W3C home > Mailing lists > Public > public-privacy@w3.org > July to September 2015

Re: new security/privacy review questions

From: Greg Norcie <gnorcie@cdt.org>
Date: Tue, 7 Jul 2015 14:28:54 -0400
Message-ID: <CAMJgV7aec5YrCQu9mHewrWFQw7WNjOvqB5ifz6zPkaWa9KuqSg@mail.gmail.com>
To: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Hi all,

So I spoke with Joe - he will definitely be in Prague, however we both
agree it'd be ideal to keep as much of the discussion on list as possible,
so those who won't be present can give feedback. (The IETF meeting can
focus on discussing any remaining sticking points / high level issues that
need debate).

I went through the questions and edited them to try to be more respectful
of international norms, using language like "personally derived
information" rather than "personally identifiable" information

I also fleshed out the sections where an explanation and/or example was
lacking.

(The goal is that each section have an explanation of the question as well
as a real world example - some questions seem pretty self explanatory but
I'd rather be a little redundan rather than start to make subjectives
judgement on what questions are "self explanatory")

On Sat, Jul 4, 2015 at 8:11 AM, Ambarish S Natu <ambarish.natu@gmail.com>
wrote:

> If i try to summarize Privacy as a state free from observation and
> Security as a state free from danger, what will ensure that an individual
> be free from any observation be it PII or PDI or something else, i have no
> particular preference.
>
> Ambarish
>
>
> On Saturday, 4 July 2015, Craig Spiezle <craigs@otalliance.org> wrote:
>
>> +1. Agree with David
>>
>> Sent from my iPhone
>>
>> > On Jul 3, 2015, at 4:21 PM, David Singer <singer@apple.com> wrote:
>> >
>> >
>> >> On Jul 3, 2015, at 4:28 , Christine Runnegar <runnegar@isoc.org>
>> wrote:
>> >>
>> >> Yes, welcome Tiffany, and thank you for sharing your views.
>> >>
>> >> Indeed, the scope of privacy and data protection laws (i.e. the
>> definition of “personal data/personal information”) varies depending on the
>> jurisdiction.
>> >>
>> >> A common, but not universal definition is:
>> >>
>> >> “any information [relating to/about] an identified or identifiable
>> individual”
>> >>
>> >> (found, for example, in the OECD Privacy Guidelines, Council of Europe
>> Convention 108 and APEC Privacy Framework)
>> >>
>> >> My personal preference is not to use “PII”, but rather, “personal
>> data” or “personal information”, as needed.
>> >
>> > yes.  I am quite fond of ‘personally derived information’ i.e.
>> information that derives from the actions of a single person.
>> >
>> >
>> > David Singer
>> > Manager, Software Standards, Apple Inc.
>> >
>> >
>>
>>
>
> --
> अंबरीष श्रिकृष्ण नातू
>
>
> Sent from Gmail Mobile
>



-- 
/***********************************/

*Greg Norcie (norcie@cdt.org <norcie@cdt.org>)*

*Staff Technologist*
*Center for Democracy & Technology*
1634 Eye St NW Suite 1100
Washington DC 20006
(p) 202-637-9800
PGP: http://norcie.com/pgp.txt

Fingerprint:
73DF-6710-520F-83FE-03B5
8407-2D0E-ABC3-E1AE-21F1

/***********************************/


Received on Tuesday, 7 July 2015 18:29:23 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 7 July 2015 18:29:24 UTC