W3C home > Mailing lists > Public > public-tracking@w3.org > November 2012

proposal ISSUE-188 ("unlinkable"): 3.6.1 - "render unlinkable"

From: Thomas Roessler <tlr@w3.org>
Date: Thu, 15 Nov 2012 00:30:37 +0100
To: "public-tracking@w3.org Group WG" <public-tracking@w3.org>
Message-Id: <78751A38-D1C3-477E-AE12-5047F65FE52F@w3.org>
The current editor's draft includes an option for the definition of unlinkable data in section 3.6.1. That text is:

> 3.6.1 Option 1: Unlinkable Data
> 
> A party render a dataset unlinkable when it
> 1. takes commercially reasonable steps have been taken to de-identify data such that there is confidence that it contains information which could not be linked to a specific user, user agent, or device in a production environment
> 2. publicly commits to retain and use the data in unlinkable fashion, and not to attempt to re-identify the data
> 3. contracually prohibits any third party that it transmits the unlinkable data to from attempting to re-identify the data. Parties should provide transparency to their delinking process (to the extent that it will not provided confidential details into security practices) so external experts and auditors can assess if the steps are reasonably given the particular data set.

(I believe this to be based on contributions from Shane and others.  If somebody wishes to link this note back to the original proposal, that's welcome -- but optional.  The purpose of this message is to make sure that we have an easily-retrieved record of all options before the group.)

-- 
Thomas Roessler, W3C <tlr@w3.org> (@roessler)
Received on Wednesday, 14 November 2012 23:30:42 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:38 UTC