Re: Proposed IETF Privacy Policy for Review

Scott Bradner <sob@sobco.com> Wed, 16 March 2016 17:25 UTC

Return-Path: <sob@sobco.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0555C12DA10 for <ietf@ietfa.amsl.com>; Wed, 16 Mar 2016 10:25:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.109
X-Spam-Level:
X-Spam-Status: No, score=-1.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RDNS_NONE=0.793, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SkuRhpKqxzIF for <ietf@ietfa.amsl.com>; Wed, 16 Mar 2016 10:25:42 -0700 (PDT)
Received: from sobco.sobco.com (unknown [136.248.127.164]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6AB9312DA70 for <ietf@ietf.org>; Wed, 16 Mar 2016 10:24:55 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by sobco.sobco.com (Postfix) with ESMTP id 5EB8718DB671; Wed, 16 Mar 2016 13:24:54 -0400 (EDT)
X-Virus-Scanned: amavisd-new at sobco.com
Received: from sobco.sobco.com ([127.0.0.1]) by localhost (sobco.sobco.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wX-3EAXftL9M; Wed, 16 Mar 2016 13:24:52 -0400 (EDT)
Received: from dhcp3.sobco.com (vpn2.sobco.com [136.248.127.173]) by sobco.sobco.com (Postfix) with ESMTPSA id 475B418DB663; Wed, 16 Mar 2016 13:24:52 -0400 (EDT)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
Subject: Re: Proposed IETF Privacy Policy for Review
From: Scott Bradner <sob@sobco.com>
In-Reply-To: <91DA3B2D-94A0-41CD-87D1-6D5931E59175@consulintel.es>
Date: Wed, 16 Mar 2016 13:24:51 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <17115C4E-37ED-456E-8CFA-17D12F5628EE@sobco.com>
References: <20160316170239.30920.41218.idtracker@ietfa.amsl.com> <91DA3B2D-94A0-41CD-87D1-6D5931E59175@consulintel.es>
To: jordi.palet@consulintel.es
X-Mailer: Apple Mail (2.3112)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/dEPPGxAgBTfrsD-pwf6BihH0-MI>
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2016 17:25:44 -0000

the IETF does not provide non-public information to anyone outside of the IETF/ISOC for any marketing
(or other) purpose (but ISOC may contact some people to see if they would be interested in hosting or being
a sponsor of a future meeting) 

but, even if we clearly say “we never do that” we still need to have the section since 
California law says that we need to have such an ability for people to ask  (its also the kind of thing that the EU
wants to see)



Scott

> On Mar 16, 2016, at 1:15 PM, JORDI PALET MARTINEZ <jordi.palet@consulintel.es> wrote:
> 
> I’m very surprised about this:
> 
> Inquiries
> If you would like to request information regarding our disclosure of your Personal Data to third parties for direct marketing purposes, please email your request to privacy@ietf.org and we will provide this information free of charge. This information includes a list of the categories of Personal Data that was shared with third parties for direct marketing purposes and the names and addresses of all third parties with which we shared such information in the immediately preceding calendar year.
> 
> Unless I’m missing something, I don’t think the IETF must provide any personal data to third parties, so my suggestions is that this sections needs to be rewritten to reflect that.
> 
> 
> Regards,
> Jordi
> 
> 
> 
> 
> 
> 
> 
> 
> -----Mensaje original-----
> De: IETF-Announce <ietf-announce-bounces@ietf.org> en nombre de IETF Administrative Director <iad@ietf.org>
> Responder a: <ietf@ietf.org>rg>, <iaoc@ietf.org>
> Fecha: miércoles, 16 de marzo de 2016, 18:02
> Para: IETF Announcement List <ietf-announce@ietf.org>
> Asunto: Proposed IETF Privacy Policy for Review
> 
>> The IAOC would like community input on a proposed IETF Privacy Policy.
>> 
>> We are required by California law (and good net citizenship) to have
>> an accurate privacy policy on our websites.  Counsel have reviewed
>> this statement for compliance with US and EU privacy regulations.  
>> 
>> The policy discusses the following:
>> 1.  General – Most Personal Data Submitted to IETF Will Become Public
>> 2.  You Consent to International Transmission of Your Data
>> 3.  Exceptions – Information That We Do Not Release to the Public
>> 4.  Security
>> 5.  Children
>> 6.  Inquiries
>> 7.  Compliance
>> 8.  Other Organizations
>> 9.  Consent
>> 
>> The proposed Privacy Policy is located here:
>> http://iaoc.ietf.org/documents/IETF-General-Privacy-Statement-2016-02-24-02.htm
>> 
>> The IAOC will consider all comments received by 31 March 2016.
>> 
>> Ray Pelletier
>> IETF Administrative Director
>> 
>> 
> 
>