Re: Proposed IETF Privacy Policy for Review

"Scott O. Bradner" <sob@sobco.com> Wed, 16 March 2016 17:59 UTC

Return-Path: <sob@sobco.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5356512D52D for <ietf@ietfa.amsl.com>; Wed, 16 Mar 2016 10:59:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.109
X-Spam-Level:
X-Spam-Status: No, score=-1.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RDNS_NONE=0.793, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G1au1iHq4A-F for <ietf@ietfa.amsl.com>; Wed, 16 Mar 2016 10:59:30 -0700 (PDT)
Received: from sobco.sobco.com (unknown [136.248.127.164]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2EADE12D74B for <ietf@ietf.org>; Wed, 16 Mar 2016 10:59:27 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by sobco.sobco.com (Postfix) with ESMTP id 1A99B18DBF54; Wed, 16 Mar 2016 13:59:26 -0400 (EDT)
X-Virus-Scanned: amavisd-new at sobco.com
Received: from sobco.sobco.com ([127.0.0.1]) by localhost (sobco.sobco.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dCfDxAOAip2q; Wed, 16 Mar 2016 13:59:25 -0400 (EDT)
Received: from [10.251.213.114] (unknown [65.112.10.212]) by sobco.sobco.com (Postfix) with ESMTPSA id 1B2B018DBF45; Wed, 16 Mar 2016 13:59:25 -0400 (EDT)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (1.0)
Subject: Re: Proposed IETF Privacy Policy for Review
From: "Scott O. Bradner" <sob@sobco.com>
X-Mailer: iPhone Mail (13D15)
In-Reply-To: <A0A26571-7E05-4A8F-AC90-5297E532D10D@consulintel.es>
Date: Wed, 16 Mar 2016 13:59:24 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <2C7202B9-A9E9-42DD-8DD4-FFCD64D053D4@sobco.com>
References: <20160316170239.30920.41218.idtracker@ietfa.amsl.com> <91DA3B2D-94A0-41CD-87D1-6D5931E59175@consulintel.es> <17115C4E-37ED-456E-8CFA-17D12F5628EE@sobco.com> <A0A26571-7E05-4A8F-AC90-5297E532D10D@consulintel.es>
To: jordi.palet@consulintel.es
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/zjgMXwHqaf4VgvViFJksjn1ajAE>
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2016 17:59:32 -0000

I agree

Scott


Sent from my iPhone

> On Mar 16, 2016, at 1:36 PM, JORDI PALET MARTINEZ <jordi.palet@consulintel.es> wrote:
> 
> Hi Scott,
> 
> I understand that, but I think we must have, for clarity, also a sentence that states that, and not just for non-public, but also public information to third parties. Something like “IETF doesn’t provide to third parties any personal data”.
> 
> May be is already somewhere in our actual web sites, if not I think must be included somehow in this privacy policy section.
> 
> Regards,
> Jordi
> 
> 
> 
> 
> 
> 
> 
> 
> 
> -----Mensaje original-----
> De: Scott Bradner <sob@sobco.com>
> Responder a: <sob@sobco.com>
> Fecha: miércoles, 16 de marzo de 2016, 18:24
> Para: Jordi Palet Martinez <jordi.palet@consulintel.es>
> CC: <ietf@ietf.org>
> Asunto: Re: Proposed IETF Privacy Policy for Review
> 
>> 
>> the IETF does not provide non-public information to anyone outside of the IETF/ISOC for any marketing
>> (or other) purpose (but ISOC may contact some people to see if they would be interested in hosting or being
>> a sponsor of a future meeting) 
>> 
>> but, even if we clearly say “we never do that” we still need to have the section since 
>> California law says that we need to have such an ability for people to ask  (its also the kind of thing that the EU
>> wants to see)
>> 
>> 
>> 
>> Scott
>> 
>>> On Mar 16, 2016, at 1:15 PM, JORDI PALET MARTINEZ <jordi.palet@consulintel.es> wrote:
>>> 
>>> I’m very surprised about this:
>>> 
>>> Inquiries
>>> If you would like to request information regarding our disclosure of your Personal Data to third parties for direct marketing purposes, please email your request to privacy@ietf.org and we will provide this information free of charge. This information includes a list of the categories of Personal Data that was shared with third parties for direct marketing purposes and the names and addresses of all third parties with which we shared such information in the immediately preceding calendar year.
>>> 
>>> Unless I’m missing something, I don’t think the IETF must provide any personal data to third parties, so my suggestions is that this sections needs to be rewritten to reflect that.
>>> 
>>> 
>>> Regards,
>>> Jordi
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>> -----Mensaje original-----
>>> De: IETF-Announce <ietf-announce-bounces@ietf.org> en nombre de IETF Administrative Director <iad@ietf.org>
>>> Responder a: <ietf@ietf.org>rg>, <iaoc@ietf.org>
>>> Fecha: miércoles, 16 de marzo de 2016, 18:02
>>> Para: IETF Announcement List <ietf-announce@ietf.org>
>>> Asunto: Proposed IETF Privacy Policy for Review
>>> 
>>>> The IAOC would like community input on a proposed IETF Privacy Policy.
>>>> 
>>>> We are required by California law (and good net citizenship) to have
>>>> an accurate privacy policy on our websites.  Counsel have reviewed
>>>> this statement for compliance with US and EU privacy regulations.  
>>>> 
>>>> The policy discusses the following:
>>>> 1.  General – Most Personal Data Submitted to IETF Will Become Public
>>>> 2.  You Consent to International Transmission of Your Data
>>>> 3.  Exceptions – Information That We Do Not Release to the Public
>>>> 4.  Security
>>>> 5.  Children
>>>> 6.  Inquiries
>>>> 7.  Compliance
>>>> 8.  Other Organizations
>>>> 9.  Consent
>>>> 
>>>> The proposed Privacy Policy is located here:
>>>> http://iaoc.ietf.org/documents/IETF-General-Privacy-Statement-2016-02-24-02.htm
>>>> 
>>>> The IAOC will consider all comments received by 31 March 2016.
>>>> 
>>>> Ray Pelletier
>>>> IETF Administrative Director
> 
>