Re: June Change Proposal, de-identified

Hi Thomas and Roy,

I have added these two proposals to the wiki page collecting change proposals on deidentification: http://www.w3.org/wiki/Privacy/TPWG/Change_Proposal_Deidentification

Thomas, I modified your language slightly in a way that I believe is easier to read in a grammatical way, but isn't intended to change its apparent meaning.

Thanks,
Nick

On Jun 26, 2013, at 9:03 AM, Thomas Schauf <schauf@bvdw.org> wrote:

> On issue 188 the existing text in sec. 2.8 is pretty unclear: "has achieved a reasonable level of justified confidence"
> I would like to make a proposal which is more European/German legal language:
> 
> Data is deidentified when a party:
> 1. data that has been collected, altered or otherwise processed so that it of itself cannot be attributed to a data subject without the use of additional data which is subject to separate and distinct technical and organisational controls to ensure such non attribution, or that such attribution would require a disproportionate amount of time, expense and effort.
> 
> KR, Thomas
> 
> Thomas Schauf
> Head of European & International Affairs


> Von: Roy T. Fielding [mailto:fielding@gbiv.com] 
> Betreff: June Change Proposal, de-identified
> 
> This is ISSUE-188
> 
> The definition of de-identified does not capture the discussion we had on list regarding anonymous data and the unnecessary burden of contracts.  It also uses old terms like "consumer"
> and "computer" that we don't need, and is phrased in terms of the process of de-identification (what a party must do) rather than the state of the data after de-identification has completed.
> 
> Existing text in Sec 2.8:
> ============================
> Data is deidentified when a party:
> 
> 1. has achieved a reasonable level of justified confidence that the data cannot be used to infer information about, or otherwise be linked to, a particular consumer, computer, or other device;  2. commits to try not to reidentify the data; and  3. contractually prohibits downstream recipients from trying to re-identify the data.
> ============================
> 
> Replacement:
> ============================
> A data set is considered de-identified when there exists a reasonable level of justified confidence that the data within it cannot be used to infer information about, or otherwise be linked to, a particular user.
> ============================
> 
> ....Roy

Received on Thursday, 27 June 2013 07:51:09 UTC