- From: Wendy Seltzer <wendy@seltzer.com>
- Date: Fri, 21 Dec 2012 12:46:30 -0500
- CC: "public-privacy@w3.org Privacy" <public-privacy@w3.org>
On 12/21/2012 12:34 PM, David Singer wrote: > > On Dec 21, 2012, at 7:30 , Karl Dubost <karld@opera.com> wrote: > >> >> Le 20 déc. 2012 à 18:53, <Ian.Oliver@nokia.com> <Ian.Oliver@nokia.com> a écrit : >>> This particular spec/API in the form here has no privacy aspects at all. If there are then it will be buried down in the infrastructure supporting such an API/Spec and thus be out of scope and highly context dependent. >> >> In most circumstances, the technology is neutral because its goal is to propagate a message. HTTP logs are not privacy invasive, but their records on a long term might become privacy invasive. >> >> The strategy is then becoming a question such as >> >> * may I access to the information I created? >> * may I record it myself (locally)? >> * am I able to have actions on this personal record? >> * may I block partly or totally the record of the information? >> (think about geolocation API) >> * may I fake it? >> (think about fuzzy geolocation or voluntary fake location) >> >> In the case of Ambient events, the first privacy issue we could raise, does the API provide a mechanism (messaging channel) to block and/or modify the information at the user level. > > > I like this line of questions; here are some more… > > 1) Is the data personally-derived, i.e. derived from the interaction of a single person, or their device or address? [If so, even if anonymous, it might be re-correlated] > 2) Does the data record contain elements that would enable such re-correlation? [examples include an IP address, and so on] > 3) What other data could this record be correlated with? [e.g. the ISP] > 4) If you had large amounts of this data about one person, what conclusions would it enable you to draw? [e.g. maybe you could estimate location from many ambient light events by estimating latitude and longitude from the times of sunrise and sunset] > And some more: * Am I likely to know if information is being collected? * How visible is its collection and or use? * Do I get feedback on the patterns that the information could reveal (at any instant, over time) so I can adjust behaviors? good thread! --Wendy -- Wendy Seltzer -- wendy@seltzer.org +1 617.863.0613 Policy Counsel, World Wide Web Consortium (W3C) Fellow, Berkman Center for Internet & Society at Harvard University Visiting Fellow, Yale Law School Information Society Project http://wendy.seltzer.org/ https://www.chillingeffects.org/ https://www.torproject.org/ http://www.freedom-to-tinker.com/
Received on Friday, 21 December 2012 17:47:08 UTC