Re: [ietf-privacy] Is there an official working definition for Privacy Online?

David Singer <singer@apple.com> Wed, 04 May 2016 23:53 UTC

Return-Path: <singer@apple.com>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2EC1612D608 for <ietf-privacy@ietfa.amsl.com>; Wed, 4 May 2016 16:53:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.298
X-Spam-Level:
X-Spam-Status: No, score=-5.298 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, RP_MATCHES_RCVD=-0.996, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wHARtM5gf6V9 for <ietf-privacy@ietfa.amsl.com>; Wed, 4 May 2016 16:53:09 -0700 (PDT)
Received: from mail-in5.apple.com (mail-out5.apple.com [17.151.62.27]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50D0012D18C for <ietf-privacy@ietf.org>; Wed, 4 May 2016 16:53:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=apple.com; s=mailout2048s; c=relaxed/simple; q=dns/txt; i=@apple.com; t=1462405988; x=2326319588; h=From:Sender:Reply-To:Subject:Date:Message-id:To:Cc:MIME-version:Content-type: Content-transfer-encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-reply-to:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=yzMmLncSdIaDGskSlOSX9pr6T54hTEzN6Oo0Cks6XRM=; b=TU3q0COdeL0RlqeCmgV2kuY0KN41fB49GKWxop92QySDzPgHgB2lWsVyu1/dug+Y 5KcHUSQd8PoAWNZasrvWIFHbn3uLp80GOrLZ4+qQFP3k/hLuOCk9x1uRIRMRNo9+ mxkZZM7Lm748VxCyPLBV6ayz/2w7/Ivnigr/S6k/rR2BnaKmc4BxF+0x7uZzcLMs pFJ73u1KlH1bBWm+zkmPf60RMLb0jDNVANI/9iDabuM9QENTRcSUB5ifvVmGIQAj 6keKR3kahKTEmF+ZabG2JteZBEie7IcuRkmEpfKBE82jLLz6WNfqXdtDObG/uite AUEpPK+GEAjaGxjk1n8z8Q==;
Received: from relay5.apple.com (relay5.apple.com [17.128.113.88]) by mail-in5.apple.com (Apple Secure Mail Relay) with SMTP id A4.F2.03030.46B8A275; Wed, 4 May 2016 16:53:08 -0700 (PDT)
X-AuditID: 11973e13-f798e6d000000bd6-99-572a8b643815
Received: from nwk-mmpp-sz09.apple.com (nwk-mmpp-sz09.apple.com [17.128.115.80]) (using TLS with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by relay5.apple.com (Apple SCV relay) with SMTP id 5B.38.09064.46B8A275; Wed, 4 May 2016 16:53:08 -0700 (PDT)
Received: from singda.apple.com (singda.apple.com [17.212.152.248]) by nwk-mmpp-sz09.apple.com (Oracle Communications Messaging Server 7.0.5.35.0 64bit (built Mar 31 2015)) with ESMTPSA id <0O6O006LWFOKPB10@nwk-mmpp-sz09.apple.com> for ietf-privacy@ietf.org; Wed, 04 May 2016 16:53:08 -0700 (PDT)
Sender: singer@apple.com
Content-type: text/plain; charset=utf-8
MIME-version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: David Singer <singer@apple.com>
In-reply-to: <029801d1a4b9$c3b57850$4b2068f0$@huitema.net>
Date: Wed, 04 May 2016 16:53:08 -0700
Content-transfer-encoding: quoted-printable
Message-id: <F285E90F-4E8B-47BE-A0BF-3A24212C39D9@apple.com>
References: <552FCC84.6040305@gmail.com> <CA+9kkMCYuEGRidB1D=SGA0qxk+SuX6+HyqToYDmqQVmpBskWrw@mail.gmail.com> <5530329E.4060608@dcrocker.net> <01F784DA-5FD5-4D1F-8613-C2E668EDA765@isoc.org> <55311CE9.9040003@dcrocker.net> <DB3PR07MB138A042321BB99DF9AB94A4BCE30@DB3PR07MB138.eurprd07.prod.outlook.com> <55313140.9040400@dcrocker.net> <015a01d0798d$509954c0$f1cbfe40$@huitema.net> <CABtrr-X6CgN3J0dA1YBED0j6K7D5Mt2NAbUwGF5E67BoFX9JUQ@mail.gmail.com> <57268D25.3070708@dcrocker.net> <029801d1a4b9$c3b57850$4b2068f0$@huitema.net>
To: ietf-privacy@ietf.org
X-Mailer: Apple Mail (2.3124)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrDLMWRmVeSWpSXmKPExsUi2FAYoZvSrRVu0LLJ0uLw1QZ2B0aPJUt+ MgUwRnHZpKTmZJalFunbJXBlbP17jbXgnHTF9ZlTWBoYl4t1MXJwSAiYSOxZZNvFyAlkiklc uLeeDcQWEtjLKPH2nRBE3ERi34r9LF2MXEDxZUwSe+Y9ZodwNjBJbHjYxAJSJSwgIfHx42QW kKHMAuoSU6bkgoR5BfQkJh9tYIMoiZSY/KuNHcRmE1CVeDDnGCOIzSlgJTG/7TcriM0CFP+2 /TSYzSyQJLFj625GCFtb4sm7C6wQM20kvkxfzghxw1wWieYVP5lBEiICkhLNV7ezQ1wtK/Hk 5CKwqyUEFrBJ7Fj3l3kCo8gshPtmIblvFpIdCxiZVzEK5SZm5uhm5pnqJRYU5KTqJefnbmIE Bfd0O+EdjKdXWR1iFOBgVOLhfeGtGS7EmlhWXJl7iFGag0VJnNetRCtcSCA9sSQ1OzW1ILUo vqg0J7X4ECMTB6dUA+MeQf6AxDViH4p2HHWxNDq/uHD3dLfy5RcZJqZy+3xcFs+960WiSKbn u90rNp9xi58xW4ZnzhwRZsfgfxq3849ck0h7O6VUsXvVVssXwS//MEY8OCk5R7tr3osPMiJ9 +7dv3Piycta/a4u4oziYNO7PXqex2H3dKuUXd1//9dpUfyslMOnbDqNIJZbijERDLeai4kQA a8bxyU8CAAA=
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrJLMWRmVeSWpSXmKPExsUi2FAcoJvSrRVuMGeXscXhqw3sDoweS5b8 ZApgjOKySUnNySxLLdK3S+DK2Pr3GmvBOemK6zOnsDQwLhfrYuTkkBAwkdi3Yj8LhC0mceHe erYuRi4OIYFlTBJ75j1mh3A2MElseNgEViUsICHx8eNkIJuDg1lAXWLKlFyQMK+AnsTkow1s ECWREpN/tbGD2GwCqhIP5hxjBLE5Bawk5rf9ZgWxWYDi37afBrOZBZIkdmzdzQhha0s8eXeB FWKmjcSX6csZIW6YyyLRvOInM0hCREBSovnqdnaIq2UlnpxcxDKBUXAWwkmzkJw0C8nYBYzM qxgFilJzEitN9RILCnJS9ZLzczcxggOyMGIH4/9lVocYBTgYlXh4X3hrhguxJpYVV+YeYpTg YFYS4b3bqRUuxJuSWFmVWpQfX1Sak1p8iDEZ6JmJzFKiyfnAaMkriTc0MTEwMTY2MzY2NzEn TVhJnFfMDmiFQHpiSWp2ampBahHMFiYOTqkGRkX7dQccsjOevDNI99n0fNOhjMfxJSeXyodM +M+0OorB7oCsTujLac7r2pYYXVspnHlu3TYP5VIWFXf32Z8mfZQwVlxn0eafzvpCcpn/BbW9 QmV/3zNc7b7oc6MkT4XnptOP57lOCvwFsqkragNXJyh9v1PdlR5RPPOmYu7xT9/YF9/U/FQn qMRSnJFoqMVcVJwIAGmB9y+MAgAA
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-privacy/0nN7c3lpGvgRSVkwRyKIQhM10KE>
Cc: dcrocker@bbiw.net, Josh Howlett <Josh.Howlett@jisc.ac.uk>
Subject: Re: [ietf-privacy] Is there an official working definition for Privacy Online?
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 May 2016 23:53:11 -0000

I agree, at the moment ‘privacy’ is defined roughly as the things you miss when you realize you have lost it, which is not a usable definition; but I also agree, we’re in the process of learning.

One of the big realizations I had as a result of the W3C workshop was that we tend to equate privacy with a lack of knowledge i.e. if we could all be anonymous online, we’d be private, which while true, leaves a whole load of questions unanswered.

In the physical world, there are a whole bunch of aspects to privacy that we intuitively understand (though they may vary by culture); it’s not hard to imagine situations where people would respond ‘you just don’t do that!’. Much real-world privacy respects context, for example (if you meet your therapist at a party, you know it’s him and he knows it’s you and you both know there are certain subjects you won’t talk about).  There are also aspects of degree (people don’t mind being an accidental inclusion in someone else’s photo snapshots, but they do mind if they are featured or a video continues to include them).

So, just as security has sub-areas, I would argue that privacy does: anonymization, data minimization, respect for context, degree/quantity, and so on.

Finally, I have long pleaded that those concerned with privacy but technology-unaware — philosophers, legislators, et al. — give us more insight into this question (“what is online privacy”) and say less about technologies, as I am confident that if we understood the field and the principles better, engineers would work out what that meant in engineering and technology terms.

> On May 2, 2016, at 14:29 , Christian Huitema <huitema@huitema.net> wrote:
> 
> On Sunday, May 1, 2016 4:12 PM, Dave Crocker wrote:
>> 
>> If the term is to be a non-technical and vague reference, then let's stop
> using it
>> as if it were a technical term.  Philosophical, academic and social terms
> are
>> fine; the problem is when we use them as if they pertained to technical
>> specifics.
> 
> Well, we do use the term "security" liberally, don't we? It is certainly
> just as vague, but it is useful as a section header. It encourages protocol
> designers to be concerned with the broad issue of security attacks. I think
> that we have consensus that protocol designers should also be concerned with
> the broad issue of privacy attacks.
> 
>> If we intend the term to have technical utility, it's needs precise and
> useful
>> definition.
> 
> It took some time to establish categories for security attacks -- denial of
> service, information disclosure, spoofing, elevation of privilege, etc. The
> analysis of privacy attacks is not quite as advanced, but we start getting
> broad categories, such as disclosure of the exchanged data, disclosure of
> metadata, linkability of different activities, and disclosure of traffic
> patterns. As we gain more experience, I expect that these categories will
> stabilize.
> 
> -- Christian Huitema
> 
> 
> 
> 
> 
> _______________________________________________
> ietf-privacy mailing list
> ietf-privacy@ietf.org
> https://www.ietf.org/mailman/listinfo/ietf-privacy

Dave Singer

singer@mac.com

David Singer
Manager, Software Standards, Apple Inc.