... fields that Rob proposes are a useful fit.

<wileys> Walter - you are incorrect - 1st parties are not subject to DNT - they do not need consent on their own

Walter: two cases, DNT for active consent, or a server with opt out on dnt:1 and why the server thinks it has an opt out

<wileys> We REALLY need a web browser vendor on the call

Walter: annoyed by the idea that browsers aren’t intermediaries, user chooses the browser. they provide infrastructure but not a part of the — ?

wileys: Walter wasn’t here at the start, DNT is for 3rd parties (aleecia notes: this is not true)

?: first party was always a compliance spec things

wileys: site-wide exceptions were created to cover 1st parties 3rd parties.
... we’ve forgotten the purpose of a site-wide exception
... the responsibility of the 1st party is to have necessary mechanisms in place before they register a site-wide exception

<schunter> I have to leave 5min earlier.

wileys: once we introduce this next level of enumeration, keep your 3rd party list up to date in your TSR, even though you might have another party keeping your list of 3rd parties. yahoo lists an ad exchange lists all of their clients
... to get consent, give a link to the ad exchange, not this new overhead of managed lists that i don’t own

? … when talking about consent for technical means, something specific, by extension you as a publisher want to prove after that there’s a trail

<schunter> Walter: Consent will be required to be specific (=well-defined list of sites).

scribe: can’t see how i can square specific consent with “using this ad exchange” for all the site-wide exceptions
... this is not actual consent

shane: now we disagree on specificity, limits on use, there are other ways to gain that consent. let the court’s decide. can’t presume the outcome and force the standard

schunter: we aren’t going to reach consensus in 5 minutes. call for objections as usual.
... don’t see doing another few calls since we are not converging

shane: gone for 3 weeks, on honeymoon, could get further with conversation but missed calls. i’m the only person on this call representing industry
... only folks on the call are consuemr advocates and regulators

(apple????)

(adobe???)

<fielding> TPE is concerned with tracking, not parties; a first-party that uses tracking data is still subject to the DNT request, though they might ignore or limit the scope of DNT if the service being requested is expected by the user to involve tracking data.

shane: ok, but they’re not ad side for other industry voices (in response to my mention of other cos)
... little nervous where it’s very lopsided, lacks balance, trying to reestablish balance. mean no disrespect
... would rather more discussion, rather than call for objections
... will get other voices to participate

walter: train here, must go
... suggests more on the dlist

<fielding> I am trying to stay editor-neutral, but I do represent Adobe here. I just don't have the background to know how Adobe's various products will implement DNT.

schunter: ok, one more week

rvaneijk: we announced the call on the list, members who are dormant can participate and know
... we have process of announcement, allows everyone to speak if they want to

schunter: see Shane’s point he wasn’t here. if no consenus by one more week, will do call for objections

Roy: prepare text first, then we can discuss the texts

(+1 on that from me)

schunter: good point
... tracking status resource, sites have other parties, optional. don’t want to specify what browsers do.

<wileys> Correct

schunter: Shane’s proposal not to change the spec with additional fields

<wileys> Walter has me nervous to speak up now

<wileys> :-)

schunter: two options, Rob, please send text for your proposal

<rvaneijk> ok

schunter: no change is easy to write up :-)

<walter> wileys: Heh, I wish I had that power. But no, it wasn't about you.

Shane — CONGRATULATIONS!

<walter> oh, yes, that too!

I hope you had a great honeymoon!

<schunter> Issue 35: Summary by Aleecia

<walter> To give users the ability to see what they agree to

<walter> One is to give the delta of what changes between dnt:0 and dnt:1

<schunter> Suggest a way to find a user-readable description of what users consent to.

<walter> The other is to explain both dnt:0 and dnt:1

<walter> The idea is to have some hook in the text

<wileys> DNT:0 = Privacy Policy — DNT:1 = Statement of what stops

<wileys> I’m fine with this proposal on “what changes” under DNT:1 as a human readable (not machine) element

<fielding> My understanding of the (Adobe) legal perspective is that we can only have one set of instructions that describes what we do in each case. Showing different text to different users is NOT an option.

<walter> I'm in favour of treating DNT:0 rather differently from DNT:1

<walter> they are too different

<walter> Matthias would like to push this out to the next release

<walter> aleecia thinks it makes more sense to deal with this now

<walter> Because we don't have a baseline

<walter> People need to know what they are agreeing to

<walter> This is the fallout of not having a compliance spec

<walter> Roy feels no difference between having a compliance spec or not

<walter> Aleecia wants to prevent a billion pop-ups

<walter> Consensus on a very low burden to do this

<walter> Matthias: so what you're suggesting is a best practice?

<walter> aleecia: not even related to multiple compliance specs, it is that the user should understand what changes

<fielding> I meant that we have a Compliance array to provide a reference to how the site will comply to DNT. And we have a policy member that points to the text-for-all-cases.

<wileys> Pop-ups are going to occur no matter what now - and will likely be more of a burden for users under ePR

<walter> will do so, then

<walter> bye!

<fielding> scribe: aleecia

<fielding> trackbot, status

<fielding> trackbot, end meeting

Summary of Action Items

Summary of Resolutions

[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.152 (CVS log)
$Date: 2017/04/24 17:06:39 $

Scribe.perl diagnostic output

[Delete this section before finalizing the minutes.]
This is scribe.perl Revision: 1.152  of Date: 2017/02/06 11:04:15  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00)

Succeeded: s/ teh / the /
Succeeded: s/stie/site/
Default Present: Bert, fielding, schunter, dsinger, wseltzer, walter, adrianba, hadleybeeman, mkwst, wileys

WARNING: Replacing previous Present list. (Old list: Bert, fielding, schunter, dsinger, wseltzer, walter, adrianba, hadleybeeman, mkwst, swiley, moneill, rvaneijk, aleecia, wileys)
Use 'Present+ ... ' if you meant to add people without replacing the list,
such as: <dbooth> Present+ Bert, fielding, schunter, dsinger, wseltzer, walter, adrianba, hadleybeeman, mkwst, wileys

Present: Bert fielding schunter dsinger wseltzer walter adrianba hadleybeeman mkwst wileys
Regrets: David Singer
Found Scribe: aleecia

WARNING: No "Topic:" lines found.

Found Date: 24 Apr 2017
Guessing minutes URL: http://www.w3.org/2017/04/24-dnt-minutes.html
People with action items: 

WARNING: Input appears to use implicit continuation lines.
You may need the "-implicitContinuations" option.


WARNING: No "Topic: ..." lines found!  
Resulting HTML may have an empty (invalid) <ol>...</ol>.

Explanation: "Topic: ..." lines are used to indicate the start of 
new discussion topics or agenda items, such as:
<dbooth> Topic: Review of Amy's report


[End of scribe.perl diagnostic output]