- From: Rigo Wenning <rigo@w3.org>
- Date: Thu, 01 Nov 2012 00:10:23 +0100
- To: public-tracking@w3.org
- Cc: Shane Wiley <wileys@yahoo-inc.com>, "ifette@google.com" <ifette@google.com>
Shane, IMHO, the data minimization principle and the purpose limitation we installed for permitted uses cut both ways. Only collect what is necessary and only keep it as long as you need it. So "graduate response" by saying I delete stuff that I don't need anymore is an expression of those principles. The issue is rather how much "more" will trigger the alarm bells of "unnecessary" collection. There is wiggle room and we can explore that. But I wouldn't assume we can disregard the collection limitation and just bet on the subsequent deletion. No easy answer there. Nick tries to put that in words. Not bad. What would you open up with which changes to Nick's wording? Rigo On Wednesday 31 October 2012 09:15:59 Shane Wiley wrote: > Would it be possible to look at “graduated response” in the > opposite direction as an element of data minimization? Collect > more data up-front (security, debugging, frequency capping) and > move to less data where possible as a “graduated response”. As I > stated in Amsterdam, attempting to operational-ize a technical > “graduated response” in the less->more sense is not a trivial > matter (if at all really possible in most circumstances), whereas > the opposite is much more doable.
Received on Wednesday, 31 October 2012 23:10:51 UTC