proposal ISSUE-188 ("unlinkable"): 3.6.1 - "render unlinkable"

The current editor's draft includes an option for the definition of unlinkable data in section 3.6.1. That text is:

> 3.6.1 Option 1: Unlinkable Data
> A party render a dataset unlinkable when it
> 1. takes commercially reasonable steps have been taken to de-identify data such that there is confidence that it contains information which could not be linked to a specific user, user agent, or device in a production environment
> 2. publicly commits to retain and use the data in unlinkable fashion, and not to attempt to re-identify the data
> 3. contracually prohibits any third party that it transmits the unlinkable data to from attempting to re-identify the data. Parties should provide transparency to their delinking process (to the extent that it will not provided confidential details into security practices) so external experts and auditors can assess if the steps are reasonably given the particular data set.

(I believe this to be based on contributions from Shane and others.  If somebody wishes to link this note back to the original proposal, that's welcome -- but optional.  The purpose of this message is to make sure that we have an easily-retrieved record of all options before the group.)

Thomas Roessler, W3C <> (@roessler)

Received on Wednesday, 14 November 2012 23:30:42 UTC