Re: [ietf-privacy] Is there an official working definition for Privacy Online?
Pranesh Prakash <pranesh@cis-india.org> Tue, 10 May 2016 06:24 UTC
Return-Path: <pranesh@cis-india.org>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A02012D096 for <ietf-privacy@ietfa.amsl.com>; Mon, 9 May 2016 23:24:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.922
X-Spam-Level:
X-Spam-Status: No, score=-1.922 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J7wdKFsFy-iZ for <ietf-privacy@ietfa.amsl.com>; Mon, 9 May 2016 23:24:18 -0700 (PDT)
Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.81]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D8DC12D094 for <ietf-privacy@ietf.org>; Mon, 9 May 2016 23:24:17 -0700 (PDT)
Received: from smtp.greenhost.nl ([213.108.104.138]) by smarthost1.greenhost.nl with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from <pranesh@cis-india.org>) id 1b015X-0006bk-Hl; Tue, 10 May 2016 08:24:12 +0200
To: Nick Doty <npdoty@ischool.berkeley.edu>, Alissa Cooper <alissa@cooperw.in>
References: <552FCC84.6040305@gmail.com> <CA+9kkMCYuEGRidB1D=SGA0qxk+SuX6+HyqToYDmqQVmpBskWrw@mail.gmail.com> <5530329E.4060608@dcrocker.net> <01F784DA-5FD5-4D1F-8613-C2E668EDA765@isoc.org> <55311CE9.9040003@dcrocker.net> <DB3PR07MB138A042321BB99DF9AB94A4BCE30@DB3PR07MB138.eurprd07.prod.outlook.com> <55313140.9040400@dcrocker.net> <015a01d0798d$509954c0$f1cbfe40$@huitema.net> <CABtrr-X6CgN3J0dA1YBED0j6K7D5Mt2NAbUwGF5E67BoFX9JUQ@mail.gmail.com> <57268D25.3070708@dcrocker.net> <029801d1a4b9$c3b57850$4b2068f0$@huitema.net> <4826F2DD-7A3C-46ED-AB68-A1B1B1E5F30B@cooperw.in> <9E07A93C-E248-4630-8B01-E33667A0738A@ischool.berkeley.edu>
From: Pranesh Prakash <pranesh@cis-india.org>
Organization: Centre for Internet and Society
Message-ID: <57317E87.8080509@cis-india.org>
Date: Tue, 10 May 2016 11:54:07 +0530
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2
MIME-Version: 1.0
In-Reply-To: <9E07A93C-E248-4630-8B01-E33667A0738A@ischool.berkeley.edu>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="d4eWIPMLsUCL3o0IQubJJV9vSCNtnWh3V"
X-Virus-Scanned: by clamav at smarthost1.samage.net
X-Scan-Signature: aadb025e1561638fa3cfee7b14734d3b
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-privacy/YB-v8IINviL-K3wO6XoRoGdvCuk>
Cc: "ietf-privacy@ietf.org" <ietf-privacy@ietf.org>, dcrocker@bbiw.net, Josh Howlett <Josh.Howlett@jisc.ac.uk>
Subject: Re: [ietf-privacy] Is there an official working definition for Privacy Online?
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 May 2016 06:24:21 -0000
Nick Doty <npdoty@ischool.berkeley.edu> [2016-05-05 18:10:05 -0700]: > I do tend to agree with the conclusion that as a result we shouldn't be using "privacy" as a technical term on its own. Sentences in specs of the form "Feature X undermines privacy" or "Feature Y provides privacy to the end user" are either inappropriate, or more likely, incomplete. Instead: "Feature Y supports privacy by providing unlinkability of traffic between requests". +1 I feel thinking in terms of characteristics of privacy, rather than "privacy" is useful, since it helps us move beyond the idea that privacy is an unqualified good, to viewing it as a set of characteristics that should be considered with seriousness during protocol design. For instance: Anonymous communication mechanisms (a privacy characteristic) allow people to avoid detection while publishing confidential third-party communications (another privacy characteristic). That violation of privacy is not something that can be tackled at a protocol level. However, that to me demonstrates that there may potentially be inherent trade-offs and conflicts, even within various privacy characteristics. Hence, viewing "privacy" as a singular idea makes no sense to me. > It might still be useful to refine a short definition that can be cited to speed up conversations on privacy at IETF or help in scoping work; NIST, for example, has been trying to come up with privacy engineering objectives analogous to the C-I-A triad for security. Given the above, I don't see why a short definition is required or how it would be helpful. Perhaps my problem is with the word "definition", while, on the other hand, listing a set of "characteristics" or "categories" is what would be useful (and perhaps that is what was meant). ~ Pranesh -- Pranesh Prakash Policy Director, Centre for Internet and Society http://cis-india.org | tel:+91 80 40926283 sip:pranesh@ostel.co | xmpp:pranesh@cis-india.org https://twitter.com/pranesh
- [ietf-privacy] Is there an official working defin… Fred Yeboah
- Re: [ietf-privacy] Is there an official working d… Ted Hardie
- Re: [ietf-privacy] Is there an official working d… Daniel Kahn Gillmor
- Re: [ietf-privacy] Is there an official working d… Dave Crocker
- Re: [ietf-privacy] Is there an official working d… Robin Wilton
- Re: [ietf-privacy] Is there an official working d… Rob van Eijk
- Re: [ietf-privacy] Is there an official working d… Fred Yeboah
- Re: [ietf-privacy] Is there an official working d… Dave Crocker
- Re: [ietf-privacy] Is there an official working d… Josh Howlett
- Re: [ietf-privacy] Is there an official working d… Daniel Kahn Gillmor
- Re: [ietf-privacy] Is there an official working d… Dave Crocker
- Re: [ietf-privacy] Is there an official working d… Christian Huitema
- Re: [ietf-privacy] Is there an official working d… taxakis
- Re: [ietf-privacy] Is there an official working d… Fred Yeboah
- Re: [ietf-privacy] Is there an official working d… Joseph Lorenzo Hall
- Re: [ietf-privacy] Is there an official working d… Dave Crocker
- Re: [ietf-privacy] Is there an official working d… Christian Huitema
- Re: [ietf-privacy] Is there an official working d… David Singer
- Re: [ietf-privacy] Is there an official working d… Robin Wilton
- Re: [ietf-privacy] Is there an official working d… Dave Crocker
- Re: [ietf-privacy] Is there an official working d… Stephen Farrell
- Re: [ietf-privacy] Is there an official working d… Robin Wilton
- Re: [ietf-privacy] Is there an official working d… Alissa Cooper
- Re: [ietf-privacy] Is there an official working d… Stephen Farrell
- Re: [ietf-privacy] Is there an official working d… Robin Wilton
- Re: [ietf-privacy] Is there an official working d… David Singer
- Re: [ietf-privacy] Is there an official working d… Dave Crocker
- Re: [ietf-privacy] Is there an official working d… Nick Doty
- Re: [ietf-privacy] Is there an official working d… Peter Schoo
- Re: [ietf-privacy] Is there an official working d… Robin Wilton
- Re: [ietf-privacy] Is there an official working d… Pranesh Prakash
- Re: [ietf-privacy] Is there an official working d… S Moonesamy