- From: Fiona Walsh <Fiona.Walsh@avenuea.com>
- Date: Wed, 29 Nov 2000 17:16:10 -0800
- To: www-p3p-policy@w3.org
I've been assisting our client's with policy generation, and have some questions about the <NON-IDENTIFIABLE/> attribute. The spec. states " <NON-IDENTIFIABLE/> This is an element that can only be present in the statement, if there is no data or no identifiable data collected. Data is seen as non-identifiable in the sense of the present specification, if there is no reasonable way for the entity or a third party to attach the collected data to the identity of natural person. " Nearly all of our clients' sites have some persistent means of storing state @ an individual level (cookiesID, customerID, transactionID etc). It seems reasonable to say that all these data elements could be attached by our client's or by a third party to the identity of a natural person. First, in the above statement when we state "attach", do we mean linking using data collected by any method, HTTP or other? Second, is it therefore reasonable to say that most sites that store state @ an individual level can not use the <NON-IDENTIFIABLE/> attribute? fi
Received on Wednesday, 29 November 2000 20:17:04 UTC