- From: Nick Doty via GitHub <sysbot+gh@w3.org>
- Date: Fri, 12 Aug 2022 18:57:31 +0000
- To: public-patcg@w3.org
npdoty has just created a new issue for https://github.com/patcg/docs-and-reports: == threat model: (small) group privacy == The threat model currently considers leaks of information about individual users. However, leaks of information about groups of users may still have very significant privacy threats. In particular, for small groups, revelations that some subset of the group visited a particular site could be very sensitive. For example, if a teacher learns that X of their Y students have visited a webpage about a certain health condition or procedure, the students may be very surprised and concerned that that information was revealed, even if the teacher cannot determine which student visited which site. These threats are especially relevant in cases of some power asymmetry: students may be compelled to reveal additional information about themselves once some information is uncovered to teachers or administrators. Group privacy also has impacts on individual privacy. If the aggregator learns with high confidence that the vast majority of a certain annotated group has visited a site or taken an action, then the aggregator can also conclude that a user in that group likely visited a site or took an action. Annotations about the group may not be visible in the measurement protocol, but could be additional information known to the aggregator by communication with the site or app, for example. Please view or discuss this issue at https://github.com/patcg/docs-and-reports/issues/9 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 12 August 2022 18:57:37 UTC