Re: Proposed IETF Websites’ Privacy Policy; Community Input Requested
Mark Nottingham <mnot@mnot.net> Thu, 05 February 2015 05:11 UTC
Return-Path: <mnot@mnot.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EFCF41A01AE for <ietf@ietfa.amsl.com>; Wed, 4 Feb 2015 21:11:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.302
X-Spam-Level:
X-Spam-Status: No, score=-2.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TNUiDRaBtqWe for <ietf@ietfa.amsl.com>; Wed, 4 Feb 2015 21:10:56 -0800 (PST)
Received: from mxout-07.mxes.net (mxout-07.mxes.net [216.86.168.182]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C00321A1A88 for <ietf@ietf.org>; Wed, 4 Feb 2015 21:10:56 -0800 (PST)
Received: from [192.168.1.73] (unknown [59.167.195.195]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id 0D81C22E261 for <ietf@ietf.org>; Thu, 5 Feb 2015 00:10:54 -0500 (EST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
Subject: Re: Proposed IETF Websites’ Privacy Policy; Community Input Requested
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <20150203155217.2391.76679.idtracker@ietfa.amsl.com>
Date: Thu, 05 Feb 2015 16:10:51 +1100
Content-Transfer-Encoding: quoted-printable
Message-Id: <2AE14A6B-5B8C-45B3-A21B-B34229FB5B34@mnot.net>
References: <20150203155217.2391.76679.idtracker@ietfa.amsl.com>
To: ietf@ietf.org
X-Mailer: Apple Mail (2.2070.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/tihSSmvbdykNXZXU11jJNaOAePQ>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Feb 2015 05:11:05 -0000
Does the IETF have a privacy policy overall? One of the things that I find frequently frustrating is that an entity will handle sensitive data (and realise that the definition of that is *very* broad these days), only to have a policy that's applicable to its Web site, which only covers a small portion of the interactions that it's involved in. If we're going to go to the trouble of developing a privacy policy (and I think we should, even as an "open" organisation), it would be worthwhile to include all interactions, not just those that go through a Web browser. Cheers, > On 4 Feb 2015, at 2:52 am, IETF Administrative Director <iad@ietf.org> wrote: > > The IAOC would like community input on a proposed IETF websites’ Privacy Policy. > > We are required by California law (and good net citizenship) to have an accurate > privacy policy on our websites. Counsel have reviewed this statement for compliance > with US and EU privacy regulations. > > The policy discusses the following: > a. Information collected > b. What’s done with the information > c. Information accessible to the public > d. Cookies and other tracking technologies > e. Participant database > f. Security > g. Links > h. Discussion groups > i. Children > j. Compliance > k. Consent and changes to this policy > > The proposed Privacy Policy is located here: > <https://iaoc.ietf.org/documents/IETF-Website-Privacy-Policy-16Jan15.pdf> > > The IAOC will consider all comments received by 17 February 2015. > > Thanks. > > Scott Bradner > Chair > IAOC Legal Committee > -- Mark Nottingham https://www.mnot.net/
- Re: Proposed IETF Websites Privacy Policy; Commun… S Moonesamy
- RE: Proposed IETF Websites Privacy Policy; Commun… James Gannon
- Proposed IETF Websites’ Privacy Policy; Community… IETF Administrative Director
- Re: Proposed IETF Websites’ Privacy Policy; Commu… Bjoern Hoehrmann
- Re: Proposed IETF Websites’ Privacy Policy; Commu… John Levine
- Re: Proposed IETF Websites’ Privacy Policy; Commu… Joseph Lorenzo Hall
- Re: Proposed IETF Websites’ Privacy Policy; Commu… Tom Taylor
- Re: Proposed IETF Websites’ Privacy Policy; Commu… Mark Nottingham
- RE: Proposed IETF Websites’ Privacy Policy; Commu… Adrian Farrel
- Re: RE: Proposed IETF Websites’ Privacy Policy; C… John Levine
- Re: Proposed IETF Websites’ Privacy Policy; Commu… Alexey Melnikov
- Re: Proposed IETF Websites’ Privacy Policy; Commu… t.p.