- From: Shane Wiley <wileys@yahoo-inc.com>
- Date: Wed, 15 May 2013 21:23:07 +0000
- To: "Mike O'Neill" <michael.oneill@baycloud.com>, "'John Simpson'" <john@consumerwatchdog.org>
- CC: "rob@blaeu.com" <rob@blaeu.com>, "'Tracking Protection Working Group'" <public-tracking@w3.org>
Mike, The tri-state de-identification process attempts to solve for a middle ground such that activity can be collected against a persistent identifier but that identifier is not able to connect to devices/users in the real-world so profiling/targeting to an actual data subject does not occur. There is some risk in this model so to further remove that risk a third state is defined that removes the persistence in identifiers (or removes the identifiers completely) so there is no/less risk of re-identification. - Shane -----Original Message----- From: Mike O'Neill [mailto:michael.oneill@baycloud.com] Sent: Wednesday, May 15, 2013 2:05 PM To: 'John Simpson'; Shane Wiley Cc: rob@blaeu.com; 'Tracking Protection Working Group' Subject: RE: ISSUE-198: Define new word for yellow state due to the fact that the process of de-identification spans all three states (red,yellow and green). I think these multi-coloured data types are really a red herring. The reality is that tracking, aka collecting someone's web history over time and across multiple domains, needs a unique identifier somehow stored in the UA or it uses the IP address. Currently, in the vast majority of cases, the identifier is encoded in a cookie but it could also be held in localStorage or the cache (IP addresses are usually unsuitable because they are often shared with others and change over time - when IPv6 becomes the norm they will use the anonymous form and last only a few hours) Because browsers are increasingly blocking third-party cookies, in the near future tracking identifiers will be held in localStorage or in first-party cookies which are then shared with third-parties. If this identifier has a long persistence, i.e. it lasts for months or years, then the UA can be recognised on subsequent visits over that period, i.e. the user's device/browser session is being singled-out. The data collected may be stripped of immediately identifying characteristics but it can still be used to determine a single profiling data point. If the identifier is not deleted or otherwise limited to a short duration then these data points will be chained together over time and used to profile the individual. A Do Not Track signal should be seen as an explicit indication that the individual requires this not to happen. Mike -----Original Message----- From: John Simpson [mailto:john@consumerwatchdog.org] Sent: 15 May 2013 20:51 To: Shane Wiley Cc: rob@blaeu.com; Tracking Protection Working Group Subject: Re: ISSUE-198: Define new word for yellow state due to the fact that the process of de-identification spans all three states (red,yellow and green). Shane, I'm not sure I follow how raw data equates with pseudonymous data. Could you please point me to definitions you're using so I can better understand what you mean here. Thanks, John On May 15, 2013, at 12:40 PM, Shane Wiley <wileys@yahoo-inc.com> wrote: > Rob, > > I strongly disagree and believe based on the current definitions of pseudonymous being considered in the EU context, data in the Red area can meet this definition. Similarly, yellow data meets the definition of de-identified in both the FTC and DAA contexts - whereas "Unlinked" is a bit more debatable. > > So I believe it's still appropriate to define these as: > > Stage 1: Raw/Pseudonymous > Stage 2: De-Identified > Stage 3: Unlinkable (or simply - Out of Scope) > > As these terms has highly loaded in the regulatory context there will continue to be significant sensitivity to naming conventions here. This is similarly true of the color scheme proposed due to the immediate traffic light connotations it invokes (green = good, yellow = caution, red = bad). I was okay (not happy) with using colors in this manner but don't believe it's fair to over bias the definitions of each phase based on an overly conservative read of existing definitions. > > - Shane > > -----Original Message----- > From: Rob van Eijk [mailto:rob@blaeu.com] > Sent: Wednesday, May 15, 2013 12:03 PM > To: Tracking Protection Working Group > Subject: ISSUE-198: Define new word for yellow state due to the fact > that the process of de-identification spans all three states (red,yellow and green). > > > Dear group, > > As discussed at the Face to Face and a previous thread [1], there is confusion on the word de-identified data. We discussed the three state model, that I introduced in Cambridge. The FTC text defines unlinkability in terms of de-identification, which makes the term de-identified applicable for the green state. The DAA text Due to the fact that the process of de-identification spans up to the green state when data is considered unlinkable, I would like to propose a new term for the yellow domain. > > <text proposal> > > red data: raw data, event level data > yellow data: pseudonumous data > green data: de-identified data > > </text proposal> > > > [1] > http://lists.w3.org/Archives/Public/public-tracking/2013Mar/0147.html > > Tracking Protection Working Group Issue Tracker schreef op 2013-05-15 > 20:47: >> ISSUE-198: Define new word for yellow state due to the fact that the >> process of de-identification spans all three states (red,yellow and >> green). >> >> http://www.w3.org/2011/tracking-protection/track/issues/198 >> >> Raised by: >> On product: >
Received on Wednesday, 15 May 2013 21:36:06 UTC