Re: [ietf-privacy] Is there an official working definition for Privacy Online?

Pranesh Prakash <pranesh@cis-india.org> Tue, 10 May 2016 06:24 UTC

Return-Path: <pranesh@cis-india.org>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A02012D096 for <ietf-privacy@ietfa.amsl.com>; Mon, 9 May 2016 23:24:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.922
X-Spam-Level:
X-Spam-Status: No, score=-1.922 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J7wdKFsFy-iZ for <ietf-privacy@ietfa.amsl.com>; Mon, 9 May 2016 23:24:18 -0700 (PDT)
Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.81]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D8DC12D094 for <ietf-privacy@ietf.org>; Mon, 9 May 2016 23:24:17 -0700 (PDT)
Received: from smtp.greenhost.nl ([213.108.104.138]) by smarthost1.greenhost.nl with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from <pranesh@cis-india.org>) id 1b015X-0006bk-Hl; Tue, 10 May 2016 08:24:12 +0200
To: Nick Doty <npdoty@ischool.berkeley.edu>, Alissa Cooper <alissa@cooperw.in>
References: <552FCC84.6040305@gmail.com> <CA+9kkMCYuEGRidB1D=SGA0qxk+SuX6+HyqToYDmqQVmpBskWrw@mail.gmail.com> <5530329E.4060608@dcrocker.net> <01F784DA-5FD5-4D1F-8613-C2E668EDA765@isoc.org> <55311CE9.9040003@dcrocker.net> <DB3PR07MB138A042321BB99DF9AB94A4BCE30@DB3PR07MB138.eurprd07.prod.outlook.com> <55313140.9040400@dcrocker.net> <015a01d0798d$509954c0$f1cbfe40$@huitema.net> <CABtrr-X6CgN3J0dA1YBED0j6K7D5Mt2NAbUwGF5E67BoFX9JUQ@mail.gmail.com> <57268D25.3070708@dcrocker.net> <029801d1a4b9$c3b57850$4b2068f0$@huitema.net> <4826F2DD-7A3C-46ED-AB68-A1B1B1E5F30B@cooperw.in> <9E07A93C-E248-4630-8B01-E33667A0738A@ischool.berkeley.edu>
From: Pranesh Prakash <pranesh@cis-india.org>
Organization: Centre for Internet and Society
Message-ID: <57317E87.8080509@cis-india.org>
Date: Tue, 10 May 2016 11:54:07 +0530
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2
MIME-Version: 1.0
In-Reply-To: <9E07A93C-E248-4630-8B01-E33667A0738A@ischool.berkeley.edu>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="d4eWIPMLsUCL3o0IQubJJV9vSCNtnWh3V"
X-Virus-Scanned: by clamav at smarthost1.samage.net
X-Scan-Signature: aadb025e1561638fa3cfee7b14734d3b
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-privacy/YB-v8IINviL-K3wO6XoRoGdvCuk>
Cc: "ietf-privacy@ietf.org" <ietf-privacy@ietf.org>, dcrocker@bbiw.net, Josh Howlett <Josh.Howlett@jisc.ac.uk>
Subject: Re: [ietf-privacy] Is there an official working definition for Privacy Online?
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 May 2016 06:24:21 -0000

Nick Doty <npdoty@ischool.berkeley.edu> [2016-05-05 18:10:05 -0700]:
> I do tend to agree with the conclusion that as a result we shouldn't be using "privacy" as a technical term on its own. Sentences in specs of the form "Feature X undermines privacy" or "Feature Y provides privacy to the end user" are either inappropriate, or more likely, incomplete. Instead: "Feature Y supports privacy by providing unlinkability of traffic between requests".

+1

I feel thinking in terms of characteristics of privacy, rather than 
"privacy" is useful, since it helps us move beyond the idea that privacy 
is an unqualified good, to viewing it as a set of characteristics that 
should be considered with seriousness during protocol design.

For instance: Anonymous communication mechanisms (a privacy 
characteristic) allow people to avoid detection while publishing 
confidential third-party communications (another privacy 
characteristic).  That violation of privacy is not something that can be 
tackled at a protocol level.  However, that to me demonstrates that 
there may potentially be inherent trade-offs and conflicts, even within 
various privacy characteristics.  Hence, viewing "privacy" as a singular 
idea makes no sense to me.

> It might still be useful to refine a short definition that can be cited to speed up conversations on privacy at IETF or help in scoping work; NIST, for example, has been trying to come up with privacy engineering objectives analogous to the C-I-A triad for security.

Given the above, I don't see why a short definition is required or how 
it would be helpful.  Perhaps my problem is with the word "definition", 
while, on the other hand, listing a set of "characteristics" or 
"categories" is what would be useful (and perhaps that is what was meant).

~ Pranesh

-- 
Pranesh Prakash
Policy Director, Centre for Internet and Society
http://cis-india.org | tel:+91 80 40926283
sip:pranesh@ostel.co | xmpp:pranesh@cis-india.org
https://twitter.com/pranesh