Re: [IAB] Proposed IETF Privacy Policy for Review
"John Levine" <johnl@taugh.com> Thu, 17 March 2016 15:04 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2501612D9DF for <ietf@ietfa.amsl.com>; Thu, 17 Mar 2016 08:04:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V7g-HDp-_7Q9 for <ietf@ietfa.amsl.com>; Thu, 17 Mar 2016 08:04:20 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9B05012DC10 for <ietf@ietf.org>; Thu, 17 Mar 2016 08:04:10 -0700 (PDT)
Received: (qmail 79864 invoked from network); 17 Mar 2016 15:04:09 -0000
Received: from unknown (64.57.183.18) by mail1.iecc.com with QMQP; 17 Mar 2016 15:04:09 -0000
Date: Thu, 17 Mar 2016 15:03:47 -0000
Message-ID: <20160317150347.29907.qmail@ary.lan>
From: John Levine <johnl@taugh.com>
To: ietf@ietf.org
Subject: Re: [IAB] Proposed IETF Privacy Policy for Review
In-Reply-To: <214DF639-87DC-46D7-9731-F51027EBA97E@nohats.ca>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/D0U6C4s6Dd6t5b-ME8AR6HD_1s0>
Cc: paul@nohats.ca
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Mar 2016 15:04:26 -0000
In article <214DF639-87DC-46D7-9731-F51027EBA97E@nohats.ca> you write: >My only issue is that it claims our websites are not for use by children under 13. They most certainly are. No, it says they are not *intended* for children under 13. Words matter, particularly in legal documents, and it's important to read them carefully enough to understand what they mean. Having written a chapter on COPPA for a legal encyclopedia, I can report that the law is actually pretty reasonable, as is the section of our proposed privacy policy. Intended means what it sounds like, there's nothing on our web sites aimed at kids, with typical examples being cartoons and games. It specifically does not mean that children are forbidden to use our sites, nor does it mean that we have to take any measures to keep children out. (For sites that really are intended for children, there's a comprehensive set of rules with compliance generally outsourced to a handful of specialist companies in the marketing and entertainment industries.) COPPA discourages collection of PII from children without their parents' consent, so insofar as we are able, we should avoid doing so. If it became apparent that a participant on an IETF list (or, hypothetically an I-D author) were under 13 it would be a good idea to suspend the child's subscription and tell her to have her parent write to the list owners, so we could explain what the IETF is, how the mailing lists work, and ask whether the parent is OK with her participation. It would also be a good idea since a 12 year old child cannot meaningfully agree to the Note Well. For more info on COPPA, Google is your pal. You're in Canada, and I have no idea whether the IETF's contacts with Canada are sufficent that PIPEDA would apply, although I would guess that our practices would be fine under PIPEDA. If anyone cares I have contacts at the OPC I could ask. R's, John
- Re: [IAB] Proposed IETF Privacy Policy for Review Eggert, Lars
- Re: Proposed IETF Privacy Policy for Review Martin Vigoureux
- Re: Proposed IETF Privacy Policy for Review JORDI PALET MARTINEZ
- Re: Proposed IETF Privacy Policy for Review Scott Bradner
- Re: Proposed IETF Privacy Policy for Review JORDI PALET MARTINEZ
- Re: Proposed IETF Privacy Policy for Review John Levine
- Re: Proposed IETF Privacy Policy for Review Scott O. Bradner
- RE: Proposed IETF Privacy Policy for Review Adrian Farrel
- Re: Proposed IETF Privacy Policy for Review Adam Roach
- Re: Proposed IETF Privacy Policy for Review Scott O. Bradner
- Re: Proposed IETF Privacy Policy for Review Scott O. Bradner
- Re: [IAOC] [IAB] Proposed IETF Privacy Policy for… Scott O. Bradner
- Re: [IAOC] [IAB] Proposed IETF Privacy Policy for… Scott O. Bradner
- Re: [IAOC] [IAB] Proposed IETF Privacy Policy for… Eggert, Lars
- Re: Proposed IETF Privacy Policy for Review Stephen Farrell
- Re: Proposed IETF Privacy Policy for Review Stephane Bortzmeyer
- Re: [IAB] Proposed IETF Privacy Policy for Review Paul Wouters
- Re: [IAB] Proposed IETF Privacy Policy for Review Scott Bradner
- Re: [IAB] Proposed IETF Privacy Policy for Review Paul Wouters
- Re: [IAOC] [IAB] Proposed IETF Privacy Policy for… Scott Bradner
- Re: [IAOC] [IAB] Proposed IETF Privacy Policy for… Scott Bradner
- Re: [IAOC] [IAB] Proposed IETF Privacy Policy for… Paul Wouters
- Proposed IETF Privacy Policy for Review IETF Administrative Director
- Re: [IAB] Proposed IETF Privacy Policy for Review John Levine
- Re: Proposed IETF Privacy Policy for Review Adam Roach
- Re: Proposed IETF Privacy Policy for Review S Moonesamy
- Re: Proposed IETF Privacy Policy for Review S Moonesamy
- Re: Proposed IETF Privacy Policy for Review Scott O. Bradner
- RE: Proposed IETF Privacy Policy for Review Adrian Farrel
- Re: Proposed IETF Privacy Policy for Review Tobias Gondrom
- Re: Proposed IETF Privacy Policy for Review Alissa Cooper
- Re: Proposed IETF Privacy Policy for Review S Moonesamy
- Re: Proposed IETF Privacy Policy for Review Scott O. Bradner
- Re: Proposed IETF Privacy Policy for Review S Moonesamy
- Re: Proposed IETF Privacy Policy for Review S Moonesamy
- Re: Proposed IETF Privacy Policy for Review Dave Crocker
- Re: [IAOC] Proposed IETF Privacy Policy for Review Scott O. Bradner
- Re: Proposed IETF Privacy Policy for Review Doug Royer