See also: IRC log
<justin> scribenick> chapell
<justin> scribenick: chapell
scribenik, chapell
Brooks: De-identified means you
can't link identity to is
... de-intentified is a subset of unlinkable
... we should come as close to an english language def
... def: unlinkable means you can't link new info to the
record
... BMW enthusiast is a set of data --- you can't introduce a
new data segment to the set
that is unlinkable
justin: take a data set that has attributes that GTR, ESPN.com bought yankees tix --- but if you can't add additional data sets, is that a stronger def of de-identified
Brooks: yes
Haakon: def of personal data in eu is data that cannot be linked to.... so using the term unlinkable here might be problematic and seen as conflicting with eu law
brooks: compariing the difference between two poorly defined terms is not super helpful
Justin: there is a
difference
... if market research is a permitted use, then the
de-identifcation discussion becomes moot
... it is hard to call data de-identifed if there is a way to
tie it back (felton, eu regulators agree)
... the simple promise of not tying it back isn't really
enough
<haakonfb> http://www.w3.org/2011/tracking-protection/drafts/CambridgeBareBones.html#def-unlinkable
Justin: If the user pro-actively turns on DNT, then it seems like that market research companies should not be able to continue to conduct their market research under the de-identification premise
Brooks: what is specific and what is general in terms of consent? Comscore may obtain an out-of band consent
Justin: if we treat dnt1 users as
opted out of panels, people will have less trust in the #'s
provided by market research
... and this will in turn cause trust problems in the
marketplace
Haakon: def of unlinkable: he likes the def where the entity promises not to relink the data
Justin: likes option #1 if the first and third bracketed words taken out
takes reasonable steps to de-identify data such that there is high probability that it contains information which could not be reasonably linked to a specific user, user agent, or device [in a production environment]
Justin: in a production environment ---- you still have the cookie and put the data in a vault and promise not to look at it
brooks: to prove something de-identifiable you need to meet a really high (EFelton's) standard
Justin: the FTC report relied on
the term reasonable.
... likes the FTC approach.
... perhaps a narrower def of market research would be where we
end up
this standard won't solve the govt access problem
brooks: we need new terms here. every time we use exisiting terms, there's some other standard that is married to that term
justin: it would be helpful to understand how much value we'd lose by having more stringent data identification standards
group deliberating around the FTC's def of unlinkability
This is scribe.perl Revision: 1.137 of Date: 2012/09/20 20:19:01 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Found ScribeNick: chapell Inferring Scribes: chapell WARNING: No "Topic:" lines found. Default Present: MIT346 Present: MIT346 WARNING: Fewer than 3 people found for Present list! WARNING: No meeting chair found! You should specify the meeting chair like this: <dbooth> Chair: dbooth Got date from IRC log name: 12 Feb 2013 Guessing minutes URL: http://www.w3.org/2013/02/12-dnta-minutes.html People with action items: WARNING: Input appears to use implicit continuation lines. You may need the "-implicitContinuations" option. WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report[End of scribe.perl diagnostic output]