On 2/19/07, Rahul Sundaram <sundaram@xxxxxxxxxxxxxxxxx> wrote:
Mike McGrath wrote: > I've created a first draft of the smolt Privacy Policy. Please note: It > is not a legal document, it's the Infrastructures policy of how we'll be > protecting the information. Instead of having privacy policies per program, it would probably be better to vet the project wide policy drafted at http://fedoraproject.org/wiki/Legal/PrivacyPolicy through the legal team. It has been sitting there for a while now.
I get the sense that you're talking about a privacy policy, Rahul, and maybe Mike is talking more about a privacy architecture or privacy strategy? Just from reading the two documents, it seems they have some overlapping text and goals but are mostly operating at two different levels. Mike, would it make sense to retitle your doc as a privacy strategy or privacy implementation doc, whose goal is to explain how smolt will implement the project privacy policy Rahul pointed at? Calling it a privacy policy seems a little confusing, esp. if there is already a project privacy policy. Making this distinction might also (1) reduce the need for lawyers, who can hopefully focus on validating the requirements in the policy doc, rather than validating the implementation details in smolt (2) help provide a practical test for the overall privacy policy- if there are goals you're setting in the smolt doc, or questions the smolt doc raises, which aren't in the overall policy, this might be a good way to shake those out and get them into the bigger/broader doc. Just a thought- Luis _______________________________________________ fedora-advisory-board mailing list fedora-advisory-board@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-advisory-board
