Hi Alissa,
At 08:04 01-09-2009, Alissa Cooper wrote:
This entire thread is perfectly illustrative of why the IETF needs a
privacy policy. Without one, it is entirely unclear how the data
collected about IETF participants is used, disclosed and protected,
whether that data is part of an experiment or not. While the
supplemental information about the RFID tagging experiment
(http://www.ietf.org/meeting/76/ebluesheet.html ) is helpful, it is
not complete (for example, how long the RFID- captured data is
stored in electronic form is not disclosed), and
nothing equivalent exists (to my knowledge) for other kinds of data
about IETF participants, like registration data.
From the above webpage:
- The data will be printed and archived along with the paper blue sheets
- The data will NOT be distributed to anyone other than the IAOC, IAD,
the Secretariat and the host team that is organizing and supporting
this experiment
- The data will be available for use if subpoenaed
It summarizes the use of the data after the meeting. There is
already a retention policy document and it may contain the answer to
your question.
I don't have any concerns about this experiment.
In our protocol development work, many of us try very hard to design
privacy and security features in from the outset, whether we're
designing a highly experimental prototype or a core protocol. The same
should be true for the design of data collection mechanisms and
practices associated with IETF meetings.
You asked a similar question about a privacy policy a few weeks
ago. As we talking about IETF meetings, the question can be viewed
from a different angle. One of the goals of the Internet Standards
Process is openness and fairness. Participation in the IETF is open,
i.e. anyone can join in. We can already find out who are the
"contributors" in a Working Group as there are open discussions on
the relevant mailing list and there is a publicly accessible archive
of the discussions. The Working Group sessions (at a meeting) are
not that different.
Everything a person says in a Working Group session is not
private. For the process to be transparent, the list of individuals
that are there also should not be considered as private. In
practice, the IETF offers you a some leeway. Nobody will coerce you
to sign the attendance list. If you are going to the mic, you do
have to identify yourself. If you have any other concerns, please
read the messages posted by Doug Ewell and Tony Hain on this thread
on how to restrict what information is collected about you.
A list of session attendees is useful for:
(a) capacity planning (size of the meeting room to accommodate the
number of participants)
(b) catering
(c) session scheduling
(d) cross-area participation
The Area Directors and Working Group Chairs might have a rough idea
about item (d). The IETF can gain a better view of (d) if the
information is collected in electronic form.
I'll comment on Steve Crocker's questions:
(i) Do we need access controls on the information?
If the electronic process mimics existing practices, it is easier to
publish the information. That is already done for the meeting
attendees list. Note that this model may not be appropriate for
other organizations.
(ii) Do we need an ability to edit information that's been collected
if it's inaccurate?
The meeting registration form has a field for the "Name to appear on
badge". That can be used throughout the meeting. The Working Group
attendance collected during the session can be verified by the
participants in the room. Set up a procedure where they can contact
the IETF Secretariat to correct any errors they find.
(iii) Do we need more flexibility in the information stored in the
record, e.g. a distinct email address for each working group?
Some people prefer not to provide an email address (see bluesheet
"spam" discussions over the last few years). Some people may be
using a distinct email address for each working group for ease of
sorting or filtering. Provide the ability for the participant to
edit the email address. It is better not to publish these email
addresses to avoid rehashing the "spam" discussions.
At 07:10 01-09-2009, Dave CROCKER wrote:
An important datum in human studies is how humans react to
things. Taking such
a dismissive stance towards reactions to the RFID announcement ensures missing
important information about acceptability to the target population.
Agreed. It is useful to know how many participants opted out of the
experiment and why they did so. For example, was it because there
was a misunderstanding about how the experiment works or what
information is collected? It is better to address this informally
instead of having a form asking the person why they are opting out.
I avoided the question of proximity tracking and the time the
participant spends in a session as my comments on items (i) to (iii)
would be different then.
Regards,
-sm
_______________________________________________
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf