Open ehsan opened 5 years ago
dmarti
commented
5 years ago Under key needs of publishers, it could be a good idea to include:
michaelkleber
commented
5 years ago I'd appreciate if you could please provide an itemized list of those key needs for publishers as well as advertisers separately in an introduction section.
In the privacy model as it stands now, the relevant line is: Potential use cases must respect the invariant that it remain hard to join identity across first parties, but subject to that limit, there is room to allow sufficiently useful information to flow in a privacy-respecting way. Both "sufficiently useful" and "privacy-respecting" must be evaluated on a case-by-case basis.
I feel like you're asking for a very different model, in which we enumerate the needs of all parties (users, publishers, advertisers) in advance. It seems like such lists would be hard to produce, would be incomplete anyway, and would become outdated.
Why do you think case-by-case balancing isn't an answer?
ehsan
commented
5 years ago I feel like you're asking for a very different model, in which we enumerate the needs of all parties (users, publishers, advertisers) in advance. It seems like such lists would be hard to produce, would be incomplete anyway, and would become outdated.
Because without that, engaging on the technical topics will become a very difficult process, where for each issue we need to have a debate on the merits of various possible choices for all parties without having a clear set of guidelines to help decide the requirements of which side should be prioritized over the other in the case of a conflict.
To give a very practical example, if we agree with @dmarti's suggestion above, it is clear that https://github.com/michaelkleber/pigin/issues/1 is a problem, no need to try to convince you there. :-)
michaelkleber
commented
5 years ago (Arrgh I'm really sorry that we can't get into this in person at TPAC!)
To quickly reply to your practical example, actually I'm completely in agreement with @dmarti, since (per his linked article), "leakage" here means something that is contrary to the desire of the site whose data gets exfiltrated.
I guess that is a special case of some more general first-party data stewardship principle, and that's the kind of thing you're pushing me to list — OK, I get it. I'll get back to you.. :-)
ehsan
commented
5 years ago (Arrgh I'm really sorry that we can't get into this in person at TPAC!)
Me too. On the other hand having this discussion in a forum accessible to the public is really important so I'm not too sad that some of it is happening here. :-)
To quickly reply to your practical example, actually I'm completely in agreement with @dmarti, since (per his linked article), "leakage" here means something that is contrary to the desire of the site whose data gets exfiltrated.
Correct.
I guess that is a special case of some more general first-party data stewardship principle, and that's the kind of thing you're pushing me to list — OK, I get it. I'll get back to you.. :-)
What is "first-party data stewardship principle"? I've never heard about it before, and a quick web search shows no results for it.
"Data leakage" however is a very common topic which publishers express great interest in preventing. Where possible I'd prefer to use existing terms and concepts. :-)
Also when thinking about this, please think of the order of respective priority you're assigning to the key needs of publishers and advertisers. To continue to use data leakage as an example, that is one key area where the needs of publishers (e.g. to protect their visitors' data from leaking to third-parties) and advertisers (to access data about the visitor's of those websites to know what they're visiting now and what they've visited before among others) directly come into conflict, and there will be scenarios when we would have to choose which side "wins".
Thanks!
From the text: "This document offers one possible answer to these questions. The goal is a balanced way forward, dramatically improving web privacy while allowing enough information flow to carefully support key needs of publishers and advertisers."
It seems prudent to be able to counter the benefits vs harms to the user, to have a crystal clear definition of the key needs of publishers and advertisers that this proposal is trying to attend to, so that nothing is left to the imagination of the reader.
I'd appreciate if you could please provide an itemized list of those key needs for publishers as well as advertisers separately in an introduction section. Thanks!