Copy-edit the Common Concepts section, except for the Recognition sub-section. #369
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2092,63 +2092,50 @@ | |
| [=people=] to refer to human beings, as a reminder of their humanity. When we use the term [=user=], | ||
| it is to talk about the specific [=person=] who happens to be using a given system at that time. | ||
|
|
||
| A <dfn data-lt="vulnerable">vulnerable person</dfn> in a particular [=context=] | ||
| is a [=person=] whose ability to make their own choices can be taken away more | ||
| easily than usual. Among other things, they should | ||
| be treated with greater default privacy protections and may be considered unable to | ||
| [=consent=] to various interactions with a system. | ||
| People can be vulnerable for different reasons, for example because they are children, | ||
| are employees with respect to their employers, are facing a steep asymmetry of power, | ||
| are people in some situations of intellectual or psychological impairment, are | ||
| refugees, etc. See [[[#vulnerability]]]. | ||
|
|
||
| ## Contexts {#context} | ||
|
|
||
| A <dfn>context</dfn> is a physical or digital environment in which [=people=] interact with other | ||
| [=actors=], and which the [=people=] understand as distinct from other [=contexts=]. | ||
|
|
||
| A [=context=] is not defined in terms of who owns or controls it. Sharing | ||
| [=data=] between different [=contexts=] of a single company can be | ||
| a [=privacy violation=], just as if the same data were shared between unrelated [=actors=]. | ||
|
|
||
| ## Server-Side Actors {#parties} | ||
|
|
||
| An <dfn>actor</dfn> is an entity that a [=person=] can reasonably understand as a single "thing" | ||
| they're interacting with. [=Actors=] can be [=people=] or collective entities like companies, | ||
| associations, or governmental bodies. | ||
|
|
||
| [=User agents=] tend to explain to [=people=] which [=origin=] or [=site=] provided the | ||
| web page they're looking at. The [=actor=] that makes or delegates decisions | ||
| about the content and [=data processing=] on this [=origin=] or [=site=] is | ||
| known as the web page's <dfn data-dfn-for="page">first party</dfn>. When a [=person=] | ||
| interacts with a part of a web page, the <dfn>first party</dfn> of that interaction | ||
| is usually the web page's [=page/first party=]. | ||
| However, if a different [=actor=] makes the decisions about how that part of the | ||
| page works, and a reasonable person with a realistic amount of time and energy would realize | ||
| that this other [=actor=] has this control, this other | ||
| [=actor=] is the [=first party=] for the interaction instead. | ||
|
|
||
| If someone captures data about an interaction with a web page, | ||
| the [=first party=] of that interaction is accountable for the way that data is [=processed=], | ||
| even if another [=actor=] does the processing. | ||
|
|
||
| A <dfn data-lt="third parties">third party</dfn> is any [=actor=] other than the | ||
| [=person=] visiting the website or the [=first parties=] they expect to be interacting | ||
| with. | ||
|
|
||
|
Comment on lines
-2144
to
-2151
There was a problem hiding this comment. Can we not revisit decisions we've discussed and made? See: There was a problem hiding this comment. We re-discussed this today and decided to keep the Vegas Rule out. |
||
| ## Acting on Data {#acting-on-data} | ||
|
|
||
| We define <dfn data-lt="data">personal data</dfn> as any information that is directly or | ||
|
|
@@ -2159,6 +2146,8 @@ | |
| [=identity=] as seen by a website, which makes it easier for an automated | ||
| system to store data about that [=person=]. | ||
|
|
||
| <aside class="example" id="example-identifiers" title="Identifiers"> | ||
|
|
||
| Examples of [=identifiers=] for a [=person=] can be: | ||
|
|
||
| * their name, | ||
|
|
@@ -2168,21 +2157,23 @@ | |
| * their location data, | ||
| * an online identifier such as email or IP addresses, | ||
| * browser fingerprints (based on a combination of | ||
| configuration characteristics), or | ||
| * factors specific to their physical, physiological, genetic, mental, economic, | ||
| cultural, social, or behavioral [=identity=], | ||
|
Comment on lines
2157
to
+2162
There was a problem hiding this comment. I'm not sure these are all actually identifiers. They're ways to identify people, but we've defined an identifier as a thing that got assigned to a person. There was a problem hiding this comment. As discussed today maybe these are characteristics rather than unique identifiers... There was a problem hiding this comment. Punting further discussion to #374. |
||
| * strings derived from other [=identifiers=], for instance through hashing. | ||
|
|
||
| </aside> | ||
|
|
||
| If a [=person=] could reasonably be identified or re-identified through the combination of [=data=] with other | ||
| [=data=], then that [=data=] is [=personal data=]. | ||
|
|
||
| [=People=] have <dfn>privacy</dfn> in a given [=context=] when [=actors=] in | ||
| that [=context=] follow that [=context=]'s principles when presenting | ||
| information and using [=personal data=]. | ||
| When the principles for that [=context=] are not followed, there is a | ||
| <dfn>privacy violation</dfn>. We say that a particular interaction is | ||
| <dfn data-lt="appropriately">appropriate</dfn> when the principles are followed | ||
| or <dfn data-lt="inappropriately">inappropriate</dfn> otherwise. | ||
|
|
||
| An [=actor=] <dfn data-lt="process|processing|processed|data processing">processes</dfn> data if it | ||
| carries out operations on [=personal data=], whether or not by automated means, such as | ||
|
|
@@ -2192,35 +2183,33 @@ | |
| destruction. | ||
|
There was a problem hiding this comment. Yikes! What parts of this do we actually need to list, and what parts could we simplify? There was a problem hiding this comment. We looked at this today and agreed we need to re-write. There was a problem hiding this comment. Left for discussion in #375. |
||
|
|
||
| An [=actor=] <dfn data-lt="share|sharing">shares</dfn> data if it provides it to any other | ||
| [=data controller=]. Note that, under this definition, an [=actor=] that provides data to its own | ||
| [=service providers=] is not [=sharing=] it. | ||
|
|
||
| An [=actor=] <dfn data-lt="sell|selling">sells</dfn> data when it [=shares=] the data in exchange | ||
| for something of value, even if that value isn't monetary. | ||
|
|
||
| The <dfn>purpose</dfn> of a given [=processing=] of data is an anticipated, intended, or | ||
| planned outcome of this [=processing=] which is achieved or aimed for within a given | ||
| [=context=]. A [=purpose=], when described, should be specific enough that | ||
| someone familiar with the relevant [=context=] could pick some | ||
| [=means=] that would achieve the [=purpose=]. | ||
|
|
||
| The <dfn>means</dfn> is the general way that data is [=processed=] to achieve a particular | ||
| [=purpose=], in a given [=context=]. [=Means=] are relatively abstract | ||
| and don't specify all the way down to implementation details. For example, for | ||
| the [=purpose=] of restoring a person's preferences, the [=means=] could be to | ||
| look up their identifier in a preferences store. | ||
|
|
||
| A <dfn>data controller</dfn> is an [=actor=] that determines the [=means=] and [=purposes=] | ||
| of data processing. Any [=actor=] that is not a [=service provider=] is a [=data controller=]. | ||
|
|
||
| A <dfn data-lt="data processor">service provider</dfn> or [=data processor=]: | ||
|
|
||
| * [=processes=] data on behalf of another [=actor=]; | ||
| * ensures that the data is only retained, accessed, and used as directed by that | ||
| [=actor=] and solely for the list of explicitly-specified [=purposes=] | ||
| detailed by the directing [=actor=]; | ||
| * may determine implementation details of the data processing in question but | ||
| does not determine the [=purpose=] for which the data is being [=processed=] | ||
| nor the overarching [=means=] through which the [=purpose=] is carried out; | ||
|
|
@@ -2270,7 +2259,7 @@ | |
| <dfn>Cross-site recognition</dfn> is [=recognition=] when the identities | ||
| are observed on different [=sites=]. In the usual case that the sites are | ||
| different [=contexts=], | ||
| [=cross-site recognition=] is [=inappropriate=] in the same cases as [=cross-context recognition=]. | ||
|
|
||
| <dfn>Same-site recognition</dfn> is when a single [=site=] [=recognizes=] a | ||
| [=person=] across two or more visits. | ||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Filed #373 to keep thinking about whether we need this at all.