ACTION-373 Append: Issues list based on today's call from Peter Swire on 2013-04-03 (public-tracking@w3.org from April 2013)

From: Peter Swire <peter@peterswire.net>
Date: Wed, 3 Apr 2013 12:47:46 -0700
To: "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <CD81FDE4.74E12%peter@peterswire.net>

Based on discussions to date, here are some categoriesrelated to the “append” discussion. Perhaps I could ask the authors to consider which of these categories they believe would be covered by their proposals where DNT:1 is set at a 1st Party site? (Apologies if I have made any mistake on what is in the currentspec.)

Three major categories:
1. Data from a 1st Party
2. Data to a 1st Party
3. Data used by a 1st Party

1. Data from a 1st Party

1.1. 1st Party to Outsourced Service Provider. Current spec allows this if there is no leakage. Data can only be “accessed and used as directed” by the 1st Party.

1.2. 1st Party to 3d Party. Current spec says “The first party must not pass information about this transaction to non-serviceprovider third parties who could not collect the data themselves under thisstandard.”

2. Data to a 1st Party

2.1. Data from public records. Example discussed of employee of the 1st Party using the telephone white pages to look up an address. A variation is where the 1st Party purchases information from a service about bankruptcy or other court records.

2.2. Data from non-public records.

2.2.1. Dynamically use data to serve real-time ads.

2.2.2. Use data to supplement knowledge of 1st Party about a user, and use the updated set of information to serve online ads in the future.

2.2.3. Use data to supplement knowledge of 1st Party about a user, and use for purposes other than to serve online ads, such as update address and other contact information.

2.2.4. Use data to enhance 1st Party analytics, but don’t target back to an individual user.

3. Data used by a 1st Party

3.1. Use in 1st Party context. Generally permitted under the spec.

3.2. Use in 3d Party context. Would be prohibited by Simpson/Chapell proposal.

3.2.1. Personalized widgit – user sees a different widgit based on information known to the 1st Party.

3.2.2. Personalized advertisement – user sees a different ad based on information known to the 1st Party.

3.2.3. Analytics or other scenarios?

One additional issue raised in the call: persistence of DNT header vs. header used for a particular network interaction.

Hope this is helpful.

Peter

Professor Peter P. Swire
C. William O'Neill Professor of Law
Ohio State University
240.994.4142
www.peterswire.net

Received on Wednesday, 3 April 2013 19:48:15 UTC