W3C home > Mailing lists > Public > public-tracking@w3.org > August 2014

Re: Deidentification (ISSUE-188)

From: Roy T. Fielding <fielding@gbiv.com>
Date: Tue, 26 Aug 2014 11:57:18 -0700
Cc: "public-tracking@w3.org WG" <public-tracking@w3.org>
Message-Id: <946DA8F4-68B7-4D53-A964-FADDCC452865@gbiv.com>
To: David Singer <singer@apple.com>
I am still in favor of a short definition that makes it very clear what
we want to achieve in terms of limiting the data.  If folks want to place
additional requirements on a party, separate from the definition of the
state we want the data to be in, then I think that should be discussed
and agreed on separately.

To that end, I have replaced my proposal with the following:

   Data is permanently de-identified when there exists a high level
   of confidence that no human subject of the data can be identified,
   directly or indirectly, by that data alone or in combination with
   other retained or available information.

If adopted, we would replace all occurrences of "de-identif(y|ied|ying)"
in TCS and TPE with permanently de-identified.

Rationale:

I adopted David's "permanently de-identified" to avoid the association
with re-identifiable data and added "combination with other retained ...
information" to exclude holding onto a key for re-identification.

I replaced "user" with "human subject of the data", since we also want
to remove data provided by the user that (inadvertently) is about
others (what most statistic-based data trimming does automatically).
However, we don't want to remove data which might be about a human
who is not the subject (e.g., recording the number of distinct visitors
to my blog is data about the visitors, not about me).

I use "directly or indirectly" to indicate that this includes anything
that might end up identifying a human subject, no matter how.
If someone thinks we should have specific text about identifiers on
user agents or devices, that can be a non-normative example without
weakening this definition.


Cheers,

Roy T. Fielding                     <http://roy.gbiv.com/>
Senior Principal Scientist, Adobe   <http://www.adobe.com/>
Received on Tuesday, 26 August 2014 18:57:41 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:40:12 UTC