On Oct 16, 2013 11:23 PM, "Steven Walling" swalling@wikimedia.org wrote:
On Wed, Oct 16, 2013 at 1:59 PM, Jaime Anstee janstee@wikimedia.org
wrote:
It was actually legal that identified it as a problem, but I think that
is being handled by good faith in people not releasing/pubishing cohort membership of any individual level data with identifiers. Many program leaders will be able to match different data points by user name also whereas most do not know what to do with the IDs (which made the IDs a bit more private) - Jaime.
If any person has access to user ids you should assume they also have
access to usernames. Both are public information. Assuming numeric ids are more private is security through obscurity.
I agree. And in this case the obscurity is really weak, we even provide the lookup tool.
/Jan
-- Steven Walling, Product Manager https://wikimediafoundation.org/
Analytics mailing list Analytics@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/analytics