search

w3ctag / privacy-principles

https://w3ctag.github.io/privacy-principles/
Other
44 stars 13 forks source link

Please copy edit acting on data section #406

Closed chaals closed 4 months ago

chaals commented 4 months ago

The sentence

If a person could reasonably be identified or re-identified through the combination of data with other data, then that data is personal data.

is hard to understand, and in particular it is unclear what the final instance of "data" actually refers to.

darobin commented 4 months ago

Data data data data person data data data data data personal data. I don't see what the problem is @chaals.

Is this better: If data could be combined with another data source to reasonably identify or re-identify someone, then that data is personal data.?

chaals commented 4 months ago

The problem is identifying whether the thing described as personal data is the "data that could be combined", the "other data", both when combined, each of them individually a priori, or something else.

So no, rephrasing as

If data could be combined with another data source to reasonably identify or re-identify someone, then that data is personal data.

doesn't solve the problem.

jyasskin commented 4 months ago

I think both the data and the other data each individually wind up being personal data, since "combining" is commutative on data. +1 that the phrasing is confusing. I also think the concept itself is confusing and not fully captured by any definition I've seen, since "the moon is round" can be combined with "Person X is Jeffrey Yasskin" to identify me. Since people with much greater expertise have failed to make this clear, I think we gave up on trying to do better than them.

chaals commented 4 months ago

Hmm. So that sort of matches what I am thinking.

Data that is sufficient to identify a specific person is "Personal Data". This can be directly gathered, or created by collecting information from more than one source and merging it to provide more detail.

The problem is that people generally have no concept of consent to the merging of different data sources, and no real ability to manage the process, for example to exercise any legal rights they have, nor even to express an opinion on their wishes.

I'm not sure that really comes out in the document, although the explanations of how unrealistic it is for people to manage their privacy individually hints at it.