07:11:22 RRSAgent has joined #boundary-upgrade 07:11:22 logging to https://www.w3.org/2021/10/21-boundary-upgrade-irc 07:11:24 RRSAgent, stay 07:11:26 RRSAgent, make log public 12:11:46 jeff has joined #boundary-upgrade 13:45:56 johnwilander has joined #boundary-upgrade 13:48:16 wseltzer has joined #boundary-upgrade 13:48:21 Zakim has joined #boundary-upgrade 13:48:40 I don't see a link to a virtual video session. I'm logged in to web-eur.cvent.com and see the IRC link though. 13:49:32 Got it. I now saw an email too since I registered for the session. 13:49:46 they appear 5min before the meeting 13:59:00 jrosewell has joined #boundary-upgrade 13:59:07 present+ 13:59:12 russStringham has joined #boundary-upgrade 14:00:57 Wendy, did you say you'll stop recording once we go into the discussion? 14:01:00 weiler has joined #boundary-upgrade 14:01:36 bmay has joined #boundary-upgrade 14:01:42 cwilso has joined #boundary-upgrade 14:02:12 cpn has joined #boundary-upgrade 14:02:29 johnwilander, yes, we will announce when recording starts and stops 14:02:45 present+ ChrisNeedham 14:02:54 present+ 14:03:22 KaustubhaGovind has joined #boundary-upgrade 14:03:35 present+ 14:03:41 dmarti has joined #boundary-upgrade 14:04:23 present+ 14:04:48 eriktaubeneck has joined #boundary-upgrade 14:05:10 jrosewell: [presentation] 14:05:43 Meeting: Upgrade Privacy Boundaries Defined Solely by Registerable Domains 14:10:10 dom has joined #boundary-upgrade 14:12:39 eriktaubeneck_ has joined #boundary-upgrade 14:14:38 q+ to ask for more clarity about the circular debate. It was not clear to me what James meant. 14:15:32 q+ 14:17:44 q? 14:17:52 ack jeff 14:17:52 jeff, you wanted to ask for more clarity about the circular debate. It was not clear to me what James meant. 14:18:04 q+ 14:18:22 btsavage has joined #boundary-upgrade 14:18:23 harneet_sidhana has joined #boundary-upgrade 14:18:27 q? 14:18:29 seanbedford has joined #boundary-upgrade 14:18:34 q+ 14:18:35 jeff: Can you be more specific about what you mean by circular debate? 14:19:08 jrosewell: discussion in other groups, PCG, IWAGB 14:19:19 q+ 14:19:31 ... first party sets, debates around what criteria are needed for a set to be formed 14:19:46 ... who makes the decision? 14:20:00 sysrqb has joined #boundary-upgrade 14:20:02 q+ 14:20:20 ... that takes us to discussions of sanctioned/unsanctioned, good or bad 14:20:46 ... A poll in federated ID CG showed a 50-50 split on direction 14:21:02 ... need to unblock debates 14:21:28 hober has joined #boundary-upgrade 14:21:33 jeff: there are many topics where we don't yet have consensus, consensus is sometimes hard to reach 14:21:35 present+ 14:21:40 ack next 14:22:10 https://github.com/sleevi/psl-problems 14:22:33 jyasskin: Google has a history of both complaining about the registrable domain problem and proposing alternatives such as first-party sets 14:22:37 BrianLefler has joined #boundary-upgrade 14:22:52 ... I came to this hoping for suggestions or discussions of whast to replace the bounary with 14:23:02 ... don't think it's productive to say there should be no boundary 14:23:13 ... but rather look for replacements 14:23:19 ... what do people think alternatives should be? 14:24:04 jrosewell: one idea in the navigation tracking mitigation repository, 14:24:13 ... looks at how we can bring contracts into registrable domains 14:24:19 I believe that's https://github.com/privacycg/nav-tracking-mitigations/issues/13. 14:24:26 q+ 14:24:58 ... people can choose which standard contracts they can have their data shared under 14:25:07 ... introduces transparency and audit 14:25:23 ... explaining how people can see the parties involved in advertising and tracking 14:26:20 q? 14:26:29 jyasskin: thanks for focusing our attention on OWID as alternative 14:26:33 ack weiler 14:26:42 q+ 14:26:53 weiler: thinking about requirements 14:27:21 ... you asked where's the authority: ultimately, I'd say, it lies with end-user 14:27:35 ... and to be able to exercise, they need to be able to automate 14:28:11 jrosewell: depends what you're sharing. Ordinarily we'd want things to be frictionless 14:28:20 weiler: so why not have user define the policy? 14:29:04 jrosewell: In discussions elsewhere, people have discussed trusting other organizations, 14:29:18 ... e.g. the Scouts, to pick a set of settings 14:29:45 ... standard contractual clauses, contracts a regulator has approved for data-sharing 14:30:13 ... I have another session, through Movememt for Open Web, going into detail on a proposed solution 14:30:20 q? 14:30:29 ack btsavage 14:31:01 btsavage: personal opinion, not speaking for Facebook 14:31:10 ... I think it makes sense to have this conversation 14:31:40 ... thinking from perspective of end-user and their expectations 14:32:11 ... to the extent personal info is being exchanged between business in ways that would surprise user, that's problematic 14:32:40 ... also, few users read privacy policies to understand what's going on 14:33:33 ... so we shouldn't rely on privacy policies to set user expectations 14:34:00 ... a metric to gauge proposals: to what extent would using $this as a privacy boundary meet user expecations 14:34:16 ... domains are visually displayed, there's a decent amount of education 14:34:45 ... research; also problems such as phishing and scam domains 14:35:15 ... "would sharing data across this boundary surprise or upset people, would it misalign with expectations" 14:35:17 +1 btsavage 14:35:31 ... and don't expect we can modify those expecations with privacy policies 14:35:59 jrosewell: think we can all agree that terms and conditions are not always read; that's an issue with contract law 14:36:55 ... while some companies have tried to make those more engaging 14:37:17 ... often, in other industries, you trust someone, an organization standing behind the contracts 14:37:57 ... don't see how we can get away from legal contract defining service 14:38:14 q+ 14:38:41 btsavage: don't think we as engineers in W3C should be saying it's ok for us to accept surprising information flows, so long as a contract describes that 14:39:08 +1 to btsavage re: not relying on contracts, for other reasons 14:39:12 q? 14:39:17 It's interesting that we have such a consensus among engineers here that terms and conditions are completely useless in getting any sort of real agreement from users, and yet we haven't been able to convince any of the legal system, whether inside or outside our companies, of that. I hope btsavage is right that the legal systems will eventually move in that direction. 14:39:20 ... some contracts we've eliminated, such as overdraft fees 14:39:32 bmay: with Dstillery, do audience targeting 14:40:02 ... A domain means lots of different things 14:40:23 ... compare "google" to "bobssportinggoods" 14:40:53 ... the user is interacting with the organization/people behind the domain 14:41:01 ... we'd do well to come up with a new identity primitive 14:41:14 alextcone has joined #boundary-upgrade 14:41:22 ... privacy and identity semantics, as a basis for data-based interactions with individuals and organizations 14:41:26 People may not understand who they are interacting with when they use a website 14:41:53 ... rules around how data can be used and transmitted, and means to discover how info has been used 14:42:04 ... don't think domains are the answer 14:42:42 ... similar to what weiler said, ask the browser to act on your behalf 14:43:10 ... develop an auditing and reporting system that would allow user to understand how data is being used and remediate inappropriate uses 14:43:42 q? 14:43:51 ack bm 14:43:53 ack eriktaubeneck_ 14:44:34 eriktaubeneck_: clarification, I wanted to understand what point you were making about Doritos.com and .co.uk having different privacy policies 14:44:50 ... in different jurisdictions, they'd have different policies 14:45:52 jrosewell: I was trying to say that because domains are simmilar, consumers might expect same activity, but it's the privacy policy more than ownership that matters 14:46:34 eriktaubeneck_: I'd expect differences in different jurisdictions 14:47:07 q? 14:47:18 jrosewell: I was trying to show that ownership may not be only relevant factor 14:47:29 seanbedford: also work for Facebook, expressing my personal opinion 14:47:44 ... if we're going to draw a boundary, need to be very clear where it sits 14:47:51 ... there's a legal definition 14:48:15 ... in Papa John's example, a franchised business, each store is a different legal entity 14:48:44 ... some connection to entity, user expectation. many facets we need to think about together 14:49:05 ... eTLD+1 feels insufficient; hope we can come up with something better 14:49:13 ... many different defitions 14:49:33 ... user expectations; legal definitions of what a regulator would enforce 14:50:05 ... other digital touchpoints I might have with those businesses, e.g. order through an app 14:50:16 ... don't think we can come to a single answer focused only on web 14:50:34 ... not sure what the better thing will be 14:50:48 jrosewell: can we come to agreement by the end of this discussion? 14:50:52 ack se 14:50:56 q? 14:51:01 q+ 14:51:03 ack johnwilander 14:51:07 q+ 14:51:20 johnwilander: Apple webkit; wanted to mention some technical apsects 14:51:28 ... cookiies can span origins (subdomains) 14:51:44 ... if we didn't have cookies spanning origins, and document.domain, we'd just use origin 14:52:07 ... there's been a proposal for HTTP state mechanism tied to origin rather than cookies, maybe we can move login there 14:52:20 ... and then do isolation based on origin rather than registrable domain 14:52:42 ... origin is combination of protocol, hostname, and port 14:52:49 ... complete with subdomain 14:53:00 ... that triple defines an origin 14:53:07 ... most of the web security is tied to origin 14:53:07 ://[.][:] 14:53:37 jrosewell: your preference would be origin? 14:53:52 ... separate origins, with no data-sharing between subdomains 14:54:05 q? 14:54:13 johnwilander: yes, technical implemenation, with possible APIs for inter-origin communication 14:54:17 ack dmarti 14:54:45 dmarti: when one of the browsers made some changes to data-sharing, there was tremendous user resarech to back it up 14:55:04 +1 14:55:13 100% dmarti 14:55:32 ... setting sensible defaults is an argument for user research: mockups with which to ask users "what would expect to happen in this situation" 14:55:44 ... hope we could do that in next ireation fo discussion 14:55:50 ... I'm happy to share resource links 14:56:14 q+ 14:56:15 jrosewell: time for us to think about what happens next 14:56:19 q? 14:56:22 q+ 14:56:32 ack bm 14:57:11 bmay: it's easy to identify domain as wrong primitive; would be intersting to figure what user relates to, and how we define rules for that 14:57:37 weiler: I'm not inclined to rely on contracts, since internet and web cross international boundaries 14:57:59 ... I'd rather see us work on technical measures 14:58:02 ack bt 14:58:05 ack we 14:58:57 btsavage: sounded to me as though there was fair degree of consensus with idea that data sharing and privacy boundaries, what browser should do is what people woudl want if they took the time to undersatnd 14:59:23 ... poll, do people believe privacy boundaries should match user expectations 14:59:26 ack me 15:00:06 +1 user agent acting defensively on behalf of user's privacy is good (though that shoudl also be balanced against usability, privacy isn't the only user concern) 15:00:26 wseltzer: any place to invite people to watch for next steps in this conversation? 15:01:08 jrosewell: there are many groups in which it could fit. I'd like to ask that we make it into one conversation, perhaps in privacy cg 15:02:05 rrsagent, draft minutes 15:02:05 I have made the request to generate https://www.w3.org/2021/10/21-boundary-upgrade-minutes.html wseltzer 15:02:08 chair: jrosewell: 15:02:15 rrsagent, make logs public 15:02:18 rrsagent, draft minutes 15:02:19 I have made the request to generate https://www.w3.org/2021/10/21-boundary-upgrade-minutes.html wseltzer 15:59:26 RRSAgent, bye 15:59:26 I see no action items