On 2014-08-29, 11:59 AM, Gervase Markham wrote:
On 29/08/14 16:54, Majken Connor wrote:
Your train of thought seems dangerously similar to "if you've got nothing
to hide then you've got nothing to be worried about" which is definitely
NOT Mozilla's policy on privacy and so I think is irrelevant here.
That's not my train of thought at all. I am merely trying to get people
to climb down from the "but, but, but... the NSA! And National Security
Letters!" perch and do some realistic risk analysis.
A proper risk analysis is not very easy here because of the number of
the unknown factors (what information the local government(s) might be
interested in, how they are going to tie the data obtained from us to
other data available through other means, and how much you trust the
specific government to not abuse the data obtained through a subpoena or
similar methods.) Dismissing the entire question based on the fact that
you don't find anyone interested in that you've "seen an tile for the
New York Times 133 times" is not very helpful. But please read on...
From other posts in this thread, it seems to me that we need a bit more
detail about how the tiles reporting service operates and what data it
retains before we can do such analysis. For example, it only just came
out that we aren't storing individual IP-linked records long-term. That
makes a big difference, because it means that it's not going to be
possible for someone to send us a subpoena which says "Tell us every
tile users from IP 12.34.56.78 clicked on in the past 6 months".
Yes, that alleviates most of my concerns (thanks to Bryan for noting
it). Basically I think this means that we cannot be requested for any
personally identifiable information through tiles.
Cheers,
Ehsan
_______________________________________________
governance mailing list
[email protected]
https://lists.mozilla.org/listinfo/governance
