Hello,
At 08:52 03-02-2015, IETF Administrative Director wrote:
The IAOC would like community input on a proposed IETF websites
Privacy Policy.
We are required by California law (and good net citizenship) to have
an accurate
privacy policy on our websites. Counsel have reviewed this
statement for compliance
with US and EU privacy regulations.
[snip]
The IAOC will consider all comments received by 17 February 2015.
Apologies for the late response.
The proposed privacy policy for the IETF web site is four
pages. Most people probably won't read beyond "the Internet
Engineering Task Force (IETF) is committed to protecting
the privacy and security of the personal information of our
participants and of visitors to our site".
What is the meaning of the following:
"You also consent to our using the information to communicate with
you further
about your interaction with the site, programs, and services, hat
IETF may offer
to you, and your relationship with IETF."
"If you provide personal data through this site, you acknowledge
and agree that
such personal data may be transferred from your current location
to the offices
and servers of the IETF and its affiliates, agents, and service
providers located
in the United States and in other countries."
In simple terms the person is agreeing to his/her personal data to be
transferred anywhere in the world and to (unknown) affiliates of the IETF.
"When you interact with the site, we strive to make your experience easy and
meaningful. We may use cookies and other means to track user activity and
collect site data."
The above text about cookies sounds like marketing. I suggest
explaining that the IETF uses cookies for purposes X, Y, etc and list
some information about the cookies for the technically-inclined.
"We offer specific opt-in and opt-out options so if you do not
wish to receive
such mailings, please inform the IETF by email, phone, or postal
mail directed
to the contact information provided at"
Doesn't the IETF use "opt-in" by default?
Regards,
S. Moonesamy