W3C home > Mailing lists > Public > www-p3p-policy@w3.org > November 2000

Re: question about the <NON-IDENTIFIABLE/> attribute

From: Rigo Wenning <rigo@w3.org>
Date: Thu, 30 Nov 2000 15:11:35 +0100
To: www-p3p-policy@w3.org
Message-ID: <20001130151134.E873@rw22wenning.jura.uni-sb.de>
The definition of this was taken and modified from the whereas
Nr. 26 of the European Data Protection Directive, which says:

(26) Whereas the principles of protection must apply to any
information concerning an identified or identifiable person;
whereas, to determine whether a person is identifiable, account
should be taken of all the means likely reasonably to be used
either by the controller or by any other person to identify the
said person; whereas the' principles of protection shall not
apply to data rendered anonymous in such a way that the data
subject is no longer identifiable; whereas codes of conduct
within the meaning of Article 27 may be a useful instrument for
providing guidance as to the ways in which data may be rendered
anonymous and retained in a form in which identification of the
data subject is no longer possible 

We didn't want all the overhead of this statement. But we wanted
to give services, which are especially privacy friendly, the
chance to show that in P3P. The tag is designed for them. If
Lorrie say's you'll have at least to truncate the URI in the
logs, this is here approach to say, it is not reasonably possible
to get the identity of a user, if there are truncated URI's.
Additionally, you'll have to explain the measures taken in the
human-readable policy. 

Best, 

Rigo


On Wed, Nov 29, 2000 at 05:16:10PM -0800, Fiona Walsh wrote:
> 
> I've been assisting our client's with policy generation, and have some
> questions about the <NON-IDENTIFIABLE/> attribute.
> The spec. states
> "
> <NON-IDENTIFIABLE/> 
> 	This is an element that can only be present in the statement, if
> there is no data or no identifiable data collected. Data is seen as
> non-identifiable in the sense of the present specification, if there is no
> reasonable way for the entity or a third party to attach the collected data
> to the identity of natural person. 
> "
> 
> Nearly all of our clients' sites have some persistent means of storing state
> @ an individual level (cookiesID, customerID, transactionID etc).
> It seems reasonable to say that all these data elements could be attached by
> our client's or by a third party to the identity of a natural person.
> 
> First, in the above statement when we state "attach", do we mean linking
> using data collected by any method, HTTP or other?
> Second, is it therefore reasonable to say that most sites that store state @
> an individual level can not use the <NON-IDENTIFIABLE/> attribute?
> 
> fi
> 
Received on Thursday, 30 November 2000 10:24:49 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:01:07 UTC