Thanks Fred, The draft must include your questions, so that it can become a clear initial-BCP, or a clear plan draft. IMHO, the initial-BCP draft is not clear or not direct if it does not mention your questions, AB On 1/14/14, Fred Baker (fred) <fred@xxxxxxxxx> wrote: > > On Jan 13, 2014, at 11:28 AM, Stephen Farrell <stephen.farrell@xxxxxxxxx> > wrote: > >> It means >> that, if asked, there needs to be a good answer to the question "is >> pervasive monitoring relevant to this work and if so how has it been >> considered?" > > Just a thought - that might be a good question to add to the shepherd's > report. > > In that case, I might suggest a minor change, however. We discuss "Pervasive > monitoring" in a "big brother is watching" sense, and (at least in perpass) > concern ourselves with data that could have been hidden had encryption or > some other code used. I'll argue that, however dreadful Big Brother might > be, location-based services can be a lot scarier. > > http://online.wsj.com/news/articles/SB10001424052702303453004579290632128929194?mg=reno64-wsj&url=http%3A%2F%2Fonline.wsj.com%2Farticle%2FSB10001424052702303453004579290632128929194.html > > Data point: a lot of these operate without specific knowledge of an > individual, but can. For example, the article talks a lot about aggregating > information and providing it without identifying information. However, it > goes on to say that if someone logs into a service using, for example, a > Facebook identifier, they can remain identified to the system as they wander > around in it. The messages themselves contain no identifying information per > se, but they contain information that can be correlated back to that login. > And the login wasn't "data in flight", it was "creating state with a service > at rest". > > So the question in the shepherd's report should not be "tell me you thought > about the EU Data Retention Initiative and whether your protocol's data > identifies an individual". It should be "what personal, equipment, or > session identifiers, encrypted or otherwise, are carried in your protocol? > How might they be correlated with offline data or otherwise used to infer > the identity or behavior of an individual?" >