On 21/05/2019 16:17, Roman Danyliw wrote: > The IESG appreciates any input from the community on this proposal > and will consider all input received by June 4, 2019. More tracking;-( I don't think this is particularly harmful though and do accept that people are trying to do the right thing, but I'd argue to not bother with it myself. Assuming you do go ahead with it: - 13 months seems like a long time to keep logs. What will be in those logs? Why 13 months? - I don't understand what IP address anonymisation is planned. [1] has options, and doesn't explain what happens with IPv6. - I'd prefer if information was deleted as soon as possible, and it's not clear to me that that is the plan. - Do the IESG plan to evaluate the utility of this with the possibility to ditch it if it doesn't in fact tell us something useful? If so, when? How will you decide if it's worth keeping? - Will this new information be shared with anyone else (e.g. ISOC as allowed for in [2]). - Does this constitute tracking behaviour? The current privacy policy [2] says we don't do that. - To whom should I send my GDPR subject data access request? I guess privacy@xxxxxxxx is it? There's no rush in getting answers to the above btw. Thanks, S. [1] https://matomo.org/docs/privacy/#step-1-automatically-anonymize-visitor-ips [2] https://www.ietf.org/privacy-statement/ > > Regards, Roman (as the IESG Tools Liaison) > >
Attachment:
0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
Attachment:
signature.asc
Description: OpenPGP digital signature
