ACTION-373 Append: Issues list based on today's call from Peter Swire on 2013-04-03 (public-tracking@w3.org from April 2013)

From: Peter Swire <peter@peterswire.net>
Date: Wed, 3 Apr 2013 12:47:46 -0700
To: "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <CD81FDE4.74E12%peter@peterswire.net>

Based on discussions to date, here are some categoriesrelated to the �append� discussion. Perhaps I could ask the authors to consider which of these categories they believe would be covered by their proposals where DNT:1 is set at a 1st Party site? (Apologies if I have made any mistake on what is in the currentspec.)

Three major categories:
1. Data from a 1st Party
2. Data to a 1st Party
3. Data used by a 1st Party

1. Data from a 1st Party

1.1. 1st Party to Outsourced Service Provider. Current spec allows this if there is no leakage. Data can only be �accessed and used as directed� by the 1st Party.

1.2. 1st Party to 3d Party. Current spec says �The first party must not pass information about this transaction to non-serviceprovider third parties who could not collect the data themselves under thisstandard.�

2. Data to a 1st Party

2.1. Data from public records. Example discussed of employee of the 1st Party using the telephone white pages to look up an address. A variation is where the 1st Party purchases information from a service about bankruptcy or other court records.

2.2. Data from non-public records.

2.2.1. Dynamically use data to serve real-time ads.

2.2.2. Use data to supplement knowledge of 1st Party about a user, and use the updated set of information to serve online ads in the future.

2.2.3. Use data to supplement knowledge of 1st Party about a user, and use for purposes other than to serve online ads, such as update address and other contact information.

2.2.4. Use data to enhance 1st Party analytics, but don�t target back to an individual user.

3. Data used by a 1st Party

3.1. Use in 1st Party context. Generally permitted under the spec.

3.2. Use in 3d Party context. Would be prohibited by Simpson/Chapell proposal.

3.2.1. Personalized widgit � user sees a different widgit based on information known to the 1st Party.

3.2.2. Personalized advertisement � user sees a different ad based on information known to the 1st Party.

3.2.3. Analytics or other scenarios?

One additional issue raised in the call: persistence of DNT header vs. header used for a particular network interaction.

Hope this is helpful.

Peter

Professor Peter P. Swire
C. William O'Neill Professor of Law
Ohio State University
240.994.4142
www.peterswire.net

Received on Wednesday, 3 April 2013 19:48:15 UTC