RE: Deidentification (ISSUE-188) from TOUBIANA Vincent on 2014-07-16 (public-tracking@w3.org from July 2014)

From: TOUBIANA Vincent <vtoubiana@cnil.fr>
Date: Wed, 16 Jul 2014 18:19:17 +0200
To: <public-tracking@w3.org>
Message-ID: <01A1856C4999FF4287CCB37912A708EB073EBCDF@srv-cnilexc.cnil.fr>

I’d like to propose a definition of de-identification which is closer to the concept of anonymization defined in the Article 29 Opinion (http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp216_en.pdf).

 

A data-set is de-identified when it is no longer possible to: 

- isolate some or all records which correspond to a device in the dataset,

- link, at least, two records concerning the same device,

- deduce, with significant probability, the value of an attribute from the values of a set of other attributes.

 

The third criteria may -- in some cases -- go beyond de-identification but the first two are, in my opinion, required to limit re-identification risks.

 

Best regards,

 

Vincent Toubiana

 

 

De : Justin Brookman [mailto:jbrookman@cdt.org] 
Envoyé : mercredi 16 juillet 2014 04:47
À : public-tracking@w3.org (public-tracking@w3.org)
Objet : Deidentification (ISSUE-188)

 

All, I have updated the wiki (https://www.w3.org/wiki/Privacy/TPWG/Change_Proposal_Deidentification) to reflect what I *think* are the active change proposals on data minimization.  If I incorrectly culled yours --- or you wish to propose different language --- please let us know!

Received on Thursday, 17 July 2014 13:46:07 UTC