first-party-sets icon indicating copy to clipboard operation
first-party-sets copied to clipboard
verified publisher icon WICG

FPS members must allow technical verification

Open dmarti opened this issue 4 years ago • 3 comments

A site that claims first-party set membership must allow automated validation so that user agents and independent enforcement entities can check that it is in compliance with UA Policy.

Independent enforcement entities that detect that one member of an FPS is handling user data in a manner inconsistent with the FPS shared privacy policy should be able to presume that the FPS is invalid without waiting to find out if other members of the FPS are violating the policy in the same way.

Refs: #43

dmarti avatar Sep 07 '21 14:09 dmarti

The IPR check fails, @dmarti, because you're not a member of the Privacy CG. If you join the CG we can have the IPR bot run again.

hober avatar Sep 07 '21 20:09 hober

@hober Thank you, I checked and was listed under "former members" on the CG page, just re-joined. (my previous PR #56 had the IPR check succeed)

dmarti avatar Sep 07 '21 23:09 dmarti

Some kinds of domain data that could be verified by an IEE: https://github.com/privacycg/first-party-sets/issues/43#issuecomment-941096276

(for example, an IEE might require that FPS members acknowledge mail sent to a whois admin contact.)

dmarti avatar Oct 12 '21 17:10 dmarti