To this end of pseudonymization, we have been discussing in the Data Working Group room on Matrix about strategies to identify cohort groups of contributors, that do not single out a contributor or any individual, but still allow us to draw useful insights and learnings about the cohort groups.
One example I had is about event engagement at an event such as FOSDEM. For people who scanned a Fedora Badge at FOSDEM, were they already contributors or were they encountering Fedora for the first time? After the event, did people generally continue to contribute to the project or did they disappear and we never saw them again? I don't need any individual name or identity of a person, but knowing the general trends of the cohort would be useful and interesting for me. On Thu, Nov 13, 2025 at 12:51 PM Michael Winters via legal < [email protected]> wrote: > I should expand my request here to ask: are there any technical measures > / policies / licenses / etc which ought to be in place for Fedorans > working on these datasets? (This also brings up the question of "Who > *is* Fedora vs. who is *downstream of* Fedora?" Where do we draw the > line in an open community?) > > > I ask this because we are discussing these privacy concerns internally > and trying to find the best way forward. A few points here: > > - It's fairly straightforward to "pseudonymize" user activity, meaning, > we replace their usernames with a number (or similar). > - However, *somebody* needs to perform this work. So we need to know > under what conditions access can be granted (etc) to the original data. > > - Even with pseudonymization, it may be possible to identify individuals > by their activity. The only way to truly anonymize these datasets is to > aggregate them. > - However, we end up in the same position: *somebody* has to perform > the aggregation. And this needs to be done very carefully (ideally, > collaboratively) so that we can still extract the insights necessary to > guide our community management decisions. > > > Thanks, > > Michael Winters > -- > _______________________________________________ > legal mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue > -- *Justin* (*he/him*) || 📧 [email protected] || 🔗 jwheel.org *Upcoming Absences:* 18 Nov–2 Dec (*Bereavement*) TZ=America/Atlanta (UTC-4) 🕗 *Fedora is a registered Digital Public Good <https://app.digitalpublicgoods.net/a/12003>* While I may be sending this email outside my normal office hours, I have no expectation to receive a reply outside yours.
-- _______________________________________________ legal mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
