- From: Karl Dubost <karl@la-grange.net>
- Date: Fri, 12 Jul 2013 08:03:33 -0400
- To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
- Cc: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Hannes Tschofenig [2013-06-26T02:29]: >> May I access to the information I created? — [karl] > > Further clarification is needed here. Typically, privacy concerns are raised when information is shared or when unauthorized access to information is gained. In this case, my line was "can I understand what is collected about me". Having access to the data which have been silently collected can help me take actions such as terminating a service, understanding my own patterns, adjusting my usage of a service because of privacy implications. As long as I do not have access to these data, I can't really make an informed choice about the consequences. >> May I record it myself (locally)? — [karl] > > Further clarification is needed here. Why is this is a privacy concern? Normally, everything can be “stored” that is available locally unless there is some DRM protection. Consequence of the previous one. Having access to the data online on a Web site doesn't mean that you can easily save them on your computer for further analysis. A perfect recent example is now the twitter archives that you can request in your preferences. There is plenty of meta information in these tweets that you can analyze yourself and/or feed in a software for understanding them and the extent of the issues or non-issues it creates. >> Am I able to have actions on this personal record? — [karl] > > Further clarification is needed here. What type of actions should be applied to the personal data? Can I erase the data or change the data? One technique which is recommended when you want to leave a social network is to enter garbage text instead or just removing the data. So that garbage text is replacing the records in the database. Some sites do not allow that, and you become permanently part of their records. Another possibility is when you would like to change the "memory of the system". Twitter for example allows people to delete tweets, but not in a programmatic way or massive way without relying on a third party script. You might want for example to erase all tweets but the last week or the last 100. See https://github.com/olivierthereaux/oldtweets >> May I fake it? (think about fuzzy geolocation or voluntary fake location) — [karl] > > Further clarification is needed here. In general, information from end devices can be faked in a variety of ways. For information that is provided by a third party this might be more difficult. Which case are you referring to? Privacy concerns are also raised when a system (device, infrastructure, law) unbalances the control of your actions. Let's say you are writing and sharing to people: "I'm in Toronto this week". This is a lot different than saying I'm located at this latitude and longitude at any time. The function (Location, time) in the Toronto/week case is fuzzy. But make it still possible to ask questions such as "What are the restaurants around?" or "What is the weather here?" Basically you are not sharing your precise location with the service? The same way you are on a business location, but you want the system to continue working like you were at home. Or the opposite. The fact is that you might want to say you are elsewhere and/or change the precision of your location. There was a time it was fashionable to put a meta name with your geolocation on your blog. Some services were aggregating this information and making geolocated directories of blogs and/or maps. Some of us where putting the location of a well-known monument instead of the precise geolocation of our home. Having that choice is interesting it helps remove some frictions with regards to privacy. Hope it clarifies. -- Karl Dubost http://www.la-grange.net/karl/
Received on Friday, 12 July 2013 12:03:37 UTC