Re: Privacy protection principles from Lukasz Olejnik (W3C) on 2016-09-16 (public-privacy@w3.org from July to September 2016)

From: Lukasz Olejnik (W3C) <lukasz.w3c@gmail.com>
Date: Sat, 17 Sep 2016 00:17:09 +0100
To: David Singer <singer@apple.com>
Cc: Joseph Lorenzo Hall <joe@cdt.org>, Katie Haritos-Shea GMAIL <ryladog@gmail.com>, Chaals from Yandex <chaals@yandex-team.ru>, Kepeng Li <kepeng.lkp@alibaba-inc.com>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Message-ID: <CAC1M5qp25122OcyZEw5V5EhdhOTJ2WP+he3qxz-3uLgNHv=i0w@mail.gmail.com>

2016-09-16 16:44 GMT+01:00 David Singer <singer@apple.com>:

>
> > On Sep 16, 2016, at 8:03 , Joseph Lorenzo Hall <joe@cdt.org> wrote:
> >
> > (waits for David Singer to chime in on the vagaries of PII, personal
> > information, personal data, etc.)
>
> LOL.
>
> Somewhere I picked up the acronym PDI — Personally Derived Information —
> and I kinda like it. Given enough information deriving from a personal
> interaction, you end up knowing something about a person, and they can
> become identifiable.
>

Indeed.

Clear distinction for PII and strictlly-non-PII is apparently going into
history. What is especially interesting is that - perhaps non-PII data
today, might become PII tomorrow (after more is known, research is made,
regulations are changed...)...

That's why I'm not so much concerned with distilling a strict and static
list of PIIs.
But I would be happy to help with the document.

>
> >
> > It might be time to have some loya jirga (big discussion) to
> > standardize or describe these terms for use in w3c? At CDT we tend to
> > default to -- what I associate with European data protection
> > regulation -- "personal data".
> >
> > Will be great to see many of you next week!
> >
>
> Very much looking forward to it.  Travel safely!
>

A shame I'm not there. Hopefully another time!

Best
Lukasz

Received on Friday, 16 September 2016 23:17:41 UTC