W3C home > Mailing lists > Public > public-privacy@w3.org > July to September 2015

Privacy Questionnaire

From: Kepeng Li <kepeng.lkp@alibaba-inc.com>
Date: Thu, 30 Jul 2015 09:14:21 +0800
To: Christine Runnegar <runnegar@isoc.org>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Message-ID: <D1DF9A74.14AF8%kepeng.lkp@alibaba-inc.com>
Hello all,

>Link to the PING working document:
https://www.w3.org/wiki/Privacy_and_security_questionnaire


I propose to add another privacy question:

X Will this specification generate data? What is the classification of the
generated
data and how to deal with that?

Explanation: 
Understanding the classification of the generated data is important to
determine the
processing methods. One way to minimize the privacy impact is to minimize
the
collection of personal information in the first place and to limit the
retention of that data for further processing. To protect the privacy data,
some methods can be adopted, e.g. de-identification, anonymous, encryption.

Example: There are a number of classification schemes
that can be used to achieve this process step, but in general we should
determine: why the data is collected, what is the primary purpose for the
processing, where it is being transferred or stored and how long it is
being
retained. In addition, the anonymity characteristic or the degree that the
individual associated with the personal data can be identified, linked to,
or
named through observing the network traffic containing the data, needs to
be
classified (that is, the personal data, in fact, personally identifiable
information or PII). Personal data is classified as identified,
identifiable
and non-identifiable. In addition, a classification of sensitive
identifiable
should be considered.


Thanks,

Kind Regards
Kepeng

>
>> Begin forwarded message:
>> 
>> From: Christine Runnegar <runnegar@isoc.org>
>> Subject: Fwd: Save the date - PING at IETF - Thursday 23 July
>> Date: 15 July 2015 9:57:12 am GMT+2
>> To: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
>> Resent-From: <public-privacy@w3.org>
>> 
>> PING and friends,
>> 
>> We will be meeting in the Rokoska room between 11:30 and 13:00 on
>>Thursday 23 July 2015.
>> 
>> Anyone with an interest in privacy is welcome. Bring your friends!
>> 
>> Please let us know (off list) if you plan to attend.
>> 
>> The main topic will be the draft TAG privacy and security questionnaire:
>> 
>> https://w3ctag.github.io/security-questionnaire/
>> 
>> Link to the PING working document:
>> 
>> https://www.w3.org/wiki/Privacy_and_security_questionnaire
>> 
>> Useful background reading:
>> 
>> DRAFT - Fingerprinting guidance -
>>https://w3c.github.io/fingerprinting-guidance/
>> DRAFT - Privacy considerations -
>>https://w3c.github.io/privacy-considerations/
>> DRAFT - Specification Privacy Assessment - http://yrlesru.github.io/SPA/
>> 
>> Please note that this will be a ¡°bring your own lunch¡± meeting
>> 
>> Christine and Tara
>> 
>>> Begin forwarded message:
>>> 
>>> From: Christine Runnegar <runnegar@isoc.org>
>>> Subject: Save the date - PING at IETF - Thursday 23 July
>>> Date: 10 June 2015 7:59:29 am GMT+2
>>> To: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
>>> Resent-From: <public-privacy@w3.org>
>>> 
>>> Hi all,
>>> 
>>> We will be again organising an informal PING and friends get-together
>>>alongside IETF.
>>> 
>>> Please join us on Thursday 23 July 2015 during the lunch break.
>>> 
>>> (Precise meeting time and location to be advised)
>>> 
>>> Christine and Tara
>> 
>
Received on Thursday, 30 July 2015 01:15:09 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 30 July 2015 01:15:10 UTC