Issue-188 from Mike O'Neill on 2014-07-18 (public-tracking@w3.org from July 2014)

From: Mike O'Neill <michael.oneill@baycloud.com>
Date: Fri, 18 Jul 2014 20:30:23 +0100
To: <vtoubiana@cnil.fr>
Cc: <public-tracking@w3.org>, "'Roy T. Fielding'" <fielding@gbiv.com>
Message-ID: <0e6801cfa2be$ba3fc0e0$2ebf42a0$@baycloud.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Vincent,

What I was getting at was the text as is would allow data to be collected (into a record keyed by a unique identifier) as long as there was only one record (bit pattern whatever) per user device linked to the key. If the data retained contained a score (a low-entropy bit pattern categorising but not identifying the user) updated after every transaction (i.e. this user has visited n pages containing pregnancy information, m sites about fashion for young women  etc.) then the score could be updated and all the data other than the scores and keys discarded.

There would only be one “record” per user but the user is still being tracked and therefore profiled. I do not think this data-set could be regarded as de-identified (so that DNT could be ignored), although a case could be made for some intermediate state like the yellow state Shane and Rob were talking about i.e. “pseudonymous” PII, if we needed to go down that path.

I see from your reply to Roy that you did not mean that, and that the data-set should be incapable of being linked to another data-set, which I take to encompass data derived from a subsequent transaction. To allow session related UI, linking to data from subsequent transactions could be allowed within a duration of a few hours (say 2).

How about the following friendly amendment to make that clearer, would this be acceptable?

A data-set is de-identified when it is no longer possible to:
- - isolate any data which corresponds to a particular device or user,
- - link any such data with data derived from a transaction more than 2 hours later concerning the same device or user
- - deduce, with significant probability, information about a device or user.


Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (MingW32)
Comment: Using gpg4o v3.3.26.5094 - http://www.gpg4o.com/
Charset: utf-8

iQEcBAEBAgAGBQJTyXXMAAoJEHMxUy4uXm2JCD0H+wWAbE8YZ7iNWETvjbLSuIBd
EGMlnxnPIJR3G0qJtOeAkqG8LbwNt55LldmQH/ncCXg2KoS5qKreAc8KFuzWV7DA
X49RLAqPCvjkP7+7omlQg7HnJ0ZLAQ/HXme79gciy5bI1Wbmq/ZI40cpfO+/REsV
oL0mnXhTEZzpf0APV5o00KBSEhU7UrSpJgD6anaIG8EGEWNydkxvdxrPz0bJ4Tdh
ptZdqKbdwz3v+c1jfQsdfvkrVST2WC3Hn+hgXs3xKe5qSMk8TRiokvEMac/vKTK2
xvf4RjdR6p5OBW8ui7Ec9LJJaHYzyUH4OUMPXErfEY0uPfG/yUBfA7n+DhLq5do=
=F8Bp
-----END PGP SIGNATURE-----

Attachments

text/html attachment: PGPexch.htm
application/octet-stream attachment: PGPexch.htm.sig

Received on Friday, 18 July 2014 19:31:05 UTC