Hiya, On 27/09/2019 22:39, S Moonesamy wrote: > Hi Roman, > At 04:59 AM 26-09-2019, Roman Danyliw wrote: >> This note provides an update on the web analytics for www.ietf.org >> project. In response to the initial proposal [1], the community >> provided a variety of helpful feedback [2]. The IESG and IETF Tools >> Team reviewed this community feedback and revised the proposal. The >> more significant revisions included an explanation of the current >> analytics systems and associated practices; clarifying the scope and >> enumerating the explicit use cases; identifying the link between the >> collected data and the uses cases; and more clearly stating the >> privacy and security issues and their associated mitigations. > > Thank you for the sharing the next steps. I could not find any > mitigation for the issue mentioned on Page 5 (geolocation of IP > addresses). I unfortunately has to raise a concern about this > IESG-endorsed tracking plan as I am not comfortable about having someone > else within the IETF tracking what I read on the IETF web site. Yes, tracking what and when becomes possible. I'm also unhappy with that. Is there no way to ensure that addresses and geolocated regions are sufficiently aggregated so as to not identify individuals? /16's and countries are not sufficient for all IETFers. I'm sure someone who reads this list would have a fair chance at (re-)identifying various individuals based on time, /16 or /48, and URL. Cheers, S. PS: I partly ask in the hope we can provide a good example of how a little more effort can help a lot. > > Regards, > S. Moonesamy >
Attachment:
0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
Attachment:
signature.asc
Description: OpenPGP digital signature
