Re: [IAOC] [IAB] Proposed IETF Privacy Policy for Review

Scott Bradner <sob@sobco.com> Thu, 17 March 2016 12:27 UTC

Return-Path: <sob@sobco.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F0DE12DA88; Thu, 17 Mar 2016 05:27:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.109
X-Spam-Level:
X-Spam-Status: No, score=-1.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RDNS_NONE=0.793, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eLIUYA7iUMJT; Thu, 17 Mar 2016 05:27:16 -0700 (PDT)
Received: from sobco.sobco.com (unknown [136.248.127.164]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF35A12DA5C; Thu, 17 Mar 2016 05:27:15 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by sobco.sobco.com (Postfix) with ESMTP id 352B418EF102; Thu, 17 Mar 2016 08:27:15 -0400 (EDT)
X-Virus-Scanned: amavisd-new at sobco.com
Received: from sobco.sobco.com ([127.0.0.1]) by localhost (sobco.sobco.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rMcROZ4tefQb; Thu, 17 Mar 2016 08:27:13 -0400 (EDT)
Received: from dhcp3.sobco.com (vpn2.sobco.com [136.248.127.173]) by sobco.sobco.com (Postfix) with ESMTPSA id D795418EF0F4; Thu, 17 Mar 2016 08:27:13 -0400 (EDT)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
Subject: Re: [IAOC] [IAB] Proposed IETF Privacy Policy for Review
From: Scott Bradner <sob@sobco.com>
In-Reply-To: <3A2CD852-64D8-40E9-821E-5247B22C2879@nohats.ca>
Date: Thu, 17 Mar 2016 08:27:13 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <626999D6-D25C-4B51-8FAB-3B0312320A74@sobco.com>
References: <20160316170239.30920.41218.idtracker@ietfa.amsl.com> <E95E8599-6741-4F81-A7FB-06669EC3EA37@netapp.com> <214DF639-87DC-46D7-9731-F51027EBA97E@nohats.ca> <84BDDACE-C9E3-445A-91E6-8E80D7C6BFDE@sobco.com> <3A2CD852-64D8-40E9-821E-5247B22C2879@nohats.ca>
To: Paul Wouters <paul@nohats.ca>
X-Mailer: Apple Mail (2.3112)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/fxTeIQLK1G_oQBacG5yw7OEYJxw>
Cc: IAOC IAOC <iaoc@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Mar 2016 12:27:17 -0000

the lawyers we consulted said that it was important to say what was said

setting up a web site designed for people under 13 is a major effort (verifying ages of users etc)

this seemed the best way (the first proposal we got was to say that people under 13 could
not use the site)

Scott

> On Mar 17, 2016, at 8:23 AM, Paul Wouters <paul@nohats.ca> wrote:
> 
> 
> 
> Sent from my iPhone
> 
>> On Mar 17, 2016, at 08:13, Scott Bradner <sob@sobco.com> wrote:
>> 
>> I agree but the law is what the law is 
>> 
>> see https://en.wikipedia.org/wiki/Children's_Online_Privacy_Protection_Act
>> 
>> the wording used says that its fine if the kid has parental OK
> 
> But then there is no need to say our website is not designed for people under 13. They are designed for people of all ages.
> 
> Paul 
> 
> 
>> Scott
>> 
>>> On Mar 17, 2016, at 8:09 AM, Paul Wouters <paul@nohats.ca> wrote:
>>> 
>>> My only issue is that it claims our websites are not for use by children under 13. They most certainly are.
>>> 
>>> Paul
>>> 
>>> Sent from my iPhone
>>> 
>>>> On Mar 17, 2016, at 03:01, Eggert, Lars <lars@netapp.com> wrote:
>>>> 
>>>> Hi Ray,
>>>> 
>>>> would this extend to and cover the IRTF as well?
>>>> 
>>>> Lars
>>>> 
>>>>> On 2016-03-16, at 18:02, IETF Administrative Director <iad@ietf.org> wrote:
>>>>> 
>>>>> The IAOC would like community input on a proposed IETF Privacy Policy.
>>>>> 
>>>>> We are required by California law (and good net citizenship) to have
>>>>> an accurate privacy policy on our websites.  Counsel have reviewed
>>>>> this statement for compliance with US and EU privacy regulations.
>>>>> 
>>>>> The policy discusses the following:
>>>>> 1.  General – Most Personal Data Submitted to IETF Will Become Public
>>>>> 2.  You Consent to International Transmission of Your Data
>>>>> 3.  Exceptions – Information That We Do Not Release to the Public
>>>>> 4.  Security
>>>>> 5.  Children
>>>>> 6.  Inquiries
>>>>> 7.  Compliance
>>>>> 8.  Other Organizations
>>>>> 9.  Consent
>>>>> 
>>>>> The proposed Privacy Policy is located here:
>>>>> http://iaoc.ietf.org/documents/IETF-General-Privacy-Statement-2016-02-24-02.htm
>>>>> 
>>>>> The IAOC will consider all comments received by 31 March 2016.
>>>>> 
>>>>> Ray Pelletier
>>>>> IETF Administrative Director
>>> 
>