W3C home > Mailing lists > Public > public-tracking@w3.org > June 2013

June Change Proposal, de-identified

From: Roy T. Fielding <fielding@gbiv.com>
Date: Wed, 26 Jun 2013 01:16:25 -0700
Message-Id: <B30519D1-C9B5-4460-8F90-9152EB777065@gbiv.com>
To: "public-tracking@w3.org Mailing List" <public-tracking@w3.org>
This is ISSUE-188

The definition of de-identified does not capture the discussion
we had on list regarding anonymous data and the unnecessary
burden of contracts.  It also uses old terms like "consumer"
and "computer" that we don't need, and is phrased in terms of
the process of de-identification (what a party must do) rather
than the state of the data after de-identification has completed.

Existing text in Sec 2.8:
============================
Data is deidentified when a party:

 1. has achieved a reasonable level of justified confidence that the data cannot be used to infer information about, or otherwise be linked to, a particular consumer, computer, or other device;
 2. commits to try not to reidentify the data; and
 3. contractually prohibits downstream recipients from trying to re-identify the data.
============================


Replacement:
============================
A data set is considered de-identified when there exists a reasonable level of justified confidence that the data within it cannot be used to infer information about, or otherwise be linked to, a particular user.
============================

....Roy
Received on Wednesday, 26 June 2013 08:16:48 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 26 June 2013 08:16:48 UTC