| 1 |
On Wed, Jun 20, 2018 at 7:12 AM Kristian Fiskerstrand <k_f@g.o> wrote: |
| 2 |
> |
| 3 |
> On 06/20/2018 12:52 PM, Rich Freeman wrote: |
| 4 |
> > On Wed, Jun 20, 2018 at 4:32 AM Michał Górny <mgorny@g.o> wrote: |
| 5 |
> >> |
| 6 |
> >> Please tell me, how many times did we have to disambiguate two |
| 7 |
> >> developers using the same name? Even if we ever have to do that, do you |
| 8 |
> >> really think we'd use one's birthday all over the place? |
| 9 |
> > |
| 10 |
> > Even if we've had two people from the same location with the same |
| 11 |
> > name, WHY would we ever have to use their date of birth to identify |
| 12 |
> > them? We already have their nicks which is what we use internally, |
| 13 |
> > and those are always unique. |
| 14 |
> |
| 15 |
> One morbid example would be someone getting a stone in the back of their |
| 16 |
> head, at which point the nick will likely not help much... But the |
| 17 |
> underlying need is likely to arise more due to other circumstances for |
| 18 |
> needing to contact, say a retired dev needs to provide evidence in a |
| 19 |
> copyright case and we need to track them down to get said statement. |
| 20 |
|
| 21 |
The "underlying need" is what I'm getting at. Do we REALLY need to |
| 22 |
track developers post-retirement? If we do, is DOB really the best |
| 23 |
way to do this? |
| 24 |
|
| 25 |
And what are we going to do when some retired developer asks us to |
| 26 |
forget about them? I don't think legally we need to go retract |
| 27 |
published info, but that DOB seems very much the sort of thing that |
| 28 |
would be risky to hold on to if somebody explicitly told us they don't |
| 29 |
want us to retain it. We'd probably need justification to do so. |
| 30 |
|
| 31 |
> > |
| 32 |
> > As far as I'm aware, under most privacy laws and policies I've seen, |
| 33 |
> > name+DOB is just as sensitive as a government ID number. If |
| 34 |
> > collecting the latter makes you recoil in horror, then you should be |
| 35 |
> > just as concerned about DOB collection. |
| 36 |
> |
| 37 |
> I'm not, but views of truestees might differ on that; we have reasons to |
| 38 |
> collect it, it is part of recruiting process known to developer, so the |
| 39 |
> legal matter wouldn't be on the collecting part but the storage part, |
| 40 |
> and here they differ quite a lot in practice (although it shouldn't as |
| 41 |
> even SSN is just a Primary Key in theory). |
| 42 |
|
| 43 |
WP has what appears to be a decent article, and it lists DOB as |
| 44 |
explictly personally-identifying: |
| 45 |
https://en.wikipedia.org/wiki/Personally_identifiable_information |
| 46 |
|
| 47 |
The US law explicitly lists DOB (cited there): |
| 48 |
Information which can be used to distinguish or trace an individual's |
| 49 |
identity, such as their name, social security number, biometric |
| 50 |
records, etc. alone, or when combined with other personal or |
| 51 |
identifying information which is linked or linkable to a specific |
| 52 |
individual, such as date and place of birth, mother’s maiden name, |
| 53 |
etc. |
| 54 |
|
| 55 |
It goes on to cite the EU: |
| 56 |
Article 2a: 'personal data' shall mean any information relating to an |
| 57 |
identified or identifiable natural person ('data subject'); an |
| 58 |
identifiable person is one who can be identified, directly or |
| 59 |
indirectly, in particular by reference to an identification number or |
| 60 |
to one or more factors specific to his physical, physiological, |
| 61 |
mental, economic, cultural or social identity; |
| 62 |
|
| 63 |
You brought up the scenario of tracking somebody down in the real |
| 64 |
world. It seems to me that if we actually collect enough info to be |
| 65 |
able to do this, then by definition we fall directly in the crosshairs |
| 66 |
of both. |
| 67 |
|
| 68 |
I'd start with the underlying issue: do we need to identify specific |
| 69 |
individuals and retain this identity? What exactly do we need |
| 70 |
(starting from zero), and what is the least amount of info we need to |
| 71 |
collect to get there? |
| 72 |
|
| 73 |
My understanding is that these are the basic principles of most modern |
| 74 |
privacy law, and if we stick to those we'll probably be fairly safe as |
| 75 |
these laws change (assuming we sufficiently protect the info we do |
| 76 |
need to collect). |
| 77 |
|
| 78 |
The principles cited in that article actually raise other thorny |
| 79 |
issues as well, such as name+location if the name is unique enough. I |
| 80 |
couldn't begin to tell you whether half of Oslo are named |
| 81 |
Fiskerstrand, or if you're the only one in the phone book. |
| 82 |
|
| 83 |
-- |
| 84 |
Rich |
Archives