This entire thread is perfectly illustrative of why the IETF needs a
privacy policy. Without one, it is entirely unclear how the data
collected about IETF participants is used, disclosed and protected,
whether that data is part of an experiment or not. While the
supplemental information about the RFID tagging experiment (http://www.ietf.org/meeting/76/ebluesheet.html
) is helpful, it is not complete (for example, how long the RFID-
captured data is stored in electronic form is not disclosed), and
nothing equivalent exists (to my knowledge) for other kinds of data
about IETF participants, like registration data.
In our protocol development work, many of us try very hard to design
privacy and security features in from the outset, whether we're
designing a highly experimental prototype or a core protocol. The same
should be true for the design of data collection mechanisms and
practices associated with IETF meetings.
Alissa
_______________________________________________
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf