- From: John Simpson <john@consumerwatchdog.org>
- Date: Tue, 2 Apr 2013 12:09:52 -0700
- To: Shane Wiley <wileys@yahoo-inc.com>
- Cc: Dan Auerbach <dan@eff.org>, "public-tracking@w3.org" <public-tracking@w3.org>
- Message-Id: <40854AB1-C837-4F0E-B738-167390BC82DC@consumerwatchdog.org>
then what are you retaining and using the data for? On Apr 2, 2013, at 11:03 AM, Shane Wiley <wileys@yahoo-inc.com> wrote: > Dan, > > Once the one-way hash is applied (and other elements of record appropriately cleansed) the data is moved to a system that is not allowed to be accessed externally. Its these operational and administrative controls that are essential to ensure de-identified data is not re-identified at some later time. I believe you’re looking only at the technical merits which is only seeing a small portion of the overall solution. > > - Shane > > From: Dan Auerbach [mailto:dan@eff.org] > Sent: Tuesday, April 02, 2013 10:59 AM > To: public-tracking@w3.org > Subject: Re: de-identification text for Wednesday's call > > On 04/02/2013 08:50 AM, Shane Wiley wrote: > once the one-way hash function has been applied the data is never again able to be accessed in real-time to modify the user’s experience. > I think I'm confused, can you explain this more? How is this possible? If you are just hashing a cookie string, your web server receives a request that includes a cookie string, you hash that cookie string (which is in incredibly fast operation), match the hashed cookie against the stored data, and return personalized results. > > Or are you salting the hash differently for every request, or combining the cookie with an ephemeral piece of data (the timestamp) before hashing and then throwing away the timestamp? > > Thanks for clarifying, apologies if I'm just being dense. > > Dan > > > -- > Dan Auerbach > Staff Technologist > Electronic Frontier Foundation > dan@eff.org > 415 436 9333 x134
Received on Tuesday, 2 April 2013 19:10:25 UTC