Introduction: Privacy Subgroup Request for Policy/Legal Feedback

The W3C Digital Data Community Group is building a common data layer for web sites to be incorporated into browser technology. The Privacy Subgroup has formulated recommendations on how to tag the layer with metadata that would provide the site owner with actionable data to assist in the Privacy education and for Privacy technologies to apply an independent enforcement layer.

This consists of:•Categorizing Technologies Accessing the Data Layer•Fields to flag data as Private, Identifiable, or Sensitive

The Fields for flagging data within the layer are where we would appreciate your focus.

Privacy Metadata: Technology Categorization

• Users of the data layer will have the option to create custom categories, and associate technologies with those categories.

• An enforcement layer will be able to determine what technologies are authorized to access the data layer

• Users will have the option to tag individual data fields within the data layer for access by one or more categories.

e.g. Categories: » advertising (Adwords)» analytics(Google Analytics)» personalization (Baynote)» social (Facebook).

• Items in the shopping cart can be tagged for access by analytics or advertising, as appropriate.

Privacy Metadata: Flags

• Users of the data layer will be able to flag data elements to provide the information to provide additional access control. We would appreciate your organization’s legal and policy feedback on these definitions. (Questions are on following slides.)

– Private – Information that alone identifies a site visitor. (e.g. Personally Identifiable Information, or PII)

– Identifiable – Information that identifies a site visitor in some combination with other Identifiable information. Identifiable is intended to describe the superset of PII that includes non-PII information.

– Sensitive – Information that is not identifying, but could be sensitive, in that it should not be shared. (e.g. medication, condoms, firearms, etc.) This field would be an attribute added by the site owner, as the same piece of information might be sensitive in certain contexts and not others.

Our Chief Objective

To create a standard that is:– Concretely defined yet regulation-agnostic– Easy to understand, even by uneducated site owners– Actionable by site owners

Questions: Private Flag

1. Is Personally Identifiable Information (PII) a universally accepted, worldwide standard, or is it subject to regional precedent?

2. If PII is not a universal, worldwide standard, what is a definition for Private you apply to your properties in order to be covered in all jurisdictions where you do business? Please include a URL reference to any resource for that definition.

Questions: Identifiable Flag

1. Is Identifiable an actionable definition for site owners? Does the term convey urgency and purpose?

2. Does using Identifiable to describe fields within a data layer create confusion, since we would be defining a new term, rather than using a preexisting term like PII?

3. Would Identifiable according to the given definition be objective or subjective? Please refer to the data layer for examples.

InformationInformation

IdentifiableIdentifiable

PIIPII

Question: Sensitive Flag

1. Is Sensitive a separate, actionable definition for site owners? Does the term convey urgency and purpose?