Open jyasskin opened 4 years ago
npdoty
commented
4 years ago I'm not clear on what the particular threat is here with profile building. Is this about information collection that isn't in the separate sensitive information category? Or about noting the cumulative (or "mosaic") privacy threat of collection and correlation -- where a single piece of data might not appear to have effect when collected, but when combined it could have more consequential impacts?
jyasskin
commented
4 years ago I like your description of it as the cumulative privacy threat of collection and correlation.
The cross-site part of this came from a discussion about the differences between https://github.com/csharrison/conversion-measurement-api and https://github.com/WICG/ad-click-attribution, where the first allows the publisher to learn something about a particular user's behavior on another site, but the privacy impact of that learning doesn't clearly fall under any of the other high-level threats.
Preview | Diff