- From: Rigo Wenning <rigo@w3.org>
- Date: Thu, 30 Nov 2000 15:11:35 +0100
- To: www-p3p-policy@w3.org
The definition of this was taken and modified from the whereas Nr. 26 of the European Data Protection Directive, which says: (26) Whereas the principles of protection must apply to any information concerning an identified or identifiable person; whereas, to determine whether a person is identifiable, account should be taken of all the means likely reasonably to be used either by the controller or by any other person to identify the said person; whereas the' principles of protection shall not apply to data rendered anonymous in such a way that the data subject is no longer identifiable; whereas codes of conduct within the meaning of Article 27 may be a useful instrument for providing guidance as to the ways in which data may be rendered anonymous and retained in a form in which identification of the data subject is no longer possible We didn't want all the overhead of this statement. But we wanted to give services, which are especially privacy friendly, the chance to show that in P3P. The tag is designed for them. If Lorrie say's you'll have at least to truncate the URI in the logs, this is here approach to say, it is not reasonably possible to get the identity of a user, if there are truncated URI's. Additionally, you'll have to explain the measures taken in the human-readable policy. Best, Rigo On Wed, Nov 29, 2000 at 05:16:10PM -0800, Fiona Walsh wrote: > > I've been assisting our client's with policy generation, and have some > questions about the <NON-IDENTIFIABLE/> attribute. > The spec. states > " > <NON-IDENTIFIABLE/> > This is an element that can only be present in the statement, if > there is no data or no identifiable data collected. Data is seen as > non-identifiable in the sense of the present specification, if there is no > reasonable way for the entity or a third party to attach the collected data > to the identity of natural person. > " > > Nearly all of our clients' sites have some persistent means of storing state > @ an individual level (cookiesID, customerID, transactionID etc). > It seems reasonable to say that all these data elements could be attached by > our client's or by a third party to the identity of a natural person. > > First, in the above statement when we state "attach", do we mean linking > using data collected by any method, HTTP or other? > Second, is it therefore reasonable to say that most sites that store state @ > an individual level can not use the <NON-IDENTIFIABLE/> attribute? > > fi >
Received on Thursday, 30 November 2000 10:24:49 UTC