Re: Proposed IETF Privacy Policy for Review

["Scott O. Bradner" <sob@sobco.com>]

I agree

Scott


Sent from my iPhone

> On Mar 16, 2016, at 1:36 PM, JORDI PALET MARTINEZ <jordi.palet@consulintel.es> wrote:
> 
> Hi Scott,
> 
> I understand that, but I think we must have, for clarity, also a sentence that states that, and not just for non-public, but also public information to third parties. Something like “IETF doesn’t provide to third parties any personal data”.
> 
> May be is already somewhere in our actual web sites, if not I think must be included somehow in this privacy policy section.
> 
> Regards,
> Jordi
> 
> 
> 
> 
> 
> 
> 
> 
> 
> -----Mensaje original-----
> De: Scott Bradner <sob@sobco.com>
> Responder a: <sob@sobco.com>
> Fecha: miércoles, 16 de marzo de 2016, 18:24
> Para: Jordi Palet Martinez <jordi.palet@consulintel.es>
> CC: <ietf@ietf.org>
> Asunto: Re: Proposed IETF Privacy Policy for Review
> 
>> 
>> the IETF does not provide non-public information to anyone outside of the IETF/ISOC for any marketing
>> (or other) purpose (but ISOC may contact some people to see if they would be interested in hosting or being
>> a sponsor of a future meeting) 
>> 
>> but, even if we clearly say “we never do that” we still need to have the section since 
>> California law says that we need to have such an ability for people to ask  (its also the kind of thing that the EU
>> wants to see)
>> 
>> 
>> 
>> Scott
>> 
>>> On Mar 16, 2016, at 1:15 PM, JORDI PALET MARTINEZ <jordi.palet@consulintel.es> wrote:
>>> 
>>> I’m very surprised about this:
>>> 
>>> Inquiries
>>> If you would like to request information regarding our disclosure of your Personal Data to third parties for direct marketing purposes, please email your request to privacy@ietf.org and we will provide this information free of charge. This information includes a list of the categories of Personal Data that was shared with third parties for direct marketing purposes and the names and addresses of all third parties with which we shared such information in the immediately preceding calendar year.
>>> 
>>> Unless I’m missing something, I don’t think the IETF must provide any personal data to third parties, so my suggestions is that this sections needs to be rewritten to reflect that.
>>> 
>>> 
>>> Regards,
>>> Jordi
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>> -----Mensaje original-----
>>> De: IETF-Announce <ietf-announce-bounces@ietf.org> en nombre de IETF Administrative Director <iad@ietf.org>
>>> Responder a: <ietf@ietf.org>, <iaoc@ietf.org>
>>> Fecha: miércoles, 16 de marzo de 2016, 18:02
>>> Para: IETF Announcement List <ietf-announce@ietf.org>
>>> Asunto: Proposed IETF Privacy Policy for Review
>>> 
>>>> The IAOC would like community input on a proposed IETF Privacy Policy.
>>>> 
>>>> We are required by California law (and good net citizenship) to have
>>>> an accurate privacy policy on our websites.  Counsel have reviewed
>>>> this statement for compliance with US and EU privacy regulations.  
>>>> 
>>>> The policy discusses the following:
>>>> 1.  General – Most Personal Data Submitted to IETF Will Become Public
>>>> 2.  You Consent to International Transmission of Your Data
>>>> 3.  Exceptions – Information That We Do Not Release to the Public
>>>> 4.  Security
>>>> 5.  Children
>>>> 6.  Inquiries
>>>> 7.  Compliance
>>>> 8.  Other Organizations
>>>> 9.  Consent
>>>> 
>>>> The proposed Privacy Policy is located here:
>>>> http://iaoc.ietf.org/documents/IETF-General-Privacy-Statement-2016-02-24-02.htm
>>>> 
>>>> The IAOC will consider all comments received by 31 March 2016.
>>>> 
>>>> Ray Pelletier
>>>> IETF Administrative Director
> 
>