Difference between revisions of "Privacy"
m (→See Also) |
m (→See Also) |
||
Line 35: | Line 35: | ||
* [[Personal Data]] | * [[Personal Data]] | ||
* [[Non-personal Data]] | * [[Non-personal Data]] | ||
− | * [[ | + | * [[Online Harms]] |
== References == | == References == |
Latest revision as of 16:19, 24 June 2021
Privacy is a concept comprised of three components:
- Identifier directly or indirectly associated with a person and/or their internet-connected device
- Personal Data linked to this identifier (e.g., demographics, interests, geography)
- Use of the identifier and linked data to cause harm
Privacy Risks
Privacy risks can be reduced by appropriate measures addressing each of these components.
In relation to identifiers, privacy regulations recognize pseudonymization and de-identification of an identifier as reducing privacy risks to people.
In relation to information linked to the identifiers, privacy regulations recognize that sensitive information increases privacy risks. To ensure people understand such increased risk, privacy regulations often require enhanced notice and choice when processing directly-identifiable information or sensitive information.
In relation to the use of data, risks can be mitigated by consumer protection and data protection.
Gatekeeper's Privacy Definition
Some operating system and browser vendors define privacy quite differently from privacy regulations.
According to their definition, "privacy" is defined by preventing any personal information collected from a single origin from being shared beyond that origin, subject to three exemptions:
- the receiving origin is owned by the sending origin (e.g.,news.yahoo.com and sports.yahoo.com, or google.com and youbtube.com).[1]
- the organization collecting an individual's personal information from the origin is consumer software, which can transfer this personal data in modified form to other origins and organizations in support of a commercial reason not directly related to the reason people use this software. For example:
- A user agent (e.g., browser) that either minimizes or aggregates the individual’s personal information before sharing with other origins or organizations (e.g., FLoC).
- An operating system (e.g., app store) and either minimizes or aggregates the individual’s personal information before sharing it with other origins or organizations (e.g., Conversion Measurement API).
- the organization collecting an individual's personal information from the origin is involved operates a internet routing or caching service, which can transfer this personal data in modified form to other origins and organizations in support of a commercial reason not directly related to the reason organizations rely on this service. For example:
- A content delivery network (e.g., AMP) or proxy service (e.g., Gnatcatcher) and either minimizes or aggregates the individual’s personal information before sharing it with other origins or organizations.
Note this definition emphasizes corporate ownership, whether or not known by the individual whose data is collected. Under this definition, given Duracell and Geico are owned by the same organization they would be allowed to share data, while Energizer and Allstate would not.
This definition of privacy also emphasizes a technical aspect ("origin") rather than concepts that are more easily understood by the general public. More importantly the focus on origin, rather than what type of information is linked to what type of identifier, or how the data is being used, does not actually protect people from harm these vendors can cause.