Some comments: - "Parties" is a horribly legalistic term (esp. given that the IETF isn't a legal thing really), I'd much prefer less legalistic terms be used - "home address" huh? How do you know where people live? I think you mean any address supplied, but then in fact we don't make that public that I recall - what's up there? - "mailing list managed by the Parties" some WG lists are not thusly managed still, are all bets off for those? I've also managed some lists (e.g. TPC lists for IAB workshops) that'd not clearly fit under here but maybe should. - "We do not make such information available to the public." huh? Shouldn't we be saying something to the effect that we'll not share that with anyone unless we're forced to? (Including CF in "forced" as far as that applies.) Ah, you do say that later, maybe try a forward reference or align these better. - "flash cookies, local storage" should be examples as they'll be (or already are) outmoded (e.g indexeddb is the new local storage or was last I looked;-) - "not intended for use by children under 13" - we don't care, why not say that instead of trying to avoid some non-existent liability (which is how it looks) - maybe s/intended for/aimed at/ would be better? (The rest of the para is fine) - compliance - can we have a warrant canary? If not, why not? I think I asked about this before (not 100% sure if that was public or just chatting with someone) - I'm also quite surprised there's nothing that has to be said about CF here - does that mean that they do not engage in anything that'd violate this practice with data/traffic related to IETFers? (I may also have asked about that too:-) Thanks, S. On 23/02/17 23:27, IETF Administrative Director wrote: > The IAOC would like community input on a proposed IETF Statement > Concerning Personal Data. > > The policy discusses the following: > 1. General – Most Personal Data Submitted to the Parties Will Become Public > 2. You Consent to International Transmission of Your Data > 3. Exceptions – Information That We Do Not Release to the Public > 4. Security > 5. Children > 6. Inquiries > 7. Compliance > 8. Other Organizations > 9. Links to other sites. > 10. Consent > > The proposed Privacy Policy is located here: > https://iaoc.ietf.org/documents/Privacy-Statement-23Feb17.htm > > The previous policy was posted for community review on 24 February > 2016. This new version reflects input received during that community > review and a diff file reflecting the changes since that version is > located here: > > https://iaoc.ietf.org/documents/Diff-Privacy-2016-02-24-02-Privacy-23Feb17.pdf > > The IAOC will consider all comments received by 9 March 2017. > > Ray Pelletier > IETF Administrative Director > >
Attachment:
signature.asc
Description: OpenPGP digital signature