On 7/7/2010 8:46 AM, Marshall Eubanks wrote:
Having a privacy policy in place does two primary things IMO. It helps to inform and set policy and it gives others a metric to evaluate performance and a tool to improve performance. It also may have the useful effect of finding holes or inconsistencies in what we are doing, as it is reviewed and revised as technology and conditions change.
On its face, this line of thinking might appear to justify something that is explicitly toothless and, by implication, useless. In fact, there's plenty of precedence in the world for having formal clarity about a policy but without realistic enforcement power. A common example is non-disclosure agreements. Although they usually contain language that sounds like there is serious recourse, in practice there isn't. Rather, the document serves as an explicit statement of concerns and an acknowledgement by the signers that the concerns are understood. Frequently, just having the issues stated clearly and brought to a participant's attention is enough to get improved behavior. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf