Re: IETF privacy policy - update
todd glassey <tglassey@earthlink.net> Tue, 06 July 2010 15:50 UTC
Return-Path: <tglassey@earthlink.net>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ED1093A69A3 for <ietf@core3.amsl.com>; Tue, 6 Jul 2010 08:50:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.001
X-Spam-Level:
X-Spam-Status: No, score=0.001 tagged_above=-999 required=5 tests=[BAYES_50=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pROAiJqqCg+q for <ietf@core3.amsl.com>; Tue, 6 Jul 2010 08:50:23 -0700 (PDT)
Received: from elasmtp-scoter.atl.sa.earthlink.net (elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67]) by core3.amsl.com (Postfix) with ESMTP id AF4A43A698C for <ietf@ietf.org>; Tue, 6 Jul 2010 08:50:23 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=MbsBsTl0KjW6EkAFLHoVwXCS/57NELp8TEQID27tK6MS3XP3aVlOt2zAb0hXh3Yy; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP;
Received: from [67.180.133.66] (helo=[192.168.1.100]) by elasmtp-scoter.atl.sa.earthlink.net with esmtpa (Exim 4.67) (envelope-from <tglassey@earthlink.net>) id 1OWAPh-0004lL-Ka for ietf@ietf.org; Tue, 06 Jul 2010 11:50:25 -0400
Message-ID: <4C3350C2.7010403@earthlink.net>
Date: Tue, 06 Jul 2010 08:50:26 -0700
From: todd glassey <tglassey@earthlink.net>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.4) Gecko/20100608 Thunderbird/3.1
MIME-Version: 1.0
To: ietf@ietf.org
Subject: Re: IETF privacy policy - update
References: <7022DEA1-7FC0-4D77-88CE-FA3788720B43@cdt.org> <4C3331D0.1000404@isoc.org>
In-Reply-To: <4C3331D0.1000404@isoc.org>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-ELNK-Trace: 01b7a7e171bdf5911aa676d7e74259b7b3291a7d08dfec79cd5c8777c85578bd4a4cea3ff125d79f350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 67.180.133.66
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Jul 2010 15:50:25 -0000
On 7/6/2010 6:38 AM, Karen O'Donoghue wrote: > +1 on the IETF having a privacy policy. > > I am undecided on the best mechanisms to develop, document, and > maintain that policy. I am not... We need to create the Privacy Working Group and it will produce a non-RFC based work product which is the Participation Privacy Compliance Contract with the IETF's participants. There are certain legal issues which the Founders never considered in their design of the IETF which mandate a permanent type document status which is not part of the Standards or Intellectual Property publication list unless it is a specific template for other entities to use, and that would be out of scope for the IETF. What this means is we need a new class of legal framework document which is not a RFC and all of the legal controls which have been mis-implemented as "votable consensus" agreements are properly reduced to policy and boiler plate so that anyone can easily figure out what participation means. That said, why is simply that since a privacy policy is something that needs formal legal vetting and also something that a vote of the officers of the Operating Board should weigh in on meaning that ISOC and not the IETF's IAOC needs to formally ratify this since it is part of the formal Charter Package of the IETF. The privacy policy should be put together by a Working Group (lets call it the PWG) as a non-RFC type operating document. It is not a BCP either, it is a statement of the legal controls pertaining to the privacy of the parties participating in the IETF standards process. Further in regard to the review of that document, since it is the ISOC (and possibly the Trust) who is/are directly liable for damages therein at this time, it is they who must embrace and assert those privacy controls as operating policy. So they should have representation in this special Privacy Working Group. And finally since the privacy controls cannot set aside those laws in the EU and other places embracing strict privacy controls since "it" (the IETF) must be compliant to all of those. Think of it this way - Imaging having for parties in places in the EU implement the Nevada State PCI DSS standards for information security based on those privacy controls for someone collaborating on a submission from both Nevada and another party in say Finland or Denmark for instance. Also realize that a one-size fits all type model will not work because some people cannot contractually sign their right to privacy away and for them a policy of "assignment obfuscating privacy" probably also doesn't work. By the way - since the assignment of intellectual property rights has provable cash money value, this is a real issue and it needs to be dealt with both professionally and in a manner which makes the IETF more transparent and less of a place where the politics of the day drive the contract-controls on participation or use of the IETF intellectual properties. Todd Glassey > > Karen > > On 7/5/10 12:05 PM, Alissa Cooper wrote: >> A few months ago I drew up a strawman proposal for a public-facing >> IETF privacy policy >> (http://www.ietf.org/id/draft-cooper-privacy-policy-00.txt). I've >> submitted an update based on feedback received: >> http://www.ietf.org/id/draft-cooper-privacy-policy-01.txt >> >> In discussing the policy with the IAOC and others, it seems clear >> that the RFC model is probably not the best model for maintaining and >> updating a document like this. It is more likely to fall within the >> scope of the IAOC and/or the Trust. In order for the IAOC to consider >> taking this on and devoting resources to figuring out what its format >> should be, they need to hear from the community that a public-facing >> privacy policy is something that the community wants. So I have two >> requests for those with any interest in this: >> >> 1) Respond on this list if you support the idea of the IETF having a >> privacy policy (a simple "+1" will do). >> >> 2) If you have comments and suggestions about the policy itself, send >> them to this list. >> >> >> Thanks, >> Alissa >> >> >> >> >> >> >> >> >> >> >> >> >> >> _______________________________________________ >> Ietf mailing list >> Ietf@ietf.org >> https://www.ietf.org/mailman/listinfo/ietf > > _______________________________________________ > Ietf mailing list > Ietf@ietf.org > https://www.ietf.org/mailman/listinfo/ietf >
- Re: IETF privacy policy - update Marshall Eubanks
- IETF privacy policy - update Alissa Cooper
- Re: IETF privacy policy - update Melinda Shore
- Re: IETF privacy policy - update John C Klensin
- Re: IETF privacy policy - update Dave CROCKER
- Re: IETF privacy policy - update Dave CROCKER
- Re: IETF privacy policy - update SM
- Re: IETF privacy policy - update John C Klensin
- Re: IETF privacy policy - update Eliot Lear
- Re: IETF privacy policy - update Alissa Cooper
- Re: IETF privacy policy - update Eliot Lear
- Re: IETF privacy policy - update Iljitsch van Beijnum
- Re: IETF privacy policy - update Nathaniel Borenstein
- Re: IETF privacy policy - update Karen O'Donoghue
- Re: IETF privacy policy - update Stephan Wenger
- Re: IETF privacy policy - update John C Klensin
- Re: IETF privacy policy - update Alissa Cooper
- Re: IETF privacy policy - update todd glassey
- Re: IETF privacy policy - update John Morris
- Re: IETF privacy policy - update Bob Hinden
- Re: IETF privacy policy - update John Morris
- Re: IETF privacy policy - update Ted Hardie
- Re: IETF privacy policy - update joel jaeggli
- Re: IETF privacy policy - update todd glassey
- Re: IETF privacy policy - update Iljitsch van Beijnum
- Re: IETF privacy policy - update Iljitsch van Beijnum
- Re: IETF privacy policy - update John Morris
- Re: IETF privacy policy - update Iljitsch van Beijnum
- Re: IETF privacy policy - update John Morris
- Re: IETF privacy policy - update Larry Smith
- Re: IETF privacy policy - update Iljitsch van Beijnum
- Re: IETF privacy policy - update Melinda Shore
- Re: IETF privacy policy - update Sam Hartman
- Re: IETF privacy policy - update Ole Jacobsen
- Re: IETF privacy policy - update Paul Hoffman
- Re: IETF privacy policy - update Melinda Shore
- Re: IETF privacy policy - update Sam Hartman
- Re: IETF privacy policy - update John Morris
- Re: IETF privacy policy - update Paul Hoffman
- Re: IETF privacy policy - update joel jaeggli
- Re: IETF privacy policy - update Sam Hartman
- Comments on <draft-cooper-privacy-policy-01.txt> Bob Hinden
- Re: IETF privacy policy - update Alissa Cooper
- Re: IETF privacy policy - update Andrew Sullivan
- Re: IETF privacy policy - update John Morris
- Re: IETF privacy policy - update Randy Bush
- Re: IETF privacy policy - update Cullen Jennings
- Re: IETF privacy policy - update joel jaeggli
- RE: IETF privacy policy - update Yoav Nir
- Re: IETF privacy policy - update David Morris
- Re: IETF privacy policy - update Arnt Gulbrandsen
- Re: IETF privacy policy - update Henk Uijterwaal
- Re: IETF privacy policy - update Andrew Sullivan
- Re: IETF privacy policy - update joel jaeggli
- Re: IETF privacy policy - update Marshall Eubanks
- Re: IETF privacy policy - update jean-michel bernier de portzamparc
- Re: IETF privacy policy - update Fred Baker
- Re: IETF privacy policy - update Peter Saint-Andre
- Re: IETF privacy policy - update Melinda Shore
- Re: IETF privacy policy - update Fred Baker
- Re: IETF privacy policy - update Melinda Shore
- Re: IETF privacy policy - update joel jaeggli
- Re: IETF privacy policy - update Fred Baker
- Re: IETF privacy policy - update Melinda Shore
- Re: IETF privacy policy - update Fred Baker
- Re: IETF privacy policy - update Randy Bush
- Re: IETF privacy policy - update Martin Rex
- Re: IETF privacy policy - update GTW
- Re: IETF privacy policy - update Henk Uijterwaal
- Re: IETF privacy policy - update Patrik Fältström
- Re: IETF privacy policy - update Fred Baker
- Re: Comments on <draft-cooper-privacy-policy-01.t… Hannes Tschofenig
- Re: IETF privacy policy - update Ted Hardie
- Re: Comments on <draft-cooper-privacy-policy-01.t… Randy Bush
- Re: Comments on <draft-cooper-privacy-policy-01.t… Hannes Tschofenig
- Re: Comments on <draft-cooper-privacy-policy-01.t… Randy Bush
- Re: IETF privacy policy - update Alissa Cooper
- Re: Comments on <draft-cooper-privacy-policy-01.t… todd glassey
- Re: Comments on <draft-cooper-privacy-policy-01.t… todd glassey
- Re: Comments on <draft-cooper-privacy-policy-01.t… Hannes Tschofenig
- Re: Comments on <draft-cooper-privacy-policy-01.t… Randy Bush
- Re: Comments on <draft-cooper-privacy-policy-01.t… Joel Jaeggli
- Re: Comments on <draft-cooper-privacy-policy-01.t… Hannes Tschofenig
- Re: Comments on <draft-cooper-privacy-policy-01.t… Hannes Tschofenig
- Re: Comments on <draft-cooper-privacy-policy-01.t… Fred Baker
- Re: Comments on <draft-cooper-privacy-policy-01.t… Randy Bush
- RE: IETF privacy policy - update Monique Morrow (mmorrow)
- Re: Comments on <draft-cooper-privacy-policy-01.t… Randy Bush
- Re: Comments on <draft-cooper-privacy-policy-01.t… Dave CROCKER
- Re: Comments on <draft-cooper-privacy-policy-01.t… Donald Eastlake
- Re: Comments on <draft-cooper-privacy-policy-01.t… Joel Jaeggli
- Re: Comments on <draft-cooper-privacy-policy-01.t… Phillip Hallam-Baker
- Re: Comments on <draft-cooper-privacy-policy-01.t… Dave CROCKER
- Re: Comments on <draft-cooper-privacy-policy-01.t… Randy Bush
- Re: Comments on <draft-cooper-privacy-policy-01.t… Dave CROCKER
- Re: Comments on <draft-cooper-privacy-policy-01.t… Fred Baker
- Re: Comments on <draft-cooper-privacy-policy-01.t… Martin Rex
- Re: Comments on <draft-cooper-privacy-policy-01.t… todd glassey
- Re: Comments on <draft-cooper-privacy-policy-01.t… Martin Rex
- Re: Comments on <draft-cooper-privacy-policy-01.t… Joel Jaeggli
- Re: Comments on <draft-cooper-privacy-policy-01.t… todd glassey
- Re: Comments on <draft-cooper-privacy-policy-01.t… Randy Bush
- Re: Comments on <draft-cooper-privacy-policy-01.t… Dave CROCKER
- Re: Comments on <draft-cooper-privacy-policy-01.t… Andrew Sullivan
- Re: Comments on <draft-cooper-privacy-policy-01.t… Dave CROCKER
- Re: Comments on <draft-cooper-privacy-policy-01.t… John C Klensin
- Re: Comments on <draft-cooper-privacy-policy-01.t… Dave CROCKER
- Re: Comments on <draft-cooper-privacy-policy-01.t… Randy Bush
- Re: Comments on <draft-cooper-privacy-policy-01.t… Dave CROCKER
- Re: Comments on <draft-cooper-privacy-policy-01.t… Randy Bush
- Re: IETF privacy policy - update Alissa Cooper
- Re: IETF privacy policy - update Paul Hoffman
- Re: Comments on <draft-cooper-privacy-policy-01.t… Alissa Cooper
- Re: Comments on <draft-cooper-privacy-policy-01.t… John C Klensin
- Re: Comments on <draft-cooper-privacy-policy-01.t… John C Klensin
- Re: IETF privacy policy - update Martin Rex
- Re: IETF privacy policy - update todd glassey
- Re: Comments on <draft-cooper-privacy-policy-01.t… Dave CROCKER
- Re: IETF privacy policy - update John Morris
- Re: IETF privacy policy - update Andrew Sullivan
- Re: IETF privacy policy - still a bad idea John Levine
- RE: IETF privacy policy - update Dearlove, Christopher (UK)
- Re: IETF privacy policy - still a bad idea John R. Levine
- Re: IETF privacy policy - still a bad idea Marshall Eubanks
- Re: IETF privacy policy - still a bad idea Dave CROCKER
- Re: IETF privacy policy - still a bad idea Marshall Eubanks
- Re: IETF privacy policy - still a bad idea Dave CROCKER
- Re: IETF privacy policy - still a bad idea Phillip Hallam-Baker
- Re: IETF privacy policy - still a bad idea Phillip Hallam-Baker
- Re: IETF privacy policy - still a bad idea Andrew Sullivan
- Re: IETF privacy policy - still a bad idea Marshall Eubanks
- Re: IETF privacy policy - still a bad idea Andrew Sullivan
- Re: IETF privacy policy - still a bad idea Dave CROCKER
- Re: IETF privacy policy - still a bad idea Andrew Sullivan
- Re: IETF privacy policy - still a bad idea Fred Baker
- Re: IETF privacy policy - still a bad idea Ole Jacobsen
- Re: IETF privacy policy - still a bad idea Dave CROCKER
- Re: IETF privacy policy - still a bad idea Arnt Gulbrandsen
- Re: IETF privacy policy - still a bad idea Marshall Eubanks
- Re: IETF privacy policy - still a bad idea John R. Levine
- Re: IETF privacy policy - still a bad idea Fred Baker
- Re: IETF privacy policy - still a bad idea todd glassey
- What does a privacy policy mean? John R. Levine
- Re: What does a privacy policy mean? Phillip Hallam-Baker