In general, I think removing personal information from server logs is something to get involved in. How are you thinking of working with them?
.hc David Oliver: > Would we have any interest in standards-related discussion relative to > server log data anonymization? See below for some new work starting up on > this topic in IETF. > > Dave > > David M. Oliver | david@g <[email protected]>uardianproject.info | > http://g <http://olivercoady.com>uardianproject.info | @davidmoliver | +1 > 970 368 2366 > > > ---------- Forwarded message --------- > From: Shivan Kaul Sahib <[email protected]> > Date: Mon, Nov 4, 2019 at 5:57 PM > Subject: [Pearg] Fwd: New Version Notification for draft-rao-pitfol-00.txt > To: <[email protected]> > Cc: <[email protected]>, <[email protected]> > > > Hi all, > > Sandeep Rao from Grab, Ryan Guest from Salesforce and I have been > discussing log data classification shortly after Ryan's presentation on log > data privacy at the IETF 104 PEARG meeting. This draft is a first attempt > at exploring ways in which applications can tag log fields as containing > personal information for further anonymization/processing. > > Sandeep will be presenting this draft at the upcoming IETF Singapore PEARG > meeting. > > ---------- Forwarded message --------- > From: <[email protected]> > Date: Mon, Nov 4, 2019 at 2:44 PM > Subject: New Version Notification for draft-rao-pitfol-00.txt > To: Ryan Guest <[email protected]>, Sandeep Rao < > [email protected]>, Shivan Sahib <[email protected]> > > > > A new version of I-D, draft-rao-pitfol-00.txt > has been successfully submitted by Shivan Sahib and posted to the > IETF repository. > > Name: draft-rao-pitfol > Revision: 00 > Title: Personal Information Tagging for Logs (PITFoL) > Document date: 2019-11-04 > Group: Individual Submission > Pages: 6 > URL: https://www.ietf.org/internet-drafts/draft-rao-pitfol-00.txt > Status: https://datatracker.ietf.org/doc/draft-rao-pitfol/ > Htmlized: https://tools.ietf.org/html/draft-rao-pitfol-00 > Htmlized: https://datatracker.ietf.org/doc/html/draft-rao-pitfol > > > Abstract: > Software applications typically generate a large amount of log data > in the course of their operation in order to help with monitoring, > troubleshooting, etc. However, like all data generated and operated > upon by software systems, logs can contain information sensitive to > users. Personal data identification and anonymization in logs is > thus crucial to ensure that no personal data is being inadvertently > logged and retained which would make the logging application run > afoul of laws around storing private information. This document > focuses on exploring mechanisms to specify personal or sensitive data > in logs, to enable any server collecting, processing or analyzing > logs to identify personal data and thereafter, potentially enforce > any redaction. > > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > > > _______________________________________________ > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > To unsubscribe, email: [email protected] > -- PGP fingerprint: EE66 20C7 136B 0D2C 456C 0A4D E9E2 8DEA 00AA 5556 https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556 _______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
