Re: [ietf-privacy] Is there an official working definition for Privacy Online?

David Singer <singer@apple.com> Thu, 05 May 2016 20:39 UTC

Return-Path: <singer@apple.com>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 005FB12D09D for <ietf-privacy@ietfa.amsl.com>; Thu, 5 May 2016 13:39:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.297
X-Spam-Level:
X-Spam-Status: No, score=-5.297 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.996, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uNc2XXvyx_Wy for <ietf-privacy@ietfa.amsl.com>; Thu, 5 May 2016 13:39:04 -0700 (PDT)
Received: from mail-in4.apple.com (mail-out4.apple.com [17.151.62.26]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 37B1112B01F for <ietf-privacy@ietf.org>; Thu, 5 May 2016 13:39:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=apple.com; s=mailout2048s; c=relaxed/simple; q=dns/txt; i=@apple.com; t=1462480743; x=2326394343; h=From:Sender:Reply-To:Subject:Date:Message-id:To:Cc:MIME-version:Content-type: Content-transfer-encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-reply-to:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=0vql9h/HyvJu5n/VM/aPqyRpnXJHzM8VWc0bMJAtf48=; b=lp78CWkZKhj9kKpwd7vhqi/9Ns842eHqCrU+930D5pxYXTJj2fziGDtFmwus9vcM SzwuSyLVjqz8B2jFtcZnxpt+srSXAwKjFwl87bzoBvoaiDqLKNOr3rXr1EhvtDpx WDZPAZEArglCix84ZgjuUaZFzyW5neYE+fg/Ax8WoS3iJW1ikEfL5UzS9jHodH8g WZaz3OI+S5RliJ3A4HPI4Itdt4a/19/LftdZxvKrP+tsH4CoMQC7tmaouTCus7QP Pt1NzW4wpJaA0wa50BJ4NdGVcum07y/K0i2gp/0AkTO6TZtxtLi7m1JkgbZ2WhXj jt+6N0LIwpWBcvel15ugtg==;
Received: from relay5.apple.com (relay5.apple.com [17.128.113.88]) by mail-in4.apple.com (Apple Secure Mail Relay) with SMTP id B2.E1.21445.76FAB275; Thu, 5 May 2016 13:39:03 -0700 (PDT)
X-AuditID: 11973e12-f79796d0000053c5-5d-572baf67dc49
Received: from nwk-mmpp-sz09.apple.com (nwk-mmpp-sz09.apple.com [17.128.115.80]) (using TLS with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by relay5.apple.com (Apple SCV relay) with SMTP id 88.B0.09064.76FAB275; Thu, 5 May 2016 13:39:03 -0700 (PDT)
Received: from singda.apple.com (singda.apple.com [17.212.152.248]) by nwk-mmpp-sz09.apple.com (Oracle Communications Messaging Server 7.0.5.35.0 64bit (built Mar 31 2015)) with ESMTPSA id <0O6Q00AKE1D3F980@nwk-mmpp-sz09.apple.com> for ietf-privacy@ietf.org; Thu, 05 May 2016 13:39:03 -0700 (PDT)
Sender: singer@apple.com
Content-type: text/plain; charset=windows-1252
MIME-version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: David Singer <singer@apple.com>
In-reply-to: <2DDB1AF6-563C-48F3-BF1F-A45038711703@isoc.org>
Date: Thu, 05 May 2016 13:39:02 -0700
Content-transfer-encoding: quoted-printable
Message-id: <6DFAD6C9-4EA3-4042-A054-14C82CC48DFA@apple.com>
References: <552FCC84.6040305@gmail.com> <CA+9kkMCYuEGRidB1D=SGA0qxk+SuX6+HyqToYDmqQVmpBskWrw@mail.gmail.com> <5530329E.4060608@dcrocker.net> <01F784DA-5FD5-4D1F-8613-C2E668EDA765@isoc.org> <55311CE9.9040003@dcrocker.net> <DB3PR07MB138A042321BB99DF9AB94A4BCE30@DB3PR07MB138.eurprd07.prod.outlook.com> <55313140.9040400@dcrocker.net> <015a01d0798d$509954c0$f1cbfe40$@huitema.net> <CABtrr-X6CgN3J0dA1YBED0j6K7D5Mt2NAbUwGF5E67BoFX9JUQ@mail.gmail.com> <57268D25.3070708@dcrocker.net> <029801d1a4b9$c3b57850$4b2068f0$@huitema.net> <F285E90F-4E8B-47BE-A0BF-3A24212C39D9@apple.com> <2DDB1AF6-563C-48F3-BF1F-A45038711703@isoc.org>
To: Robin Wilton <wilton@isoc.org>
X-Mailer: Apple Mail (2.3124)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrLLMWRmVeSWpSXmKPExsUi2FAYoZu+Xjvc4O4jc4vDVxvYHRg9liz5 yRTAGMVlk5Kak1mWWqRvl8CV8W/VROaCd/wVvx81MzUw3ufpYuTkkBAwkVhwciM7hC0mceHe erYuRi4OIYG9jBIvWy8zwxRd6rnCDpFYxiQxadYxFghnA5PElF8/wNqFBSQkPn6cDJTg4GAW 0JO4f1ELJMwLZE4+2sAGURIpMflXG1g5m4CqxIM5xxhBbE4BG4m1j4+xgtgsQPGek11gVzAL tDFKvF58HqyBWUBb4sm7C6wQQ20kXp65xwhxRBOrxPPth4GK2DlEBJQkTpVAHC0r8eTkIrA7 JQSWsEk071vBMoFRZBbCebOQnDcLyYYFjMyrGIVyEzNzdDPzTPQSCwpyUvWS83M3MYLCe7qd 0A7GU6usDjEKcDAq8fBmzNUKF2JNLCuuzD3EKM3BoiTO+2oBUEggPbEkNTs1tSC1KL6oNCe1 +BAjEwenVANjrKn+0UjVNymdfLx+YYlvuObVrDpqeM6+4JRaVnzhwsTHD2rrZ/M0GpUa72x7 5uYi9bIo4mvvs1lFbvzLlugY75w8xb2/TMQwq7SYWc79KSN/dIvhw7yb9nrvJqh9azVkflp3 wML0TKJlUOGMN473vkTac6+NLJ0of18sKum+u4frCWv3E0osxRmJhlrMRcWJAE+Frf5QAgAA
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrBLMWRmVeSWpSXmKPExsUi2FAcoJu+XjvcYO18LYvDVxvYHRg9liz5 yRTAGMVlk5Kak1mWWqRvl8CV8W/VROaCd/wVvx81MzUw3ufpYuTkkBAwkbjUc4UdwhaTuHBv PVsXIxeHkMAyJolJs46xQDgbmCSm/PoBViUsICHx8eNkoAQHB7OAnsT9i1ogYV4gc/LRBjaI kkiJyb/awMrZBFQlHsw5xghicwrYSKx9fIwVxGYBivec7AJbxizQxijxevF5sAZmAW2JJ+8u sEIMtZF4eeYeI8QRTawSz7cfBipi5xARUJI4VQJxtKzEk5OLWCYwCs5CuGgWkotmIRm6gJF5 FaNAUWpOYqWpXmJBQU6qXnJ+7iZGcDgWRuxg/L/M6hCjAAejEg9vxlytcCHWxLLiytxDjBIc zEoivNvXaocL8aYkVlalFuXHF5XmpBYfYkwG+mUis5Rocj4wVvJK4g1NTAxMjI3NjI3NTcxJ E1YS5930FWirQHpiSWp2ampBahHMFiYOTqkGxvNKH5ummU39ahD6peXR9ZiakJ/+3/dMmFl1 a8viZy84n6Xs6n7atHKBmcSjjKsPw6OPSz+Ja3XkPl/gu/R046ml8183zHkWu1p6UZeej2v3 Bt5/yafUNX6s2rDifbpHji3L1vedOo7vFi09f0RZ8O1X5hfF+aJv645bh3R5vpLfwLZlcdj5 L8pKLMUZiYZazEXFiQCbNvo2iwIAAA==
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-privacy/Rl743okASJAa-yr4L1pex6GRPpk>
Cc: "ietf-privacy@ietf.org" <ietf-privacy@ietf.org>, "dcrocker@bbiw.net" <dcrocker@bbiw.net>, Josh Howlett <Josh.Howlett@jisc.ac.uk>
Subject: Re: [ietf-privacy] Is there an official working definition for Privacy Online?
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 May 2016 20:39:06 -0000

> On May 5, 2016, at 1:30 , Robin Wilton <wilton@isoc.org> wrote:
> 
> The Internet Society has been using a definition of privacy for a number of years now, and I still think it's a good one. Incidentally, I think Dave has set a high bar with his request; privacy is a social construct that covers many aspects of the way people interact with each other... it's always going to be hard to reduce that to a single, precise technical definition, the way you might do for, say, "gross domestic product", or "mortgage". 
> 
> Privacy can also be a subjective thing (for instance, some people think it's important to draw their curtains in the evening - others don't). That subjectivity makes privacy a highly contextual thing, which, again, may make it hard to reduce to a single precise formula. But I digress... Here's that definition:
> 
> Privacy is about retaining the ability to disclose data consensually, and with expectations regarding the context and scope of sharing.

Hm, I think it’s good, but...So, if I appear in public, I have disclosed my presence in a particular location and time; but my expectations on people recording me with video cameras, writing down what I do for posterity and the internet, and so on, is part of the ‘expectations’?  If so, we’re back in the morass, I fear — what is ‘expected’ is at least cultural and often personal.

> 
> I wrote a blog post drawing out the implications of each part of that definition, here:
> 
> http://www.internetsociety.org/blog/2013/12/language-privacy
> 
> The result still may not be the precise technical definition Dave is looking for…

Actually, I think we need to continue to work with the vagueness; looking now for a definition is not helpful.  Looking for clarity on the concepts and aspects — “what the rules are” — I think is amenable to at least significant improvement.


David Singer
Manager, Software Standards, Apple Inc.