- From: Rigo Wenning <rigo@w3.org>
- Date: Tue, 16 Oct 2012 15:48:22 +0200
- To: public-tracking@w3.org
- Cc: David Wainberg <david@networkadvertising.org>, Alan Chapell <achapell@chapellassociates.com>, Shane Wiley <wileys@yahoo-inc.com>, Vincent Toubiana <v.toubiana@free.fr>, Jeffrey Chester <jeff@democraticmedia.org>, Jonathan Mayer <jmayer@stanford.edu>
David, On Saturday 13 October 2012 09:30:00 David Wainberg wrote: > Security solves for a particular problem: > unauthorized access to data. We solve the problem of unauthorized making and access to a dossier made of more than one data item. There are parallels. > And there is an understanding of the > value or risk associated with the data to be protected, and the > security is scaled proportionally. We are not in this situation > here, even though we've asked many times to identify specifics. Users today make a risk judgment about the potential abuse of their data. The common opinion is that once it is out, data will be abused. The limits only lie within the creativity of the folks abusing the data. Conclusion: don't give them data. > Vincent recently raised one specific case -- access to server > logs in a civil legal proceeding -- which is very helpful for > discussion. It can help us to zero on the specific problems that > are applicable, and then focus on specific, reasonable solutions > to those problems. I'm truly baffled by the reluctance to do more > of this. Sure, retention times in one of those. If you have a certain k- anonymity and a certain effort to de-anonymize, the risk is mitigated and we can go back to the user and tell them that their fears are not justified. It is all about making trust for the market place... So yes, I agree. We have business needs and consumer fears. And we need to navigate in that matrix, also for the permitted uses. Rigo
Received on Tuesday, 16 October 2012 13:48:52 UTC