Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

when is sharing data for some ancillary purpose consistent with privacy principles? #150

Closed
npdoty opened this issue Apr 20, 2022 · 6 comments
Closed

when is sharing data for some ancillary purpose consistent with privacy principles? #150

npdoty opened this issue Apr 20, 2022 · 6 comments
Assignees
@darobin @npdoty
Labels
agenda+ Add to the next call's agenda.

Comments

@npdoty
Copy link
Collaborator

npdoty commented Apr 20, 2022

There seem to be open questions about when it might be acceptable and consistent with a privacy threat model for the Web for some data to be shared about a user's actions that isn't directly necessary for the user's current action.

This might be to enable some generally beneficial ancillary functionality, or for harm reduction purposes (alternatives to more invasive data collection that will happen otherwise), or where it's just not feasible to minimize data in the short/medium term.

Examples could include:

  • Reporting APIs, Beacon, performance measurements, debugging/troubleshooting
  • statistics on links clicked or advertising attribution
  • User-Agent string/hints used for analytics

This discussion was prompted in part by #133 (introducing a principle on not sharing data unless necessary for overt immediate goals) and in part by text around collective privacy/governance. #121 may also be an example.
@npdoty npdoty mentioned this issue May 10, 2022
Merged
@martinthomson martinthomson mentioned this issue May 16, 2022
Closed
npdoty added a commit that referenced this issue Jun 14, 2022
@npdoty
discussion text for ancillary uses e.g. #150
bb533f7 
make principles about minimization and about asking users
citations to Data Minimization finding
listing current purposes UAs share outside of particular navigations
senses of when these might be acceptable/willing/supportive
why aggregation is useful for collective purposes, but not complete
@darobin darobin added the agenda+ Add to the next call's agenda. label Jun 27, 2022
@yoavweiss
Copy link
Collaborator

Related: w3ctag/design-principles#368

@yoavweiss
Copy link
Collaborator

I think we need to make a clear distinction between ancillary data that is not available by other means, and ancillary data that is 1:1 equivalent with other data that's available to the web site for functional purposes. The former is purely ancillary, while the latter is somewhat different.

npdoty added a commit that referenced this issue Sep 28, 2022
@npdoty
update issue link #150 to reflect ongoing iteration
34a5503
@npdoty
Copy link
Collaborator Author

npdoty commented Sep 28, 2022

Ancillary uses of data is somewhat independent of what data is accessed (that is, data itself isn't ancillary or not).

#182 is proposed for handling cases where data is otherwise available (either currently or indefinitely).

npdoty added a commit that referenced this issue Sep 28, 2022
@npdoty
Ancillary (#184)
bbe8251 
* separate ancillary use subsection, split out from #170

* add definitions and principle about cluster of telemetry and analytics

* add fingerprinting note for telemetry and for user choices about telemetry

* update issue link #150 to reflect ongoing iteration
@jyasskin jyasskin mentioned this issue Dec 16, 2022
Closed
@torgo
Copy link
Member

torgo commented Jan 11, 2023

We're closing this as we believe we addressed this in #184 and #182.

@torgo torgo closed this as completed Jan 11, 2023
@npdoty
Copy link
Collaborator Author

npdoty commented Feb 22, 2023

#216 is proposed to revise answers to this question.

@npdoty npdoty reopened this Feb 22, 2023
@torgo
Copy link
Member

torgo commented Feb 22, 2023

Agreed to close due to imminent merger of #216.

@torgo torgo closed this as completed Feb 22, 2023
jyasskin added a commit that referenced this issue Feb 23, 2023
@jyasskin
Remove an issue block referring to closed issue #150.
3ce4a2b
github-actions bot added a commit that referenced this issue Feb 23, 2023
@jyasskin @github-actions
Remove an issue block referring to closed issue #150.
bb4ba61 
SHA: 3ce4a2b
Reason: push, by jyasskin

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@darobin darobin

@npdoty npdoty

Labels
agenda+ Add to the next call's agenda.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@darobin @npdoty @torgo @yoavweiss