Standardization: W3C & IETF Alex Fowler, Global Privacy & - - PowerPoint PPT Presentation

standardization
SMART_READER_LITE
LIVE PREVIEW

Standardization: W3C & IETF Alex Fowler, Global Privacy & - - PowerPoint PPT Presentation

Dec 12, 2022 226 likes •335 views

Standardization: W3C & IETF Alex Fowler, Global Privacy & Public Policy Leader, Mozilla W3C Web & User Privacy Tracking Workshop April 29, 2011 Why standardize? What should get standardized? Should standards groups define policy?

slide-1
SLIDE 1

Standardization: W3C & IETF

Alex Fowler, Global Privacy & Public Policy Leader, Mozilla W3C Web & User Privacy Tracking Workshop April 29, 2011

slide-2
SLIDE 2

Why standardize? What should get standardized? Should standards groups define policy?

04/2011 | Page 2

slide-3
SLIDE 3

Why standardize?

Find consensus among stakeholders in open/public forum Define outcomes and understand tradeoffs Reduce complexity (consumer values, business practices, technology) Leverage past experiences and lessons learned Foster interoperability and consistent user experience Simplify implementation for developers and IT groups Define compliance and enforcement

04/2011 | Page 3

slide-4
SLIDE 4

What should get standardized?

Tracking Protection Lists

DOM

DNT Header

Response Header White Listing Capability Compliance/ Audit

04/2011 | Page 4

slide-5
SLIDE 5

Should standards groups define policy?

We do have the expertise We don’t have full range of stakeholders

04/2011 | Page 5

slide-6
SLIDE 6

IETF submission on DNT

IETF Draft Proposal, “Do Not Track: A Universal Third-Party Web Tracking Opt Out,” March 7, 2011, jointly submitted with Jonathan Mayer and Arvind Narayanan of Stanford’s Center for Internet and Society

  • defines the syntax and semantics of HTTP header-based

mechanism for DNT, and

  • specifies how web services should respond to such a mechanism

All dimensions are up for discussion and we welcome suggested improvements!

04/2011 | Page 6

slide-7
SLIDE 7

TPLs & DNT header

TPLs are independent from the DNT header and DOM element:

  • Goals and effects of the technologies seem to be quite different
  • TPLs affect how clients interpret and access content, while DNT

header and the DOM element ultimately affect what servers do to preserve privacy

  • Standardization needs are very different (e.g., TPLs are about list

syntax, DNT is about protocol design)

04/2011 | Page 7

slide-8
SLIDE 8

DNT across two standards groups

W3C

  • TPL working

group, with DOM subcommittee at W3C

  • considerable

experience working on privacy-related standards

IETF

  • Standards-track

specification of DNT HTTP header

  • IETF generally

maintains change control over HTTP protocol

  • Public forum

04/2011 | Page 8

slide-9
SLIDE 9

Possible division of work

Tracking Protection Lists

DOM

DNT Header

Response Header White Listing Capability Compliance/ Audit

04/2011 | Page 9

slide-10
SLIDE 10

Thank You.

Alex Fowler 415 309 3712 afowler@mozilla.com

04/2011 | Page 10