RE: The PII Namespace

Just a note of caution here.  We are watching an increasingly sterile
argument over what is and what is not PII, including because arbitragers
want to target folk with 'behavioural advertising' by collecting lots of
information about them that in law (but not concept) is not PII and hence
avoid certain forms of regulation.  The FTC, among others, is on their case.


See for example the article that is online at
https://www.privacyassociation.org/publications/retroactive_zip_code_ruling_
incites_flurry_of_class-actions/. 

In particular, note the very wise comment from Marty Abrams towards the end
of the article.  The following three paras are an extract:

Martin Abrams, executive director of the Center for Information Policy
Leadership at Hunton & Williams, says defining what constitutes personal
information is the wrong approach.

There is no such thing as personal information vs. non-personal information
anymore, not in a highly connected online world, Abrams said. Rather, there
is information that is easily linkable to the individual, like a name and
address together, or information that requires more work to link, like a zip
code, Abrams said.

“The answer to this question is not to figure out what is technologically
easy to link, because technology will increasingly make things easy to
link,” Abrams said. “It’s about taking a different road based on a policy
perspective. What do we promise never to link, and what are the sanctions
around those promises?”


Malcolm Crompton

Managing Director
Information Integrity Solutions Pty Ltd
ABN 78 107 611 898

T:  +61 407 014 450

MCrompton@iispartners.com  
www.iispartners.com 






-----Original Message-----
From: public-egov-ig-request@w3.org [mailto:public-egov-ig-request@w3.org]
On Behalf Of Chris Beer
Sent: Tuesday, 8 March 2011 10:30 AM
To: Gannon Dick
Cc: public-egov-ig@w3.org
Subject: Re: The PII Namespace

Hi Gannon

You'll what now?? :)

I know PII has been discussed before, expecially in view of a 
comparative implementation to FOAF.

Your point in this might be better explained if you could provide a 
practical example - how could PII (or FOAF for that matter - both seek 
to achieve the same thing) assist an agency in reinforcing a stated 
privacy policy? Privacy is a bit of a big ticket eGov item for many 
states/agencies world wide at the moment, so I for one would be curious 
as to your thoughts there. :)

(Remember to keep it simple - it may have to be explained this to 
"policy wonks".)

Chris

On 7/03/2011 11:28 AM, Gannon Dick wrote:
> Site searches normally require a "bit bucket" of sorts when search results
have some cyber-stalking overtones.  From a Commercial Perspective most
Social Networking sites and Search Engines can push an extra page of ads, so
the trouble of rewriting this page functionality is perhaps worthwhile.
>
> For Government and non-profit NGO's the situation is different.  There is
no potential benefit to a sticky domain.  Rather than go to the trouble of
explaining that the query is out of line, users can be sent to the
Personally Identifiable Information (PII) namespace.
>
> http://purl.org/pii/terms/  There are 15 terms/URL's, for the fastidious,
but any one of them will make the point that the requested information is
unavailable.  In addition, a 16th, http://purl.org/pii/terms/misc should be
reserved for exactly the opposite message - that the referring page contains
no PII.  That may be an adoptable standard, maybe not.  It might be handy
for reinforcement of a stated privacy policy.  This is not so much about
creating Standards as it is saving time and trouble on Requirements
Documentation, which is to say I'll let Chris Beer handle the
Internationalization :o)
>
> --Gannon

Received on Tuesday, 8 March 2011 04:42:52 UTC