[Privacy-pass] The harms of popular bits
Watson Ladd <watsonbladd@gmail.com> Wed, 20 March 2024 13:26 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: privacy-pass@ietfa.amsl.com
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ABAC4C15106A for <privacy-pass@ietfa.amsl.com>; Wed, 20 Mar 2024 06:26:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q6D4S2efdLB0 for <privacy-pass@ietfa.amsl.com>; Wed, 20 Mar 2024 06:26:51 -0700 (PDT)
Received: from mail-wm1-x32a.google.com (mail-wm1-x32a.google.com [IPv6:2a00:1450:4864:20::32a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45ACEC14F748 for <privacy-pass@ietf.org>; Wed, 20 Mar 2024 06:26:51 -0700 (PDT)
Received: by mail-wm1-x32a.google.com with SMTP id 5b1f17b1804b1-4146af3ebc8so5431985e9.2 for <privacy-pass@ietf.org>; Wed, 20 Mar 2024 06:26:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1710941209; x=1711546009; darn=ietf.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=+fUbSAYp1sHnFG4B64QA5KhQjWYMIlUEO0876F3NGfg=; b=B8A8W9qvm1uynFvI9ZZGsWTBHfUoie8asTST2ndUoQ+P2jBP7lP4vGdQNZMSUKGCZD SF/otwNIUMMHUm9MMpfncBnTL9NSI1R+vDIUavMuIzu2/E6HRNkeDjMn4DvA2Yxh+4H9 km/aarcZXwgU+hzrPo51sRhTeQ7S9cnR9aFk9Ebo1louQlrztLFQZZQSzjJ/WcP/aF0Y L8RnBwbcgo+1d/FBcRzR5Q2stEIsSaBcJazFPq0PehdCMcfiBJLZTpFWFK2imk6923Qr ztmtSrI4CEEsyYXBlOJgUEOPVk3451NtgaVObZFZJwWTzC92OAWjBNxrvAFvWEUS19gT wewQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710941209; x=1711546009; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=+fUbSAYp1sHnFG4B64QA5KhQjWYMIlUEO0876F3NGfg=; b=jLCwaZshev+us/Ow6xddlJk9Qwx5Xu8I8aSCJ1ulcEEcaRmTALXoX8JHC7MRYrmtst RxbtoHYNyzxrwB03Irj3e865uvWtrN5a/Z2iN8bvlM2kNeEgNLdNr1/VNG4WfWWVk3J5 qkuFEDXafx2bV5QeMxiC1Qlw8dqMXsYTeVwT3RdIHnfEHQ9o6PjE64Mt+5nM1jPMxBcQ Ec1UlGlFZUPORIclagHjMG9JqhPj+EctOA+yTxK05Fwjm/vivTNPXKYmPMe2miyHtzOl l2WjElNUWO8YgSyye3vkGUfCcN6v6x0id2klVc1L0nxiDTA2vQ9J6pH6KfDPcUGUk/AV eQlQ==
X-Gm-Message-State: AOJu0YxmHnKLoUE9JNqLGMjm+0LodS0VlRNuSnvpFohxP1qsFBcrcvzI GHysHeJ8n6vAkABPGJyK9PCo/656r/jtdr7XOl6gPlFaLEtH9eeUVIBa4qTI7B95sEd8fWN8KHp VC5VaxpdRsjimq9vI/6LanX38aP6sUZAq
X-Google-Smtp-Source: AGHT+IFg+Ur19q5+Ko/A8y6kcQArCe+VCU4hRcJlXJsRI+pM9GSZjQL67tJdXUwFbVVSpOHIYXRrdmFmYUMURL+j8gg=
X-Received: by 2002:adf:ec11:0:b0:33e:1a98:46e2 with SMTP id x17-20020adfec11000000b0033e1a9846e2mr12525625wrn.28.1710941208850; Wed, 20 Mar 2024 06:26:48 -0700 (PDT)
MIME-Version: 1.0
From: Watson Ladd <watsonbladd@gmail.com>
Date: Wed, 20 Mar 2024 06:26:37 -0700
Message-ID: <CACsn0ck4whpCv+nnHDVOaa-kEW4a7OMx1PgCpFpfdQb=gX0_sw@mail.gmail.com>
To: privacy-pass@ietf.org
Content-Type: multipart/alternative; boundary="000000000000fc38c50614178a8a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/Kn90pzy9NFS3cABhdrwnVI2-Hus>
Subject: [Privacy-pass] The harms of popular bits
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Pass Protocol <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2024 13:26:51 -0000
Dear privacy pass WG, I think the discussion of harms in the web context missed the issue, which I'll admit was rather subtly presented. Issuers might not be issuing tokens based on attributes like bot or not but rather characteristics such as race or religion we'd prefer not to. This even happens innocently. Using private state tokens as an example social networks and dating sites have a lot of information about user interaction and humanity as a result. But I don't think we want sites to hunt for tokens from dating sites that may be oriented to particular demographics. This can even happen unintentionally. If you have some sort of model looking at how users interact based on the bits you have and then selecting offers to show based on it this can end up discriminating even though the bit officially means human. It's just who issued it reveals more than that, even if they issue often. I hope this clarifies the remarks I made at the mic. Sincerely, Watson
- [Privacy-pass] The harms of popular bits Watson Ladd
- Re: [Privacy-pass] The harms of popular bits Tommy Pauly
- Re: [Privacy-pass] The harms of popular bits Steven Valdez
- Re: [Privacy-pass] The harms of popular bits Watson Ladd
- Re: [Privacy-pass] The harms of popular bits Tommy Pauly