RE: Proposed IETF Privacy Policy for Review

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Ray,

While you talk about non-public mailing lists and give some examples, I think you need to consider other interactions:
- Direct mails to non-list IETF addresses
   - If I email nomcom-chair@xxxxxxxx or chair@xxxxxxxx etc. is my email private?
     Is that data retained within the IETF? If so, how is it held?
- RFC 7776 requires some retention of data in a confidential way (although
   the ombudsteam still needs to document the details)
- There is the usual stuff about contracts and commercial sensitivity. While that
   might not fit in "things you submit to the IETF" it is surely part of the data 
   retention and confidentiality information
- Registration requires or requests us to submit a number of things that are not
   part of the payment system and are (presumably) held on IETF servers. This 
   includes addresses and phone numbers (that may be personal contact
   details), dietary preference (that may be an indication of religion), and 
  information that may be an indication of gender or other personal characteristics
  (T-shirt size/type, gender) . Your draft text appears to say that this is public
  information: I do not think it should be.

Thanks,
Adrian

> -----Original Message-----
> From: IETF-Announce [mailto:ietf-announce-bounces@xxxxxxxx] On Behalf Of
> IETF Administrative Director
> Sent: 16 March 2016 17:03
> To: IETF Announcement List
> Subject: Proposed IETF Privacy Policy for Review
> 
> The IAOC would like community input on a proposed IETF Privacy Policy.
> 
> We are required by California law (and good net citizenship) to have
> an accurate privacy policy on our websites.  Counsel have reviewed
> this statement for compliance with US and EU privacy regulations.
> 
> The policy discusses the following:
>   1.  General – Most Personal Data Submitted to IETF Will Become Public
>   2.  You Consent to International Transmission of Your Data
>   3.  Exceptions – Information That We Do Not Release to the Public
>   4.  Security
>   5.  Children
>   6.  Inquiries
>   7.  Compliance
>   8.  Other Organizations
>   9.  Consent
> 
> The proposed Privacy Policy is located here:
> http://iaoc.ietf.org/documents/IETF-General-Privacy-Statement-2016-02-24-
> 02.htm
> 
> The IAOC will consider all comments received by 31 March 2016.
> 
> Ray Pelletier
> IETF Administrative Director
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]