Re: Proposed IETF Privacy Policy for Review

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Scott,

I agree with the other comments made and echo folks' thanks
for putting this out to review and for being willing to
iterate on it.

In addition:

- Was the concept of a warrant canary [1] or transparency
report [2] considered? Those are good things (tm) and it'd
be good for the IETF to be part of the leading edge on such
things I think. So I'd recommend that we do some such thing
in addition to this.

   [1] https://en.wikipedia.org/wiki/Warrant_canary
   [2] https://en.wikipedia.org/wiki/Transparency_report

- "disclosure of your Personal Data to third parties" I want
to strongly re-iterate that selling (or so-called "monetizing")
IETF participant data is something that should be anathema to
us (and the partners we choose) and I'd hope that the strongest
possible wording is used to say we won't be doing that. If any
current or future partner would have an issue with that, then I
think that needs to be disclosed to all IETF participants, so
it'd be good if this policy said that a public announcement is
required if any partner or service provider is (ab)using our
data in any such manner.

I'd also suggest that whoever is working on the next iteration
of this in response to comments would be wise to pass the text
by some of the folks who've commented in this thread. I think
there are likely some wording nits that might be better fixed
in that way before the next revision is sent to ietf-announce.

Cheers,
S.

<<attachment: smime.p7s>>


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]