Re: [saag] "Privacy in IETF Protocols" at IETF83
Josh Howlett <Josh.Howlett@ja.net> Fri, 30 March 2012 08:26 UTC
Return-Path: <Josh.Howlett@ja.net>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B546B21F885D for <saag@ietfa.amsl.com>; Fri, 30 Mar 2012 01:26:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.399
X-Spam-Level:
X-Spam-Status: No, score=-101.399 tagged_above=-999 required=5 tests=[AWL=-1.214, BAYES_40=-0.185, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w5PTNMfK4-vR for <saag@ietfa.amsl.com>; Fri, 30 Mar 2012 01:26:50 -0700 (PDT)
Received: from egw001.ukerna.ac.uk (egw001.ukerna.ac.uk [194.82.140.74]) by ietfa.amsl.com (Postfix) with ESMTP id CAFC721F84F4 for <saag@ietf.org>; Fri, 30 Mar 2012 01:26:49 -0700 (PDT)
Received: from egw001.ukerna.ac.uk (localhost.localdomain [127.0.0.1]) by localhost (Email Security Appliance) with SMTP id 12B851A9AFEE_F756E47B; Fri, 30 Mar 2012 08:26:47 +0000 (GMT)
Received: from EXC001.atlas.ukerna.ac.uk (exc001.atlas.ukerna.ac.uk [193.62.83.37]) by egw001.ukerna.ac.uk (Sophos Email Appliance) with ESMTP id D7D081A9AFEB_F756E46F; Fri, 30 Mar 2012 08:26:46 +0000 (GMT)
Received: from EXC001.atlas.ukerna.ac.uk ([193.62.83.37]) by EXC001 ([193.62.83.37]) with mapi id 14.01.0355.002; Fri, 30 Mar 2012 09:26:46 +0100
From: Josh Howlett <Josh.Howlett@ja.net>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, Henry Story <henry.story@bblfish.net>
Thread-Topic: [saag] "Privacy in IETF Protocols" at IETF83
Thread-Index: AQHNDiS34c2W0PLk40y0j8LPtiZnhZaCU5QAgAA+kwA=
Date: Fri, 30 Mar 2012 08:26:46 +0000
Message-ID: <CB9B2FBB.5DA2C%josh.howlett@ja.net>
In-Reply-To: <2EA894F4-EC84-4BC4-BF73-26A0BEF6DE4D@gmx.net>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.14.0.111121
x-originating-ip: [194.82.140.76]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <A039747C19DBDF449E54DA67F6794043@ukerna.ac.uk>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "saag@ietf.org" <saag@ietf.org>
Subject: Re: [saag] "Privacy in IETF Protocols" at IETF83
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Mar 2012 08:26:50 -0000
Hi Hannes, I agree that this was a really great presentation. There were a couple of things that Ian didn't mention that might be of general interest: * The proposed Data Protection Regulation will apply to non-EU entities offering goods or services to EU-based customers. Such entities are also required to provide an equivalent level of protection to customers in other (non-EU) jurisdictions. * Entities found in breach of the proposed Regulation can be fined up to 2% of annual global turnover * The US government has recently proposed a Consumer Privacy Bill of Rights. One of my colleagues has compared this to the EU regulation; his analysis is at http://webmedia.company.ja.net/edlabblogs/regulatory-developments/2012/03/1 4/us-consumer-privacy-bill-of-rights. >The Internet Architecture Board (IAB) has spent some time thinking about >how to consider privacy in the design of Internet protocols. We tried to >take a structured approach to it. "Privacy by design" is an excellent idea, but the existing directive and proposed regulation are both sufficiently broad that any non-trivial protocol will impose legal obligations on users; there are no technical silver bullets and so we also need to develop smarter solutions at layer 9. Josh. Janet is a trading name of The JNT Association, a company limited by guarantee which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG
- [saag] "Privacy in IETF Protocols" at IETF83 Henry Story
- Re: [saag] "Privacy in IETF Protocols" at IETF83 Adam W. Montville
- Re: [saag] "Privacy in IETF Protocols" at IETF83 Hannes Tschofenig
- Re: [saag] "Privacy in IETF Protocols" at IETF83 Josh Howlett
- Re: [saag] "Privacy in IETF Protocols" at IETF83 Hannes Tschofenig