2016-05-16 UST Meeting Notes
Date
May 16, 2016
UST Call
mark lizar
Dom Marti,
John Moehrke
Mary Hodder
Discussion about the Cheddar infrastructure.
Don Marti
- http://www.aloodo.org/ (blog)
-
http://blog.aloodo.org/posts/how-cheddar-is-your-browser/
the blog here takes a look and see if there if you are being tracked
- if there is a green or pick box
This does two test
1. for a dumb ad - blockers (dumb - ad - blocker will block a first party ad or 3rd party ap that respects cheddar)
   1. simple javascript - if browser has blocked local third party app
   2. tracking protection test - it will try and track you from a 3rd party domain and it will report if your browser is vulnerable to being tracker
swap in a new version of ad-blocker -
Phase 1 let user know they are being tracked and vulnerable, once they are safe,
Phase 2 then the plan is to check the ad-blocker. - and see if its dumb ,
Cheddar sets a baseline for user control tools for information sharing.. once its in place it can make the case for user submitted terms,.
Once users have more control, then, markets can make the case for accessing user control .
Work with high quality sites to turn on cheddar protection and encouragement.  You can go to your own site to apply your own scripts.
User hearing the message from high reputation sites. Â
Looking to promote cheddar, building the basics now and then pushing it out
It is possible to setup Ad-Block + to use cheddar. There are 3 steps to fix Ad-Block work in a cheddar way.
What would be very helpful - would be for (ad-blockers) to have a cheddar mode. Â
Doc has the cheddar drawing that Craig made and he's presenting today in NYC re: the "no stalking" term... which is comprehensive it's in front of 200 publishers
 No stalking term includes the no data leakage protections - i
important to be able swap out ad-blockers, make the conversation more about what sites are trustworthy, and less can take data keep cheddar
its stepping to user controlled data sharing. Â
Cheddar scripts can be put on the Kantara wiki, can be used as the basis for looking for third party. Â
http://kantarainitiative.org/confluence/display/infosharing/UST+Engineering
Data Leakage -
Canvas finger printing - with third parties pretending to be first parties are still risk. Its a way to see how vulnerable you are - then they can join a tool that protects them and they can benefit rom the ongoing tools that they run. Â
Privacy BDGER will show a 0 if cheddar compliant. See sites moving away from extortion and away from data leakage.
At a technical level we can’t say which ads ar brand only, but direct ads only..  Cant say for sure what the advertisers will put forward
talking about the name —> Cheddar -
No stalking ads. - - Â
Don doesnt like the stalking term, because of the emotional connotations but it should be a bit more business.
Some sites want to use more emotional language than others, its better to let the trust worthy sites control the messages.   Don, likes cheddar, it means money and its a bit cheddar
Cheddar is a set of norms around tracking preference s which is expressed in terms of current web-technology - if your privacy tool wants to label in another way then that should be done.
Â