- From: Caspar Bowden <casparb@microsoft.com>
- Date: Tue, 20 Jul 2010 09:55:35 +0000
- To: David Singer <singer@apple.com>, Thomas Roessler <tlr@w3.org>
- CC: "public-privacy@w3.org" <public-privacy@w3.org>
- Message-ID: <87A6D89C0D9E3E4E94253D25B8F9B2E7C2BCD6@DB3EX14MBXC316.europe.corp.microsoft.com>
May I recommend this article in the June 2010 CACM by two of the leading researchers<http://www.microsoft.com/emea/presscentre/pressreleases/23072008_PETSFS.mspx> on (de-anonymisation http://unescoprivadesa.urv.cat/media/_pdf/shmat_cacm10.pdf It merits really close study - it is not just-another survey article -- Caspar Bowden Chief Privacy Adviser Microsoft WW Technology Office +44 (0) 7801 881371 > -----Original Message----- > From: public-privacy-request@w3.org [mailto:public-privacy-request@w3.org] > On Behalf Of David Singer > Sent: 20 July 2010 11:11 > To: Thomas Roessler > Cc: public-privacy@w3.org > Subject: Re: Thanks for joining the W3C privacy workshop last week! > > Thomas, thanks for organizing it. I found it hugely worthwhile, really thought- > provoking. Thanks for all the great discussion. > > I was noodling around with the 'warning icons' and trying to come up with > other texts, for what it's worth (though these icons presume a basis of 'normal' > which we'd need to define first). > > here's a try: > > Data usage: a) Data that personally identifies you is being used for other than > the 'primary purpose'. > maybe add one for: Your data is anonymized and merged with other people's > data. (But everyone does this). > > Data transactions: We might sell or barter personally-identifiable data of > yours. > > Legal usage: We may give personally identifiable data to law authorities when > we could legally have resisted. > > Retention: After your transaction/account is over, and after any legally > required retention period, we may continue to hold your data. Stronger > version: and you cannot ask to delete it. > > Advertising/3rd parties: We convey personally identifiable data to our > advertisers and other 3rd parties not involved in the primary purpose (e.g. for > targeting). > Our advertisers/3rd parties, possibly with our help, identify/track you on > other sites as well. > We acquire data from advertisers/3rd parties and attach it to your personal > data. > > (Security rating, not sure). > > (Building a profile, dealt with under ad/3rd parties) > > * * * * * * > > There is one warning I don't know how to phrase. There are (at least) two > steps possible in anonymization: > a) your name and other identifiers are removed from the record, but then the > record itself is kept intact (e.g. the database knows it had a one-legged male > customer aged 23 living in Brighton, born in Venezuela, and buying > rollerblades) > b) the record itself is de-correlated (e.g. the database knows it had 3 people > born in Venezuela, 561 customers in Brighton, 43 one-legged people, 56% male > customers, and so on) > > The problem with doing only step (a) is, as was pointed out, remarkably few > facts are enough to re-identify you... > > > On Jul 19, 2010, at 22:52 , Thomas Roessler wrote: > > > Dear colleagues, > > > > I wanted to thank you all for joining the W3C privacy workshop last week. > This is the first posting to the promised follow-up mailing list, public-<mailto:public-privacy@w3.org> > privacy@w3.org<mailto:public-privacy@w3.org> (no pun intended). > > > > Please feel free to use this mailing list to follow up on the discussions we had > at the workshop. Meanwhile, Dan and I are working on the workshop report > and minutes that we hope to circulate here shortly. > > > > Note that the presentations are now all linked from the agenda page: > > http://www.w3.org/2010/api-privacy-ws/agenda.html > > > > Regards, > > -- > > Thomas Roessler, W3C <tlr@w3.org<mailto:tlr@w3.org>> (@roessler) > > > > > > > > > > > > > > > > > > David Singer > Multimedia and Software Standards, Apple Inc. > >
Received on Tuesday, 20 July 2010 13:36:17 UTC