Meeting minutes
<gendler> presnet+
Wendy: I see James here; if you or colleagues want to screen share, hope you're all set
James: We're ready when you are
Wendy: We'll wait a minute more for people to join
Wendy: Today's agenda we have agenda curation and introductions
… a presentation on SWAN.community
… Also call attention to an issue raised by Aram on the list
… use cases around direct sales, alternative bid structures...etc.
… call your attention to the dashboard and any other business
… any introductions from new participants who are joining call for first time and who would like to introduce themselves?
Nate: Software engineer from Facebook
Boaz Super: I work for Epsilon
Agenda-curation, introductions
Wendy: any other agenda curation or other business to draw to our attention?
ArnaudB: Just sent an email a few seconds ago
… before we go onto the discussion points
… It would be helpful to touch up on the delays on the FLEDGE origin trial
… would be nice to have some first-hand updates
Wendy: Thanks, Arnaud; that sounds like any other business
… I suggest we go through agenda and the scheduled presentation and then give people time to read your email to offer a response
SWAN.community, https://swan.community/
ArnaudB: just one sentence; ok
Wendy: Make sure we get time James has asked for to talk about the SWAN.community proposal
… I see lots of communications going on in Github repository
<wseltzer> https://
Wendy: And you have some material to share; James, the floor is yours
James: What we're going to do
… in next half hour is talk through the thought process, talk about SWAN to store balance to the web
… conceptual thought behind SWAN; not just engineering
… ultimately we are trying to store trust in the web
… and improve advertising overall
… that picture on the right is the trustworthy icon
… SWAN is a group of people who care passionately about the web
… come from multiple disciplines
… engineers, lawyers, etc. [people on slide]
… we looked at history and utility layer of web
… where cookie sits today; for identifiers and preferences
… doesn't contain features around access control and transparency
… SWAN seeks to introduce a different utility to the web
… like domain names; a utility
… SWAN seeks to address issues around access, transparency with cookies
… it involves many disciplines
… We agree we want to improve people's privacy
… build trust
… but today solutions seem to be paternalistic 'browser knows best'
… or on centralized control, not utility
… confusion, frustration and stress prevails as time marches on
… We seek solutions
… stop playing "Jenga" game
… turn into something boring that sits in the background and allows us to move
… We thought about centralization and many issues there
… where we put things in web browser
… where there is a single admin, domain or register
… how does my organization become 'the one"
… or there could be abuse, tax effects
… we have a standoff that is pervading the industry
… including laws and economics and the arts
… Centralized solutions often combine governance functions
… where others separate the two
… governance might vary by geography
… everything I'm talking about is not a new problem
… may be some time to experience travel, but when we book a flight
… we don't know who built the plane, who the air traffic controllers are
… but there is only one sky, one airport
… common resources
… we don't require them to have an aviation map knowledge complexity
… we have this common resource of the sky
… a fantastic technology
… when you compare digital advertising to commercial aviation market
… digital ad spend will be greater in 2021 than aviation spend
… Looking back in history, pictures of SE England
… common lands used in centuries gone by
… to farm animals
… and on right, there are fences
… and the tragedy of the commons is loss of these resources
… Common pool resource (CPR) have eight principles, according to Ostrom
… that we have considered in building SWAN
… SWAN Key Features [slide]
… separate operation from admin; common rules for operators
… conceptual background
… now going through the implementation
… if you want to look at JS you can look at it
… I'm using Edge [browser] in private browsing mode
<wseltzer> [visiting new-pork-limes.uk]
James: accessing SWAN before going to the CMP
… two pieces of info
… one is the secure web ID, just like identifier in connected TVs
… cannot delete it
… in a private browsing session, stored in a cookie
… we also have the personalized marketing checkbox
… I click update and information is stored in SWAN again and we return to publisher
… we create an identifier
… we go across to publisher
… for most publishers, looking user experience
… providing that global platform, people get to content sooner
… don't see splash screen coming up for every publisher
… but publisher decides if SWAN data meets their requirements
… We've seen that through binary nav of browser
… go to popup site
… see dialogue in popup window
… same info and identifier there
… or go to this publisher Biscuit News
… third party cookies being used in this browser
… so not seeing change in primary navigation
… we have these features...identifiers, personalized information
… as I hover over, this is the secure identifier; we can see domain that created it and the date created
… this is also signed in the background
… and it definitely came from this org
… CMP is cryptographically embedded
… going back to user interface
… we did not require any directly personal information
… where solutions like unified ID come in
… I enter email address and some icons come up
… I select four icons and click update
… that info is used by the SWAN solution to create the secure identifier
… update preferences
… choose a different set of icons
… and that identifier is going to change
… if I go back and change it again, we'll go back to original value
… we can capture an email address and respect the right to be forgotten
… email is generated, contains a link
… so we have an element of cross-device to support through signed in identifier
… I talked about transparency
… see a list of suppliers in the advert
… see four orgs involved
… publisher at bottom of list
… and we can verify that each publisher did sign the transaction and each sig is still valid
… could open email to exercise rights if I felt I'd been harmed
… or if that org had not respected personalization rule
… we can also click on advert and see more technical info
… see that winning supply chain
… and see full list
… each is 77bytes to store all the info
… with a supply chain of 1,000, we would have 77K
… we're looking at what info needs to be given to the browser
… and what needs to be given for inspection
… Key to all of this is the route part
… and that tree effectively we could represent programmatic advertising through
… ID, domain that created the request, signature to verify that it came from domain, and the secure web identifier
… the domain creating it, the CMP if we were to rely on it
… you cannot get preference for on/off
… we can see hash of email with icons and who created and when
… and can see other info about the placement of the add, all coming from the offer ID
… finally, coming back to icon
… they want to know that information
… people being annoyed could express the view; and click stop this ad and it's written back to SWAN
… code and development...
… takes us back to stop that advert from coming back again
… That is the demo, the key bits
… we have four webinars on engineering, privacy, governance
… to know more, come to the webinar; everything is open source
… raise issues; all the usual options are open to you
… What we have seen there
… and we are grateful to Matthew Parris for providing this quote
… [quote on slide]
… connected to the zeitgeist
… there is a hole left in the utility layer of the web by removing cookie
… SWAN is bringing that piece back in with privacy by design, using those identifiers
… it works no only with engineering
… what SWAN seeks to do with SWAN data is to introduce a model contract
… like with open source you have a 'take it or leave it' contract
… whether Mozilla or Apache
… team that works on this
… asked if they could apply same situation to data
… define what data means and how it can be used; end up with a problem
… we need a model contract for anyone who wants to use the data
… you have to accept the model terms to get the data
… Model terms is another presentation...running during the privacy presentation later this week
… If a party doesn't comply with model terms, then they are in breach
… they have 72 hours to rectify it
… tell other parties and address the problem
… with the 72 hour time period
… we're using contract law to create a binding set of terms
… SWAN operators have operator terms
… much like the airports
… cannot all take off within ten minutes of each other
… SWAN network would be a legal entity
… we have not decided on jurisdiction yet
… would mandate societal and community benefits over corporate objectives
… we want to respect those 8 principles from Elinor @
… purpose of providing user interface
… retrieval where raw info is addressed
… or personal marketing
… purely readable
… separate out
… SWAN doesn't have it's own user interface for use of data in advertising
… APIs...
… you would be getting the hash effect, the email
… and we've got the signature associated with that data
… to make it identifiable to the user and the whole ecosystem
… JSON...
… save on bytes
… try to keep as data friendly as possible
… some key considerations [slide]
… we have developed this in constant contact with government regulators, including UK and US
… following direction of travel and thought
… complies with GDPR and ePrivacy principles and the law
… enhances W3C security models
… balance the web so that smaller players can band together to compete with larger players
… there is a route to browser adoption and a new standard
… designed with standards in mind
… nothing exotic or new going on
… when it comes to other solutions
… there is a section on web site how we compare
… how we complement other solutions
… for example a publisher
… SWAN can sit on top of that; doesn't take away
… it's an optional AND not an OR
… for stakeholders, we want to build consent, trust
… publishers get full addressability
… user interfaces you can explain the value in words and ways you wish to present your brand
… advertisers get what they pay for
… we eliminiate publisher fraud
… web browsers get a simple solution to address primary problems around trust and privacy
… Today this is new
… no browser has embedded it yet
… SWAN designed so it could be a web standards
… another implementation could be within the web browser itself to give people the control they need
… if all browsers use, no need for the governance; except there is still the law and contract to provide access
… Timelines
… we are in consultation stage
… we have teams working on pre-bid
… expect something in May
… Publisher...[,missed]
… web dev can pick up quickly
… next stage is to create the governance organization
… have an early adopter stage
… no new legal issues; low-risk time frame
… key thing is model terms
… model can support lots of things as well
… contractual terms can be quite agnositic in terms of data
… reflecting on this
… be in one of these four categories
… one, want to support it and experiment with different things
… whole model is on continuous, iterative demos
… of course, do nothing, stay neutral
… or if you don't like it, express your opinions
… we'll be going to queue shortly
… thank you
Wendy: Thank you, James
… if there are slides to link to in the minutes, that would be great to augment
… we have a queue building
Aram: I'm going to put aside some obvious issues
… I did a test; doesn't work on Safari or Firefox
… and put aside the popups
… user experience concerns
… core implementation
… Idea here is that publisher site would pop up some user experience window
… that would cause user to go to a distribution node
… and send that to a redirection
… and a number of unknown sites
… let's say no bounding, let's say 100 different sites
… each sites attaches to third party cookie
[too fast]
… then decoded when returned to publisher site
… and first party context...uses that info to target ads
… I did not see what happens if any of those sites malfunctions
… what happens if redirect fails; or if site is slow
… what happens if any of sites go back on model terms and it's unknown to operators in the system
… the core proposal, user enters site, gets and ID
… is redirected to lots of sites
… is redirected
… and goes to publisher sites, but then is returned a cookie
… Just want to make sure that is correct and that is the proposal
James: No
… tried to make a note of the different points
… what you have is SWAN operators
… which are the orgs that run the domains that form the SWAN network
… it's those domains you see in the splash screen as data is shown
… thanks for reading
… we're suggesting about 100 domains
… in demo, 10 were used
… home node notion
… for each browser, there were be a node in the network, calculated from the IP of the browser
… when a write operation occurs, ten nodes are chosen
… when a read operation occurs, the home node is checked first
… if it sees data, that is used first
… only one node consulted in the demo
… because it confirmed current version of the data
… could be up to 100
… that is open to discussion for quality of service
… the network requires specific quality of service
… we have a come a long ways
… as part of being a SWAN network operators, quality of service is one of requirements
… for uptime, IT services
… all concrete implementations
… not embedded in browser; would be single @ in Edge environment
… that executable would be submitted for inspection
… Situation you observed with browser, we are in proof of concept stage
… we have Safari and Firefox devices that it is working with
… have to go back through and look at that
… Browser can use for a period of time; check with SWAN periodically
… For single hub, get what's captured in a compliant way
… getting it quickly without need to get the boxes
… the point Matthew Parris is making
… we think there is a lot of benefit there
… the contractual terms underpin everything
… user has to select the check box to enable the personalized marketing...with the secure identifier
Wendy: Aram, is that your question?
Aram: Just to dive into what you said
… I'm unclear whether that would break; random web sites break
… when user transitions from top level domains
… each would see that they have been to another domain
… and info is updated
James: every piece of info is time stamped to nearest 10-second time stamp across the web
… we think that's possible in the trials with JPC, @@
… so time signal is important
… most of time you will see single request
… not sure I fully understood the question
Aram: let's move on to others
<Zakim> kleber, you wanted to ask about browser policies against tracking
Michael_Kleber: one question I want to hear answer to
… you mentioned contractual terms associated with data
… seems like breach would be unobservable
… if you misuse data as a server
… and building large personal profiles that are contrary to some terms; how would anyone know this is happening?
… how would anyone know that and take action?
James: if that is happening, a harm will be being done to someone
… once that harm is detected, the audit process will bring that to light
… like any contract
… this is contract law and parties need to respect
… need to make clear parties receiving the data
… let's say parties build data into web browser and make data available for data analysis
<nlesko> A few q's since queue is long 1) Is "personalize marketing" applicable to all personalized experiences on a site or specific to advertising? Is it personalized marketing *on that site* or on all subsequent sites browsed? 2) As a user, do I have the option to opt in to personalization on the site I'm on without having to blanket / global opt-in? 3) Is the email capture specific to that publisher or is a user giving their email to all sites within[CUT]
James: all entities we would know cryptographically
… we know who the actors are; the supply chain is no longer opaque
<nlesko> 4) What information is accessible to the marketer or does the publisher control this through what they surface in the bid request?
James: if someone is doing something nefarious, that would result in a harm
… if they are not respecting the personalized marketing signal, for example
… the browser, other parties in ecosystem
… would be interested in this analysis and could detect where harm occurs
… using ML
… SWAN only works if you believe a contract can be entered into and enforced
… why we place equal emphasis on law and engineering
… so there is negative impact for nefarious actors
… we cannot eliminate crimes, there will be bad actors
Michael_Kleber: from browser POV
… is this proposal deliberately designed to circumvent
… technologically for the anti-tracking policies
… that many browsers have stated and that many are acting on
… the way info is passed around built into path of URLs, not URL parameters
… a targeted decision to circumvent Safari protections
… string of redirects using 200 instead of 300
… avoid detection by Apple's bad-actor detection things
… is this designed to circumvent what browsers are doing?
James: no, it's a user-focused solution
<joshua_koran> Is there an assumption that ALL supply chain vendors are bad actors?
James: used quote from Matthew Parris
<kleber> s/100 instead of 200/200s instead of 300s/
James: look at regulators...putting people at heart of solution
… respect laws with focus on GDPR
… that is what it's trying to do
… and make it as easy as poss for user
… with encryption, used that no one other than intended party can decrypt
… and make as seamless as possible
… don't really want to have
… some of you in Privacy CG
… where companies advise users to change settings
… we want to minimize that
… to erase adverts...person can stop that feature...
… give people choice and control
… we hope browser vendors will embrace it
… the physical is best we can do now
… would be better to have data storage subject to contract and audit
Wendy: Time is short, I have closed the queue
David: one thing I am curious about
… you may not have fully unpacked, something like TCF
<robin> I don't feel like kleber's question was answered?
David: work beginning to encompass a new policy domain like Canada
… a signaling scheme
… how will SWAN accommodate
… leaving aside the detail inside, how will it work with jurisdictions?
… user goes to a CA site
… you're cool with cookies, that's good enough
… then go to another jurisdiction
… say there was a uniform in EU
… different publishers
… may permit legit...
… how would publisher needs get accommodated
James: I would plug the privacy drop-in session
… go to SWAN.community/SWANEvents
… short answer is of course there will be different jurisdicitons
<wseltzer> https://
James: if you have a group of browsers in CA and publishers that work a certain way in CA
… there are different SWAN effects for diff jurisdictions
… or another way, is that a model contract talks about non-SWAN data
… personalized marketing has a strict meaning
… but you could capture another preference
… for CMPs we discussed the email addrses
… non-SWAN data that a publisher might want to capture and build on top of SWAN
… or indeed capture at same time as SWAN, why it doesn't have a specific user interface
… no reason why other data couldn't be included
… Publishers could put other data on top of it, so publisher feedback is very mportant
.Wendy: we have questions being put into irc as well
Ash: thanks for the presentation
… on your web site
… you state that SWAN enables the GPC vision
… struggling how it's possible for privacy control
… agree consent fatigue is an issue
… provide users with a global optout
… that doesn't collect additional info
… SWAN seems completely antithetical to optout without additional info
… seems like it circumvents browsers protections against tracking under guise of privacy control, especially since it requires revealing a persistent identifier in order to work
… saying that info can be used for permitted uses
… reading for example CCPA135x
[reads]
… compliance with optout and not for other uses
… I don't see how this would effectually...for consumers opting out
… that would transmit info and would be in violation of CCPA
… trying to reconcile it
… seems to be antithetical and amounts to privacy brainwashing
James: Two questions, so I'll plug the privacy webinar and talk to the lawyers
… we are predominately focused on GDPR rather than CCPA
… consultation period is to get a wider understanding
… like to speak further with you about CCPA as you are clearly knowledgeable
… these are discussion models...
… DNT and GPC not based on contracts
… SWAN is building on concepts by applying meaning and a contract
… problems with DNT and CCPA, seen to be a bad actor
… SWAN removes that ambiguity and gives people certainty
… to balance playing field
… enable things that don't harm people
… contract law protects people and gives them certainty
… I would love to pick up more on this
Ashkan: legally defined concepts
… for CA law; urge you not to use...
… if it's legal, it cannot be inspired by it; suggest you remove the language on your web site
Wendy: We are out of time
… and legal discussions are best in other venues
… thanks for pointing us to those
<ash> https://
Wendy: Michel and Aram, invite you to follow up on Github
<ash> CCPA 1798.135(a)(6) - Use any personal information collected from the consumer in connection with the submission of the consumer’s opt-out request solely for the purposes of complying with the opt-out request. And personal information, include 'unique identifiers' includeing pseudonymous identifiers....
Wendy: we have reached the end of the hour today
… thanks for sharing that
… If there are things to bring back to group for discussion after some off-list discussion, agenda plus
… and we'll talk again
… we have some issues raised in the queue
… on PARAKEET update and the PRAM use cases
… see you next week
Bleparmentier: We want to know if FLEDGE will be delayed until end of the year?
… it's important for us to know it
Michael_Kleber: no change and no delay
… work is proceeding apace
Wendy: thanks all
<wseltzer> [adjourned]