Full Disclosure

[Peter Fairbrother]

Nicholas Bohm wrote:

> 
> ``Is the Phorm UUID personally identifiable data?''
> 
> I think it depends who is in possession of it.  When in the possession 
> of someone who can link it to what is undoubtedly personally 
> identifiable, then so is the UUID.

But does whether a piece of data is personally identifying depend on who 
has possession of it, and what other databases they have access to?

I don't see how it can - the first may be known, but the second can't be 
- or is there a law which says if you have x piece of information, you 
can't then get y piece of information, because y would make x personally 
identifiable?

I guess that you'd have to define three types of data, one completely 
non-identifying, one non-identifying without some other data, and one 
which makes the second type identifying.


My brain hurts

-- Peter