Privacy/TPWG/Change Proposal Audience Measurement/Open Questions

From W3C Wiki

Questions from Ed Felten:

Re: "Must be pseudonymized before statistical analysis begins, such that unique key-coded data are used to distinguish one individual from another without identifying them". Questions about this:

  1. What does "identifying" mean in this text? (One might read "without identifying" as requiring that data be "de-identified" according to the definition that appears elsewhere in the spec. But if the data qualifies as de-identified then no permitted use is required here because the general safe harbor for de-identified data already applies. Alternatively, if "identifying" means something different here, then that should be spelled out.)
  2. What does "unique key-coded data" mean? Is the text about "unique key-coded data ..." meant to serve as a definition of "pseudonymized"? If so, it seems overly prescriptive, requiring one particular method that (purportedly) qualifies as pseudonymized. Alternatively, this text might be read as requiring a particular (purported) pseudonymization method. If so, why require this particular method?
  3. Why allow pseudonymization to be delayed until "statistical analysis begins"? Why not require pseudonymization to be done promptly when data is initially collected?

Re: the "independent certification process under the oversight of a generally-accepted market research industry organization that maintains a web platform providing user information about audience measurement research. This web platform lists the parties eligible to collect information under DNT standards and the audience measurement research permitted use ..."

  1. The authors appear to have a specific organization in mind. Which organization is that, and who runs it?
  2. What is the rationale for giving a particular organization control over the the certification process and the ability to declare who is eligible to exercise this permitted use?