Confirmed users
596
edits
MetricsDataPing: Difference between revisions
no edit summary
mNo edit summary |
No edit summary |
||
| Line 153: | Line 153: | ||
== Opt-in vs. Opt-out == | == Opt-in vs. Opt-out == | ||
=== Layman's Explanation | === Layman's Explanation === | ||
Opt-in: assumes each user is not in the data collection sample as default position, the user is requested to join via UX elements – thus the user action is to opt-in to the data collection process for some minimal period | Opt-in: assumes each user is not in the data collection sample as default position, the user is requested to join via UX elements – thus the user action is to opt-in to the data collection process for some minimal period | ||
| Line 183: | Line 183: | ||
== User identification == | == User identification == | ||
== UUID is PII == | === UUID is PII === | ||
Definition: | Definition: | ||
| Line 192: | Line 192: | ||
It is therefore regulated by European and German data protection laws and normally forbidden. | It is therefore regulated by European and German data protection laws and normally forbidden. | ||
=== Impact for user === | |||
From a user standpoint, it is irrelevant whether and how Mozilla uses the data, only that the data is sent. There can be | From a user standpoint, it is irrelevant whether and how Mozilla uses the data, only that the data is sent. There can be | ||
| Line 219: | Line 221: | ||
=== What to avoid === | === What to avoid === | ||
It should not include exact historic numbers either, because they, too, would allow to puzzle the numbers together and allow to again build a history of IP addresses for a given user. Similarly, the exact time of the previous submission would allow to piece submissions together and must not be submitted, but rather only the day (2011-02-12, not minutes or seconds). It must be impossible to match 2 submissions together, even when considering several parameters as a collection, see http://panopticlick.eff.org/ . | It should not include exact historic numbers either, because they, too, would allow to puzzle the numbers together and allow to again build a history of IP addresses for a given user. Similarly, the exact time of the previous submission would allow to piece submissions together and must not be submitted, but rather only the day (2011-02-12, not minutes or seconds). It must be impossible to match 2 submissions together, even when considering several parameters as a collection, see http://panopticlick.eff.org/ . | ||