Responses to questions about the new IETF privacy statement
"John R Levine" <johnl@taugh.com> Thu, 19 October 2017 22:08 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26E74134316 for <ietf@ietfa.amsl.com>; Thu, 19 Oct 2017 15:08:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.601
X-Spam-Level:
X-Spam-Status: No, score=-0.601 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=aCXJpcz7; dkim=pass (1536-bit key) header.d=taugh.com header.b=A3DxpFr2
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cWwxr7qckfxT for <ietf@ietfa.amsl.com>; Thu, 19 Oct 2017 15:08:41 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0621B134326 for <ietf@ietf.org>; Thu, 19 Oct 2017 15:08:30 -0700 (PDT)
Received: (qmail 19291 invoked from network); 19 Oct 2017 22:08:29 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:mime-version:content-type:user-agent; s=4b59.59e9225d.k1710; bh=Nrk7WybysYnLQIoU/EEI8aQb+UiKuUmGnpCBNwuDWdI=; b=aCXJpcz7ykvqBbGtqVX7foAz8+/ScgxTwR5djV96TOvsOe8/uFe9pSZk97pUn0ISoMsX7wefsLl+1bejTg2MBA8kb1CD3OmIdk16jAx+yciUlCsQZ80Pf0rAI17sNMd1Eb/1zpnzf+5tdjnF2XYzJQg2Fjh9l/UEEJx/uT6TdVBfHKVX/lIH1HpjyMqofKRmbalDZ+L2iVJr2xpCUPyIu1pmXbwH9KEubjcrsOAWkFmsjMciGoinM3Oj3Igz8CLX
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:mime-version:content-type:user-agent; s=4b59.59e9225d.k1710; bh=Nrk7WybysYnLQIoU/EEI8aQb+UiKuUmGnpCBNwuDWdI=; b=A3DxpFr2uIL0rAUjID8F8ZvLT7IDU3MxNE59VcakVEh77FZreR6t3TkjI+f3vdCfe0p/HHkopkqVdy7CvLwFgcLe25VZp9RGtOSB8Ukp82Xl61x8ar+7XLqE/w9NH94/zjkTg9zJpMFS58oLytlun1Bi1Ohnv7sxp4mlLQ4Ptf7/ne19lvVHIKMo8l2u0TEf24RwjGK9yVeO9NS3tnQ22pL6EhG5v2OPBuPaqFg7XL9kRWEwAsqbJdfXCvBE84j2
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2/X.509/AEAD) via TCP6; 19 Oct 2017 22:08:29 -0000
Date: Thu, 19 Oct 2017 18:08:28 -0400
Message-ID: <alpine.OSX.2.21.1710191805520.71205@ary.qy>
From: John R Levine <johnl@taugh.com>
To: IETF general list <ietf@ietf.org>
Subject: Responses to questions about the new IETF privacy statement
User-Agent: Alpine 2.21 (OSX 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/uBm_WSt8jITDDaqnfXGe_B7AxvU>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Oct 2017 22:08:43 -0000
The IAOC published a new privacy statement last month, which is now available at https://iaoc.ietf.org/documents/IETFPrivacyStatement2017-07-12.pdf We got a few questions on the draft version. Some questions were about criminal subpoenas. In the entire history of the IETF, we have received only one criminal subpoena, as opposed to the many civil subpoenas and requests we get for document authentication. The policy has language saying that we will respond if required, in the unlikely event that we get another criminal subpoena. There were also questions about the section about children. We do not want to be subject to COPPA, a US law which has detailed rules for sites intended for children. The COPPA record keeping requirements are so onerous that it would not be practical for us to try to implement them. COPPA is only about personally identifiable information, hence anyone of any age can look at anything, but we won't knowingly let children under 13 do things that provide PII, such as sign up to mailing lists or a datatracker account. Our COPPA language is similar to that on most other interactive web sites not targeted at children. Regards, John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly
- Responses to questions about the new IETF privacy… John R Levine
- Re: Responses to questions about the new IETF pri… Stephen Farrell
- Re: Responses to questions about the new IETF pri… Randy Bush
- Re: Responses to questions about the new IETF pri… Brian E Carpenter
- Re: Responses to questions about the new IETF pri… Randy Bush
- Re: Responses to questions about the new IETF pri… Scott O. Bradner
- Re: Responses to questions about the new IETF pri… Martin Rex
- Re: Responses to questions about the new IETF pri… S Moonesamy