- From: David Singer <singer@apple.com>
- Date: Mon, 17 Dec 2012 17:33:09 -0800
- To: "public-tracking@w3.org Working Group" <public-tracking@w3.org>
Guys we had a call ages ago, and happily Tom kept an IRC log (thanks!). These are as close minutes as we're going to get, I think. This should complete action-323. The call basically went through my questions at <http://www.w3.org/mid/3CCB63DC-468F-4303-A02C-5561B2E06503@apple.com> I reproduce that email here, for context, and interleaved with the email you'll find IRC comments prefixed by IRC user-handles. The other text is all the base email, except for two places where I am not sure whether I have the IRC comments in the right context (noted "[[scribe:…]]"). I have email-quoted the base email. * * * * * * EMAIL with interleaved IRC discussion 2012-10-19 * * * * * > following up to my own email (I know, bad idea), I have tried to intersperse some answers to the questions. Some are currently un-answerable, I think. The answers reflect the current text and status (as of today), not anything I am proposing or suggesting. > > (WKR == well-known-resource) > > On Jul 31, 2012, at 15:49 , David Singer <singer@apple.com> wrote: > > > Friends > > > > I would like ti suggest we include an informative section in the specification of questions that a user/user-agent might have about 'what's going on with my DNT requests', and how the response header and/or well-known resource (or some other mechanism) provide answers. This is kinda like a FAQ that UAs might have for sites. > > > > For each of these questions, we can decide to use the header, the WKR, or some other mechanism, or a combination of tools. I think that the static ones naturally lend themselves to the WKR, and we tentatively said that if your status (1st/3rd) changes, a header will alert you. > > > > I am sure I missed a few questions, these are off the top of my head. Can I suggest we assemble this list, and then we can decide on the best proposed answers to the questions, and make the set of questions+answers into an informative section? > > > > I have divided my questions into categories (static, personal interaction, and dynamic). > > > > (Note that enquiries to the WKR are required to be un-tracked under all circumstances.) > > > > > > static questions > > > > 1. Does this site implement or recognize DNT at all? > > If the well-known resource exists, yes, the site recognizes the DNT header. > > > 2. If so, does it claim compliance? > > The main tracking-status of the WKR is the indication of the claimed compliance. Nick Doty: do we need 1 as separate from 2? Roy Fielding: It is a goal for me. Nick Doty: I definitely understand the 'beta' use case, I think that's probably distinct from saying affirmatively "I'm doing something, but not what's in the Compliance spec" > > 3. Is this site part of a larger 'party' of affiliated sites that share information? Who is the main party and/or master site? > > Sites in the same party are designated using the same-party part of the WKR. The 'master site' is not currently identified. [possible problem] Nick Doty: seems useful because a likely outcome for us on breadth of party is discoverability of party breadth Nick Doty: +1, I'm not sure "main party" is key Nick Doty: ... would that just be the umbrella corporate owner? I'm not sure a UA needs to know that Roy Fielding: who is the data controller? > > 4. Does this party ever claim 'permissions'? Particularly, is it claiming the 'agent of 1st party' permission? > > The track status qualifiers will match whatever permissions the compliance document specifies, and the presence of a qualifier on the Tk header or WKR tracking-status indicates a claim of a permission. > > There is currently no out-sourcing indication in either the tracking-status or tracking-qualifier. Currently an service provider (e.g. analytics) site would claim to be operating under the rules for a 1st party. If its site name appears under (one of) the actual first party's same-party list, then this is verifiable; otherwise, the user-agent may conclude that some resource that was designed to be used in a first-party context has been included in a third-party context, and raise a concern that unexpected tracking may be occurring. [problem] Nick Doty: we are referring to "permitted uses" here, yeah? Nick Doty: I agree that it would be useful to optionally know this > > 5. Does it always operate as a 3rd party, or does it sometimes become 1st (e.g. an ad that gets interacted with, vs. an analytics site). > > Tracking-status 1 (always 1st) 3 (always 3rd) or X (dynamic), provides this information. Nick Doty: hearing: maybe the UA just cares about the current interaction, rather than "always" [[scribe: not sure this next discussion is in the right place]] Roy Fielding: Do we need a pre-flight check? Nick Doty: I'm not sure this is essential for a UA, but maybe some people would find it useful? Nick Doty: tl sees some value in the pre-flight check Roy Fielding: http://www.w3.org/TR/2012/WD-tracking-dnt-20121002/#using-tracking-status Roy Fielding: it is 5.7.2 in TPE mikeo: pre-flight check would have to be resource dependent, tracking resource is for whole site > > 6. If the site has trusted important partners, for whom it might ask an exception, who are they? > > The resource third-party list provides this information. Roy Fielding: isn't 6 going to be a dynamic question? i.e., it is part of the API Nick Doty: I could see that being a useful option for a 1st party Nick Doty: disagreement about how easy it would be to publish it (which may be why it's optional) > > 7. Where do I find a readable privacy policy? > > The resource policy provides this information. Nick Doty: useful for a party, since transparency is a key part of permitted uses Roy Fielding: (quoting the spec.) An OPTIONAL member named policy MAY be provided with a string value containing a URI-reference to a human-readable document that describes the tracking policy for the designated resource. The content of such a policy document is beyond the scope of this protocol and only supplemental to what is described by this machine-readable tracking status representation. Nick Doty: I think that's fine; though in most cases it would be part of a privacy policy Nick Doty: "that describes the relevant privacy policy for the designated resource" Nick Doty: action: fielding to clarify "policy" element to refer to "relevant privacy policy", not necessarily tracking-specific trackbot: Created ACTION-322 - Clarify "policy" element to refer to "relevant privacy policy", not necessarily tracking-specific [on Roy Fielding - due 2012-10-17]. > > 8. Is there a place where I can express my preferences, grant exceptions, etc.? > > The resource control provides this pointer. David Singer: (quoting the spec.) An optional member named control may be provided with a string value containing a URI-reference to a resource for giving the user control over personal data collected by the designated resource (and possibly other resources); Nick Doty: yeah, sounds good Nick Doty: it certainly feels inspired by access and control FIPPs > > personal interaction questions (that might vary from place to place, or individual to individual, but typically not transaction to transaction) > > > > 10. What header did the site receive from me? (Did my header make it through?) > > There is no way to tell [problem] Nick Doty: if I respond with a Tk:3 header, does that mean that the site isn't tracking me? or that the site isn't tracking me if it received a DNT:1 from me? Nick Doty: would a server's response be different if it received a DNT:0? David Singer: to nick: the second - IF you send me DNT:1, THEN I will stop tracking you (to the extent I don't claim permissions) mikeo: user-agent could say i think you are acting as 3rd party, tk response could agree or not Nick Doty: we wouldn't need an echo if the response header indicated the actual compliance practice (rather than the contingent compliance practice) [[scribe: somehow we discussed another Question 10 now!]] David Singer: 10. Under what set of rules (e.g. 3rd-party receiving DNT:1) are we communicating? mikeo: is that per transaction? Nick Doty: mikeo, this could be site-wide or per-transaction, I think Nick Doty: +1, when you're viewing a web page that gives you an opt-out option, a site might use HTML to tell you your current status Roy Fielding: For example of an opt-out page, see http://www.adobe.com/privacy/opt-out.html Nick Doty: tl: know what we want to achieve (that the UA can determine the current practices of the server right now) but less sure about how to achieve it > > 11. Does the site claim an in-band (well, I'd know if it says it saw DNT:0) or out-of-band exception from me? > > The tracking status C (consent) documents this, but does not differentiate between in-band and out-of-band [possible problem] Nick Doty: right, it couldn't really be bad to send a "C" response to DNT:0 because the UA will presumably be comfortable with that > > 12. Is the site going to decide not to honor my DNT:1 request for some other reason (e.g. my choice of UA, as recently discussed :-(, a court order, etc.)? > > Not indicated. [possible problem] mikeo: the resons should be from a finite site set mikeo: a uri? mikeo: +1 > > truly dynamic questions (that might vary from request to request) > > > > 20. Is the site operating as a 1st or 3rd party in this interaction? (This makes a big difference to how much tracking can happen). > > The X in the tracking-status indicates that the response may be dynamic, and then the Tk header field is required. Nick Doty: yeah, different requests, each declare status Roy Fielding: which party? which domain is known. which domain owner? Roy Fielding: whois domain Roy Fielding: do we need a direct link to first-party, or is policy enough? (general discussion) Nick Doty: I'm not seeing any missing questions off the top * * * * * * David Singer Multimedia and Software Standards, Apple Inc.
Received on Tuesday, 18 December 2012 01:33:51 UTC