Hi Stephen,
At 03:11 PM 27-09-2019, Stephen Farrell wrote:
Yes, tracking what and when becomes possible.
I'm also unhappy with that. Is there no way to ensure
that addresses and geolocated regions are sufficiently
aggregated so as to not identify individuals?
/16's and countries are not sufficient for all IETFers.
I'm sure someone who reads this list would have a fair
chance at (re-)identifying various individuals based
on time, /16 or /48, and URL.
It is technically possible to identify a person or a small set of
persons even if the IPv4 addresses are aggregated by /14. I suggest
stepping back a little. The technical solution is being used to
drive the policy statement. Would it be better to do the reverse to
figure out what is feasible [1]? That would entail flushing out the
policy statement to get a sense of what information IESG members
[2][3] would find useful. The data processor could then use a
"custom dimension" to decrease the probability of identification of
that small set of persons.
Regards,
S. Moonesamy
1. Please see the P.S. in your email
2. One of the issues is that web analytics usually use the IP
addresses to aggregate by country. Does an IESG member need to know
whether Country X has expressed an interest in, for example, the IESG
history of appeals?
3. Does an IETF LLC Director need to know who is reading the monthly
financial statements?
