Re: Proposed IETF Privacy Policy for Review

JORDI PALET MARTINEZ <jordi.palet@consulintel.es> Wed, 16 March 2016 17:37 UTC

Return-Path: <prvs=188330da20=jordi.palet@consulintel.es>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FA7F12DA70 for <ietf@ietfa.amsl.com>; Wed, 16 Mar 2016 10:37:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.899
X-Spam-Level:
X-Spam-Status: No, score=-101.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_QP_LONG_LINE=0.001, USER_IN_WHITELIST=-100] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SVPKFnWg4bpP for <ietf@ietfa.amsl.com>; Wed, 16 Mar 2016 10:37:04 -0700 (PDT)
Received: from mail.consulintel.com (mail.consulintel.com [213.0.69.132]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BB05712DA73 for <ietf@ietf.org>; Wed, 16 Mar 2016 10:36:24 -0700 (PDT)
X-MDAV-Processed: mail.consulintel.com, Wed, 16 Mar 2016 18:36:23 +0100
Received: from [10.10.10.111] by mail.consulintel.com (MDaemon PRO v11.0.3) with ESMTP id md50000370419.msg for <ietf@ietf.org>; Wed, 16 Mar 2016 18:36:22 +0100
X-Spam-Processed: mail.consulintel.com, Wed, 16 Mar 2016 18:36:22 +0100 (not processed: spam filter heuristic analysis disabled)
X-MDOP-RefID: re=0.000,fgs=0 (_st=1 _vt=0 _iwf=0)
X-Return-Path: prvs=188330da20=jordi.palet@consulintel.es
X-Envelope-From: jordi.palet@consulintel.es
X-MDaemon-Deliver-To: ietf@ietf.org
User-Agent: Microsoft-MacOutlook/0.0.0.160212
Date: Wed, 16 Mar 2016 18:36:19 +0100
Subject: Re: Proposed IETF Privacy Policy for Review
From: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
To: <ietf@ietf.org>
Message-ID: <A0A26571-7E05-4A8F-AC90-5297E532D10D@consulintel.es>
Thread-Topic: Proposed IETF Privacy Policy for Review
References: <20160316170239.30920.41218.idtracker@ietfa.amsl.com> <91DA3B2D-94A0-41CD-87D1-6D5931E59175@consulintel.es> <17115C4E-37ED-456E-8CFA-17D12F5628EE@sobco.com>
In-Reply-To: <17115C4E-37ED-456E-8CFA-17D12F5628EE@sobco.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/hEGxsjyB-88twCMfy32r7QHAxDM>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: jordi.palet@consulintel.es
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2016 17:37:07 -0000

Hi Scott,

I understand that, but I think we must have, for clarity, also a sentence that states that, and not just for non-public, but also public information to third parties. Something like “IETF doesn’t provide to third parties any personal data”.

May be is already somewhere in our actual web sites, if not I think must be included somehow in this privacy policy section.

Regards,
Jordi









-----Mensaje original-----
De: Scott Bradner <sob@sobco.com>
Responder a: <sob@sobco.com>
Fecha: miércoles, 16 de marzo de 2016, 18:24
Para: Jordi Palet Martinez <jordi.palet@consulintel.es>
CC: <ietf@ietf.org>
Asunto: Re: Proposed IETF Privacy Policy for Review

>
>the IETF does not provide non-public information to anyone outside of the IETF/ISOC for any marketing
>(or other) purpose (but ISOC may contact some people to see if they would be interested in hosting or being
>a sponsor of a future meeting) 
>
>but, even if we clearly say “we never do that” we still need to have the section since 
>California law says that we need to have such an ability for people to ask  (its also the kind of thing that the EU
>wants to see)
>
>
>
>Scott
>
>> On Mar 16, 2016, at 1:15 PM, JORDI PALET MARTINEZ <jordi.palet@consulintel.es> wrote:
>> 
>> I’m very surprised about this:
>> 
>> Inquiries
>> If you would like to request information regarding our disclosure of your Personal Data to third parties for direct marketing purposes, please email your request to privacy@ietf.org and we will provide this information free of charge. This information includes a list of the categories of Personal Data that was shared with third parties for direct marketing purposes and the names and addresses of all third parties with which we shared such information in the immediately preceding calendar year.
>> 
>> Unless I’m missing something, I don’t think the IETF must provide any personal data to third parties, so my suggestions is that this sections needs to be rewritten to reflect that.
>> 
>> 
>> Regards,
>> Jordi
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> -----Mensaje original-----
>> De: IETF-Announce <ietf-announce-bounces@ietf.org> en nombre de IETF Administrative Director <iad@ietf.org>
>> Responder a: <ietf@ietf.org>rg>, <iaoc@ietf.org>
>> Fecha: miércoles, 16 de marzo de 2016, 18:02
>> Para: IETF Announcement List <ietf-announce@ietf.org>
>> Asunto: Proposed IETF Privacy Policy for Review
>> 
>>> The IAOC would like community input on a proposed IETF Privacy Policy.
>>> 
>>> We are required by California law (and good net citizenship) to have
>>> an accurate privacy policy on our websites.  Counsel have reviewed
>>> this statement for compliance with US and EU privacy regulations.  
>>> 
>>> The policy discusses the following:
>>> 1.  General – Most Personal Data Submitted to IETF Will Become Public
>>> 2.  You Consent to International Transmission of Your Data
>>> 3.  Exceptions – Information That We Do Not Release to the Public
>>> 4.  Security
>>> 5.  Children
>>> 6.  Inquiries
>>> 7.  Compliance
>>> 8.  Other Organizations
>>> 9.  Consent
>>> 
>>> The proposed Privacy Policy is located here:
>>> http://iaoc.ietf.org/documents/IETF-General-Privacy-Statement-2016-02-24-02.htm
>>> 
>>> The IAOC will consider all comments received by 31 March 2016.
>>> 
>>> Ray Pelletier
>>> IETF Administrative Director
>>> 
>>> 
>> 
>> 
>
>