Hi all, > > 8. Privacy Considerations > > > > This note reveals no personally identifying information apart from > > its authorship. > > > > SB> This is true, but does spawn the question of whether privacy should > > be a meeting location selection criteria? > > Any actionable criterion that I can conceive of to address this would likely render > our already tiny set of acceptable locations to roughly zero. If you have a proposal > that would do otherwise, feel free to suggest it. In the spirit of Privacy Considerations for protocol specs we should not necessarily be looking to resolve all privacy concerns, but we should be looking to expose them so that participants can be aware of the risks and can mitigate them or choose to not participate. I would certainly agree that we are unlikely to find a nation stat that perfectly respects personal and online privacy, but that need not be the objective. Nor need it be a requirement that the IAOC report on the privacy of a venue when announcing it. On the other hand, I bet we would all agree that a venue that assigned a government official to accompany us at all times listening to our conversations and noting our sleeping habits would rule itself out. So there are lines :-) But what this section should say is something like... == Physical and remote participants at IETF meetings should be aware that privacy norms vary considerably from country to country. Participants with a concern for their personal or work-related privacy are advised to familiarise themselves with the privacy risks associated with a venue before attending. Concerns may include privacy of Internet communications, record of having travelled, and freedom of association. Some people may have particular concern for the privacy of information stored on electronic devices when they cross specific national borders. Participants are responsible for taking their own measures in mitigation. In general, the meeting selection process will not take privacy concerns into consideration and will not seek to report on them to the community for any chosen venue. However, it is expected that the selection process will exclude venues where privacy of attendees is known to be particularly at risk. Such exclusions might include (although not be limited to) venues where attendees cannot use VPNs or other security mechanisms to access their home networks and the Internet in general. == ...I'm not wedded to that - I only had 4 hours sleep :-) Adrian