I don't find it excessively nitpicky. It's relevant. Please elaborate. It seems that somewhere the data has to be associated in some way with a distinct user. On 10/27/11 1:14 PM, Jonathan Mayer wrote: > Fragmented or probabilistic tracking data might not be stored with a > hash or other single identifier. The privacy risk would, of course, > be the same. (I don't mean to be excessively nitpicky - a few months > ago my team looked at a third party doing fingerprinting of just this > sort.) > > On Oct 27, 2011, at 9:02 AM, David Wainberg wrote: >> >>> On Oct 25, 2011, at 2:13 PM, David Wainberg wrote: >>> >>>> >>>> On 10/24/11 8:18 PM, Jonathan Mayer wrote: >>>>> >>>>> I would strongly oppose limiting our definition of tracking to >>>>> only cover pseudonymously identified or personally identified >>>>> data. There are a number of ways to track a user across websites >>>>> without a single pseudonymous or personal identifier. >>>> I'm not sure what you mean here. Can you provide examples? >>> Any means of tracking that relies on fragmented or probabilistic >>> information. For example, browser fingerprinting. (See Peter >>> Eckersley's paper "How Unique Is Your Web Browser.") >> Ah. I would have included that in pseudonymously identified, because >> if data is stored against it by the server, it will be stored against >> a hash or something based on the fingerprint. >
Received on Thursday, 27 October 2011 19:31:26 UTC