Re: Future Handling of Blue Sheets

[Yoav Nir <ynir@checkpoint.com>]

On Apr 23, 2012, at 9:00 AM, Joel jaeggli wrote:

> On 4/22/12 22:45 , Robert Raszuk wrote:
>> Joel,
>> 
>>> What property of the blue sheet makes it personal data.
>> 
>> WG meeting title and name or email address.
>> 
>> Nothing more helpful for recruiters to get hold of such list and start
>> spamming with job offers in given area of technology.
> 
> The participants are readily identifiable already.

Effort matters. If getting that data requires a subpoena, or if it requires a formal letter from a lawyer, or if it's available on the website, these are different things. I'm with Tobias on this.

> But that wasn't my question. What data on the blue sheet is personal?

It says where I was, and at what time, and it's nobody's business. It's information that does not need to be disclosed to the public, and therefore shouldn't. We don't have to come up with an attack vector first. 

> Every person who has registered since at least the publication of 3979
> if not before has consented to the public disclosure of records of the
> meeting. a list of the meeting attendees is required by 2418.

Again, this is a different level of information. On the streets, Legally I don't have an expectation of privacy. The police, or anyone who cares to, may follow me around, and see where I'm going. There is, however, a huge const involved in this, and that's why 20 years ago, people did have an expectation of privacy on the streets. Having surveillance cameras at street corners like they have in too much of the western world right now does not change what the police can or cannot do to an individual. There is a huge change, though, because now they can afford to track everyone all the time. 

Connect those cameras to the Internet as publicly accessible webcams, and our society turns into a whole new kind of surveillance society. Publishing blue sheets is not as bad as that, but it's a step in the wrong direction.

Yoav