W3C home > Mailing lists > Public > public-dntrack-contrib@w3.org > April 2012

Re: after W3C f2f in DC last week -- phone call Thursday morning 9 am Pacific time?

From: Lee Tien <tien@eff.org>
Date: Wed, 18 Apr 2012 19:54:28 -0700
Cc: public-dntrack-contrib@w3.org
Message-Id: <C27F0A4C-D0D3-4DCD-90CE-3E8F208C016F@eff.org>
To: Jeremy Malcolm <jeremy@ciroap.org>
Hi Jeremy,

I don't know the answer to the first question.  Nick may.

On the second, 1024-anonymity is a specific level of k-anonymity.  k is the "fuzziness" of the anonymity, i.e. if attempts to link data ambiguously map the information to at least k entities. 

So the idea is that even with serious efforts by a skilled re-identifier, the best she can do is to point to 1024 people or devices.  Chris Soghoian has written http://news.cnet.com/8301-13739_3-10038963-46.html

"As an example, an IP address of a home user could be After 18 months, Google chops this down to 173.192.103.XXX. Since each octet (the numbers between each period of an IP) can contain values from 1-255, Google's anonymization technique allows a user, at most, to hide among 254 other computers."  

(I don't know what Google's current policy is, this is an example.)


On Apr 18, 2012, at 6:36 AM, Jeremy Malcolm wrote:

> On 18/04/2012, at 8:40 AM, Lee Tien wrote:
>> Apologies to Jeff Chester for not saying that this request for a meeting was at his urging.  Jeff has put a great deal of energy and effort into the W3C process.
>> We hope you will be able to make the call.
> It's unlikely I'm afraid, but I have read the Eckersley-Lowenthal-Mayer proposal (which looks excellent), and have some questions:
> 1. If an out-of-band selection is made, does the user agent somehow recognise this and reflect it in its own exception API?  For example if I click on "allow" for Google on a Google preferences Web page, then go to my list of exceptions in the browser's preferences window, does Google appear there?  Sorry if this is answered somewhere and I missed it.
> 2. What does this mean, in terms that a non-mathematician can understand? "N-unlinkability is the special case of K-anonymity where all values are considered part of the pseudo-identifier. A dataset is "unlinkable" when there is a high probability that it contains only information which, for a skilled analyst, is 1024-unlinkable with respect to particular users, user agents, or devices."
> Thanks.
> -- 
> Dr Jeremy Malcolm
> Senior Policy and Project Officer
> Consumers International
> Kuala Lumpur Office for Asia-Pacific and the Middle East
> Lot 5-1 Wisma WIM, 7 Jalan Abang Haji Openg, TTDI, 60000 Kuala Lumpur, Malaysia
> Tel: +60 3 7726 1599
> Follow @ConsumersInt
> Like us at www.facebook.com/consumersinternational
> Read our email confidentiality notice. Don't print this email unless necessary.
Received on Thursday, 19 April 2012 02:54:56 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:37:11 UTC