W3C home > Mailing lists > Public > public-privacy@w3.org > October to December 2012

Re: PING - please volunteer - Ambient Light Events

From: Wendy Seltzer <wendy@seltzer.com>
Date: Fri, 21 Dec 2012 12:46:30 -0500
Message-ID: <50D4A076.905@seltzer.com>
CC: "public-privacy@w3.org Privacy" <public-privacy@w3.org>
On 12/21/2012 12:34 PM, David Singer wrote:
> On Dec 21, 2012, at 7:30 , Karl Dubost <karld@opera.com> wrote:
>> Le 20 déc. 2012 à 18:53, <Ian.Oliver@nokia.com> <Ian.Oliver@nokia.com> a écrit :
>>> This particular spec/API in the form here has no privacy aspects at all. If there are then it will be buried down in the infrastructure supporting such an API/Spec and thus be out of scope and highly context dependent.
>> In most circumstances, the technology is neutral because its goal is to propagate a message. HTTP logs are not privacy invasive, but their records on a long term might become privacy invasive.
>> The strategy is then becoming a question such as
>> * may I access to the information I created?
>> * may I record it myself (locally)?
>> * am I able to have actions on this personal record?
>> * may I block partly or totally the record of the information?
>>  (think about geolocation API)
>> * may I fake it?
>>  (think about fuzzy geolocation or voluntary fake location)
>> In the case of Ambient events, the first privacy issue we could raise, does the API provide a mechanism (messaging channel) to block and/or modify the information at the user level.
> I like this line of questions;  here are some more…
> 1) Is the data personally-derived, i.e. derived from the interaction of a single person, or their device or address?  [If so, even if anonymous, it might be re-correlated]
> 2) Does the data record contain elements that would enable such re-correlation?  [examples include an IP address, and so on]
> 3) What other data could this record be correlated with? [e.g. the ISP]
> 4) If you had large amounts of this data about one person, what conclusions would it enable you to draw? [e.g. maybe you could estimate location from many ambient light events by estimating latitude and longitude from the times of sunrise and sunset]

And some more:

* Am I likely to know if information is being collected?
* How visible is its collection and or use?
* Do I get feedback on the patterns that the information could reveal
(at any instant, over time) so I can adjust behaviors?

good thread!

Wendy Seltzer -- wendy@seltzer.org +1 617.863.0613
Policy Counsel, World Wide Web Consortium (W3C)
Fellow, Berkman Center for Internet & Society at Harvard University
Visiting Fellow, Yale Law School Information Society Project
Received on Friday, 21 December 2012 17:47:08 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:23:55 UTC