From 48cab06d9d8e352e6674306e013babac7154aa50 Mon Sep 17 00:00:00 2001 From: Mykola Siusko <116563801+Msiusko@users.noreply.github.com> Date: Thu, 19 Oct 2023 14:59:12 +0200 Subject: [PATCH] Update w3p-03.md --- w3p-03.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/w3p-03.md b/w3p-03.md index 76cb5af..10ea9f4 100644 --- a/w3p-03.md +++ b/w3p-03.md @@ -9,6 +9,7 @@ - [Context](#Context) - [Privacy features to audit](#Privacy-features) - [Additional](#Additional) +- [Comments](#Comments) # Context @@ -26,7 +27,7 @@ This will significantly protect the general public from compromised services wit | Default privacy | enabled, not | | Privacy policies (data collection policies) | what data is collected & why; marking non-essential data collection practices | | Non-consent data collection practices | IP, wallet, balance etc | -| Anonymous set | data "profile" service reveal about you | +| Anonymity set | data "profile" service reveal about you | | Third-party privacy tech maturity | If service is a part of ecosystem - security audit company comments on core tech privacy (Ethereum, Waku) | | Traceability | How traceable are transactions | @@ -35,3 +36,7 @@ This will significantly protect the general public from compromised services wit | Feature | Observation | | ------------- | ------------- | Privacy risk | low, medium, high | + +# Comments +- there's a thin line between privacy & security, so we approach it like this: if privacy is compromised -> it becomes a security issue (threat) +- some privacy observations are ethical (like "compliance"), so tech companies couldn't say it's "good" or "bad" -> we will just highlight them on our public platform (like KYC, team reputation etc)