Re: [netmod] GDPR and private data
Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Wed, 26 May 2021 11:44 UTC
Return-Path: <J.Schoenwaelder@jacobs-university.de>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6BD443A2B86 for <netmod@ietfa.amsl.com>; Wed, 26 May 2021 04:44:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jacobsuniversity.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LuXfScVO4vpQ for <netmod@ietfa.amsl.com>; Wed, 26 May 2021 04:44:15 -0700 (PDT)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-eopbgr140072.outbound.protection.outlook.com [40.107.14.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 284E43A2B8A for <netmod@ietf.org>; Wed, 26 May 2021 04:44:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ab9IR0wfae0nZ8wPm119ljsmFyV58In2ynA7T+DJIUXf+5jWTr5fGuUnC+/zgKWZaJ5yKpJjo+EUQELr2MSWZMall6OVS8a4fBmEcUIdCkW6/Lcx8EbHzskJvkZ5UAMpYPMe8vq2ody+5oOCc+eV2FaYQoG8fEyF40zsIaox2T6mCl+M1NzALqhPQLzRtG5O5Y+fLLYLKYn6MA141Ij2n8J9n5JgreQdX4o/FMttDJsIq1ciZZr1hCP+niEXaJiAROzY56vOniKQ0NTKFmeroeaCptpOfO41WKm84cTb2N1Azx2/Ekm+DNqqlo97wDOfsv6zSpo+IO/DHtHiPtZKVQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=oMy5AEFcOEwosSGOpRa7MGZ14TLlKjv5wUquIdjbAYs=; b=U7sr2IaKTAHdbo1UjcWfkTrRlQzfe++lCzRXs1ol3RP5oKVUOtRRMiuUma3oxxcP75VabbjhDliMCHWdS4uUt2qE0uU/4evKpesLvH/1LFNG6OsPSJ10ZgKpVxpbUXjOxW5Mb9tE+6QF+JKIX55TkrrKl1L8+N2w3+R2PViBmdjGrwLLiM1aZyiTw9csBswL/NSgNjiqtXgAmK/qPDnMt6uhFGwR3zehGnGXDHifGJiDQrlZm7jvtlZEJSOifCozoW65x1BmRkSeBeSNUPAkOQK865dBTJWb2wUXAkcIYquwH4RzFARLlYFf6qits1e7RwEPL4FYWpmoipZJuscb+w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jacobs-university.de; dmarc=pass action=none header.from=jacobs-university.de; dkim=pass header.d=jacobs-university.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jacobsuniversity.onmicrosoft.com; s=selector2-jacobsuniversity-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=oMy5AEFcOEwosSGOpRa7MGZ14TLlKjv5wUquIdjbAYs=; b=IdtKVfRBzzPReszgCPz6iveTt6jhUMGXRDyzQWcN1MaM+MoggHXFUmyfAEPbTy/vFbrOSygLTLZ47drQEHua9SibCfeNEBIJA3m98sRpjPVIF0mPY4Evjy1Dyc+I6x6FCsCoAZqZBgCsg6EuVv+Ttz4hhVFtR1VAmZz6bMk2iwI=
Authentication-Results: dmarc.ietf.org; dkim=none (message not signed) header.d=none;dmarc.ietf.org; dmarc=none action=none header.from=jacobs-university.de;
Received: from AM0P190MB0641.EURP190.PROD.OUTLOOK.COM (2603:10a6:208:194::23) by AM9P190MB1186.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:263::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.20; Wed, 26 May 2021 11:44:09 +0000
Received: from AM0P190MB0641.EURP190.PROD.OUTLOOK.COM ([fe80::fd93:9b33:ac92:ea58]) by AM0P190MB0641.EURP190.PROD.OUTLOOK.COM ([fe80::fd93:9b33:ac92:ea58%8]) with mapi id 15.20.4173.021; Wed, 26 May 2021 11:44:09 +0000
Date: Wed, 26 May 2021 13:44:05 +0200
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: Balázs Lengyel <balazs.lengyel=40ericsson.com@dmarc.ietf.org>
Cc: "'netmod@ietf.org'" <netmod@ietf.org>
Message-ID: <20210526114405.pmddlhymwq4ygmvt@anna.jacobs.jacobs-university.de>
Reply-To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
Mail-Followup-To: Balázs Lengyel <balazs.lengyel=40ericsson.com@dmarc.ietf.org>, "'netmod@ietf.org'" <netmod@ietf.org>
References: <AM8PR07MB8230C7C05FA2FDB5475234A2F0249@AM8PR07MB8230.eurprd07.prod.outlook.com>
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <AM8PR07MB8230C7C05FA2FDB5475234A2F0249@AM8PR07MB8230.eurprd07.prod.outlook.com>
X-Originating-IP: [212.201.44.244]
X-ClientProxiedBy: FR3P281CA0063.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:4b::13) To AM0P190MB0641.EURP190.PROD.OUTLOOK.COM (2603:10a6:208:194::23)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from localhost (212.201.44.244) by FR3P281CA0063.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:4b::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.11 via Frontend Transport; Wed, 26 May 2021 11:44:09 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: bc353f0d-29cb-4519-3c4b-08d9203b934a
X-MS-TrafficTypeDiagnostic: AM9P190MB1186:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: <AM9P190MB1186FEF5E131961E14F603A0DE249@AM9P190MB1186.EURP190.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:8882;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: IS7vzIIyGo3i1IXrMeVFoeoucnpUHF132+ufUFBVogo+y9OkR8jvrOou0gmHnF0c0e3avAmn9XdFdMTtPZy6zd1SWumEee//UkrYmAPKQui9SVStxAIZ/MsDDsQ9789F16+QEB4yiAPRZR8uzYgWF78pq2k72zYQLnh2ucBwtNg3r38A2I2zIA8gY/aDwCGxVTgiuYjq/2SrrpToREqfmzbGFKUZqu6xb1cHibd2WzlQPEGWVugs6ACc2O/j3YUez3XHIRuhC49vCoDjuZxpxzxrEF258bEvHn2K6Cz+/OxjW9uXgUecF7eEnJhFc0vO3kQgkxMGxc63+HPsTJv92Z3WP1LXc/QmctCbJqMcbrlCKmWItvocetdxJyslYKBXWrvIcZ7hKXH4QYIsBDryco5qYisMAs9xzjpTbp10P/YpksRzp0CmLJWJb0X/bCF6sLhxp8KITN1DCuTzdBzsqnurIfHCBTpnSMA3BWBuodBx1wjFxgSl9mjIzVaNYFi77p9VLEwqEDAhaADJQSli2GpPH+rmqhd0jkumPsg7jZUvmxJjCiHP4mDybLD/pCrqESTiqVx04Ix8TukjfUl2Gf6v0ZytJYutftsu+EV2mYCMK2xlEPAh+L1o/VgxGoTvpVRVfskSmtFyU93KW1zQCyGI9DQmlxSSHb7gQjpI7zLv1LpumW/umwQw4qiFUo84ZPjPJKpikJ8Hnoq6HQPOKag5gM3CmqrbIwr6Rx2fIJS9B9Q74dwkigtcqnVfdGhrNei6ijI+Q4/vfpxiEk7zhA==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0P190MB0641.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(346002)(136003)(396003)(376002)(39840400004)(366004)(16526019)(316002)(786003)(186003)(66946007)(66476007)(26005)(3450700001)(8936002)(1076003)(66556008)(2906002)(956004)(4326008)(6496006)(5660300002)(8676002)(38350700002)(52116002)(38100700002)(6486002)(86362001)(6666004)(83380400001)(966005)(478600001)(66574015); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: Piwt05WzomfgY9MA4hBvdX1jPjNkEkgZepkJajNedYvpjpQ9v6iW4zBWi9hEqhZh597oo4tmuTAJypGHAmYqKmFqsfl0v7biBqvpGPY8S538GAOSzQ3AsQfQe71SU97ul4iLSF6HGfVlObEyv20fRq/hkCcOHIR6NtkJvRF0FKmNEtjurst4uBq9oAKtjgzjbHBEsBg5EQ0ywP9ILF1y3+veBERDO6so+VenN8MbvUQEWIvWCoGBI6vgWnuIViSdi81PDhduTeclD724ToYBX1j0V5+JUA77hIFmZkGpXD6ODh96yBFg8czPy3v6pQCr3M3nhsyEUTrEpPkH+moYV7EEIzEGWYFFCaLLj6Bv+B3qTXB3h7Hcy69hX2LOleLDIfHHEVnxfgmZ1GfF6/dif5TMCJ3OxXEytcH5pRYQ8diKWJb5aa67RPhixG0c3SNTpn1brpZkfX3TaCcVXVCJrgoCLwDDrB+5JUQVUwuGbfT+e+/8jtW6iqySlqamDRCEoXJeMSPzbZeMUUge4A/E/ZINoQV8hNtn5iV+fsdCjiRZmLA7uckqOj6g4K3fC/637FnGS/7+ZBZwkjbiu2EB3oS7gcEzeIMtuQcdczH2IRKIu7t7FsqaPs1EEGD3AU6rrsTau1q1dT6En8kCuY9qufKi0N+w2Bp5Xj72xTyOd6RmVunrbtPRkoo2Xm+FuLtOiTEV7hBuGWLP7TpqkewDrncG8KUieeH43Ov585rnYR+fufRoTHCCIoq8sMBMDc/JJ9YgOqvZBzAy4zTpKYRv1Paf+vp1Z/q6fC2k65gxxiSemr8M3TDhfGltqxaumK6lw4ukncxHYRPQfZNzPosHCvM0IlJsoaEr9Mn6F6jnzmRX9ljXWamg6If5p0OkobRpaXD1uCI2gUyhWXSiQudvHadTLEOYQkr4q9gKEAYkW9JqrgWUqh3sgoDyqPOz1zbOfqinyFOchXU4gY3YcWRqJSo0tkAZlryTGizgocePfqal7/lvOKQ4vzCD+MEaMfQNulaAFFLe16VqmMpy5P6rR8hpbLAjSkm2A4w+IQ0DyaGSojiIdMdBsJtoNC1wdvBufs4QbFQYV20J+rn6v0ERkh8T4vvYY9fC9rvcJV3A1UQErjCMXHjvv2fWN5CaYO642WQnr7JxJoceyJScoLJGjDaA6JUP2b0FfwxZ2AV+0r5RmvkuGQsk4RG47R2d3DSD9smTw4qTazDEJ+dI88HtWz7P2MypHkOsasQofxJTxhsM8mxZHGev5XS/IZ4Io6apnh/bbDSKsSeRLpEgE0zLlE7hwy80QE4EG/5QOCiH9gWfi1Fq+zefTZbWU8UmImsl
X-OriginatorOrg: jacobs-university.de
X-MS-Exchange-CrossTenant-Network-Message-Id: bc353f0d-29cb-4519-3c4b-08d9203b934a
X-MS-Exchange-CrossTenant-AuthSource: AM0P190MB0641.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 May 2021 11:44:09.7404 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: f78e973e-5c0b-4ab8-bbd7-9887c95a8ebd
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 1S4kUVC6Pagt/rJyOx6FzkcXTsAbOruuFMUevJ9wRqG6Cynug/zswxMbfcOCdWFJrrBcByM6DvtAa4TVLpqk2plfmxEpPvPkePafJ4c+xnc=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9P190MB1186
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/kIO_qwJ-_70PfQfkJANbbyMI35E>
Subject: Re: [netmod] GDPR and private data
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 May 2021 11:44:20 -0000
GDPR uses the term 'personal data' and I assume for many leafs in a
data model the answer whether a leaf is 'personal data' is not simple
to answer given that also data items belong to 'personal data' if they
combined with other information can identify a natural person.
For example, is an IPv6 prefix 'personal data'? Well, it depends...
‘personal data’ means any information relating to an identified or
identifiable natural person (‘data subject’); an identifiable
natural person is one who can be identified, directly or indirectly,
in particular by reference to an identifier such as a name, an
identification number, location data, an online identifier or to one
or more factors specific to the physical, physiological, genetic,
mental, economic, cultural or social identity of that natural
person;
Another possible question is whether the act of tagging (or not
tagging) leafs in a data model has a legal liability component at the
if the processing of data depends on such tags. Well, that surely
depends on what the presence of such a tag implies, does such a tag
control access to data on a NC/RC server (nacm:default-deny-all), does
it control storage of data outside a NC/RC server, does it control
processing of data outside a NC/RC server?
What you need I think are context (deployment) specific tags, static
data model tags likely only work for the (obvious) trivial cases and
may mislead people to be GDPR compliant while they are not.
/js
On Wed, May 26, 2021 at 09:49:32AM +0000, Balázs Lengyel wrote:
> Hello,
>
> Netconf/Restconf can transfer a lot of data. Some of this data can be
> personal/private like end-user names, personal phone records, street
> addresses. Is there a way to marks such data as private? I am thinking about
> something like putting a YANG extension in the data models:
>
>
>
> extension private-data {
>
> description
>
> "Indicates that a leaf or leaf-list contains private data.
>
> argument privacy-type;
>
> }
>
>
>
> Is there any standard solution for this or any proposal ? In the world of
> GDPR we should be thinking about this.
>
>
>
> Regards Balazs
>
>
>
> --
>
> Balazs Lengyel Senior Specialist
> Ericsson Hungary Ltd.
>
> Mobile: +36-70-330-7909 email: Balazs.Lengyel@ericsson.com
>
>
>
> _______________________________________________
> netmod mailing list
> netmod@ietf.org
> https://www.ietf.org/mailman/listinfo/netmod
--
Juergen Schoenwaelder Jacobs University Bremen gGmbH
Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany
Fax: +49 421 200 3103 <https://www.jacobs-university.de/>
- [netmod] GDPR and private data Balázs Lengyel
- Re: [netmod] GDPR and private data Carsten Bormann
- Re: [netmod] GDPR and private data Balázs Lengyel
- Re: [netmod] GDPR and private data Juergen Schoenwaelder
- Re: [netmod] GDPR and private data Robert Varga