00:31:08 dsinger has joined #dntc 02:22:46 npdoty has joined #dntc 16:45:22 RRSAgent has joined #dntc 16:45:22 logging to http://www.w3.org/2013/02/12-dntc-irc 16:45:25 rrsagent, make record public 16:45:52 zakim, who is on the phone? 16:45:52 On the phone I see Jonathan_Mayer, +1.646.654.aaaa, +1.617.253.aabb 16:49:30 ionel has joined #dntc 16:50:05 board: the questions from http://www.w3.org/wiki/Privacy/DNT-Breakouts 16:50:40 plus the FTC definition: data is not “reasonably linkable” to the extent that a company: (1) takes reasonable measures to ensure that the data is de-identified; 16:50:40 (2) publicly commits not to try to reidentify the data; and 16:50:40 (3) contractually prohibits downstream recipients from trying to re-identify the data. 16:51:12 speaking about 3) - contractually prohibits… 16:51:47 ed: a concern may be under 3) that if you make the data public you may not be in a position where you can have a contract 16:52:44 the case: a company is OK privacy-wise, but someone says - aha, you don't have a contract with the public under point 3) 16:53:15 ed: you can put it in terms of use 16:53:31 focusing on 1) 16:54:12 regarding examples - question 3 16:54:22 finding examples of OK and not OK 16:55:00 Lou: some of the stuff Thomas Schauf was presenting would provide some examples of OK 17:00:07 looking at t. schauf's slides to better understand pseudonyomous data 17:01:26 - +1.646.654.aaaa 17:01:43 jmayer - short term browsing history is no privacy concern is probably undermined by research at this point 17:02:54 ed: browser history linked to a cookie id is not unlinkable data 17:05:00 ionel: not sure why as using a random id then a "transformed" id linked to the same data is basically the same thing 17:05:09 lou: what is the problem we're trying to solve> 17:05:10 ? 17:05:39 what is the privacy harm after we take the PII out? 17:05:51 ed: remaining info can be potentially be linked back to the user 17:06:14 ed: question is the level to go to to actually be unidentifiiable 17:07:06 each harm will have different risk mitigation techniques 17:07:52 we're in a scenario where we're trying to override a choice by being sure that the user's data is not going to be compromised 17:08:20 jmayer: focus is on understanding cases where privacy risks are not there 17:08:51 we can avoid the harm discussion for the purposes of deidentification 17:08:59 lou: are we defining "not tracking"? 17:09:01 ed: no 17:09:31 we're trying to say confidently that whatever the user was trying to do when activating DNT is not affected 17:10:17 chris: browsing history can include sensitive info 17:15:32 on the board: not compliant - still have PII 17:17:22 jmayer: do we have consensus that if any of the urls happen to have usernames, names, etc, then this info is not unidentifiable? 17:17:25 lou: yes 17:17:49 jmayer: if we have a reasonable risk that pii is iincluded, can you count that info as not unidentifiable or not? 17:18:27 example: you collect a bunch of stuff and you know that this may include usernames or email addresses 17:19:04 lou - don't know 17:19:28 ed: is there a justifiable level of justified confidence that the URL does not include info that could lead back to the user? 17:25:00 chris: I've heard some consumer groups saying that a URL history by itself may pose threats even without PIIs 17:25:33 lou: in the sensitive stuff we take the PII out 17:25:51 ed: for people compliant with DAA 17:26:01 Lou: we look at the whole market 17:26:08 so it would apply to the market 17:27:37 -Jonathan_Mayer 17:27:39 ed: the URLs may have all kind of info packed into them 17:27:57 +Jonathan_Mayer 17:28:58 one easy example is to connect this data to a cookie id that is still alive 17:30:06 lou: how easy is to infer info from the URLs? 17:35:03 jmayer: the point of the category is to set aside business concerns, legal concerns 17:35:43 lou: I agree - once we get to the definition and get the PII out we get to the clear road of "this is what we're looking for" 17:37:54 Chris: I can understand the argument that sometimes it can contain PII, although in practice it may be difficult 17:38:05 ed: hard in practice to identify what's sensitive in the URL history 17:40:31 jmayer: removing PII and would probably be not enough either 17:42:34 lou: we also need to look at the contractual obligations - we don't want to go into the same trap as with P3P 17:43:31 the definition on board speaks to that: for a good actor this is something they live on, and for a bad actor FTC takes care of it 17:43:50 ed: but even in the room we haven't agreed on some of the meanings in some cases 17:49:13 board: url history alone, unless there's a reasonable level of justified confidence that history does not contain any identifier 17:49:32 means not compliance 17:56:36 question 4: should the discussion mention pseudonymous data or we should just talk about the definition, or do we define pseudonymous data as such 17:57:27 ts has joined #dntc 17:58:14 - +1.617.253.aabb 17:58:15 -Jonathan_Mayer 17:58:15 Team_(dntc)16:00Z has ended 17:58:15 Attendees were Jonathan_Mayer, +1.646.654.aaaa, +1.617.253.aabb 18:18:51 fielding has joined #dntc 18:19:53 rrsagent, draft minutes 18:19:53 I have made the request to generate http://www.w3.org/2013/02/12-dntc-minutes.html fielding 18:20:33 rrsagent, make logs world-visible 18:26:11 Meeting: TPWG F2F Breakout Group C 18:27:05 rrsagent, draft minutes 18:27:05 I have made the request to generate http://www.w3.org/2013/02/12-dntc-minutes.html fielding 18:31:19 dsinger has joined #dntc 18:51:03 ionel has joined #dntc 18:55:54 Zakim has left #dntc 19:06:10 npdoty has joined #dntc 19:10:59 ionel has left #dntc 19:27:10 rrsagent, please draft minutes 19:27:10 I have made the request to generate http://www.w3.org/2013/02/12-dntc-minutes.html npdoty 19:27:19 rrsagent, make logs public 20:16:18 npdoty has joined #dntc 20:32:17 npdoty has left #dntc 21:06:25 dsinger has left #dntc