-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
when is sharing data for some ancillary purpose consistent with privacy principles? #150
Comments
make principles about minimization and about asking users citations to Data Minimization finding listing current purposes UAs share outside of particular navigations senses of when these might be acceptable/willing/supportive why aggregation is useful for collective purposes, but not complete
Related: w3ctag/design-principles#368 |
I think we need to make a clear distinction between ancillary data that is not available by other means, and ancillary data that is 1:1 equivalent with other data that's available to the web site for functional purposes. The former is purely ancillary, while the latter is somewhat different. |
Ancillary uses of data is somewhat independent of what data is accessed (that is, data itself isn't ancillary or not). #182 is proposed for handling cases where data is otherwise available (either currently or indefinitely). |
#216 is proposed to revise answers to this question. |
Agreed to close due to imminent merger of #216. |
SHA: 3ce4a2b Reason: push, by jyasskin Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
There seem to be open questions about when it might be acceptable and consistent with a privacy threat model for the Web for some data to be shared about a user's actions that isn't directly necessary for the user's current action.
This might be to enable some generally beneficial ancillary functionality, or for harm reduction purposes (alternatives to more invasive data collection that will happen otherwise), or where it's just not feasible to minimize data in the short/medium term.
Examples could include:
User-Agent
string/hints used for analyticsThis discussion was prompted in part by #133 (introducing a principle on not sharing data unless necessary for overt immediate goals) and in part by text around collective privacy/governance. #121 may also be an example.
The text was updated successfully, but these errors were encountered: