Hi Hannes,
At 08:17 03-09-2012, Hannes Tschofenig wrote:
There are more documents that exist making this statement.
Yes.
In the technical community there is no need to convince anyone that
an IP address can be used to indirectly identify a person (typically
through various database resolution steps).
Agreed.
The idea is also to show two different viewpoints, i.e. the technical
side and the non-technical side.
As such, I don't think there is a need to cite anything here.
Ok.
Interesting. I thought that this is already fairly good.
I would rate it as good as I don't see any other way.
The typical reader of an IETF draft is certainly not an average
person. In fact it is probably a good thing that they do not read them...
:-)
Well. You can hide your IP address to a certain text. What gets
hidden with the IP address depends whether you use systems like Tor,
VPNs, NATs, IPv4 / IPv6, etc.
See my comment to Robin Wilton.
You may not ask "Do you want to reveal your IP address? YES / NO".
However, what a user may want to do is to get a software it has
confidence in that it preserves a certain degree of anonymity. They
may, for example, download Tor (or a similar software from other groups).
There is a somewhat related message about a question asked to a user
at
http://lists.w3.org/Archives/Public/public-tracking/2012Jul/0152.html
Which question to ask is a question in itself.
Then, these software developers should still be given the option to
provide those users who care about their privacy to set the options
correctly so that they get what they want (potentially with an
impact on the service quality).
That gets us into an "inevitable choice" discussion. One of general
design questions is about considering performance and cost as well as
functionality. If the difference in service quality is negligible,
I'd say that it is a 50/50 choice. If the difference is noticeable,
I'd pick the 50/50 choice too as nothing comes for free. If service
quality is like degraded mode the software developer does not have to
worry too much about privacy being part of the design. It has been
argued that there is no such thing as a value-neutral
design. Decisions, whether it is about security or anything else,
injects a bias into the equation.
I don't think that we are questioning the Internet architecture as such.
For example, with onion routing you essentially have various forms
of trusted intermediaries. With IPv6 and with MAC address generated
interface identifiers you have a much stronger form of
re-identification in IETF protocols than you had before and so it is
OK to think about the privacy implications.
Ok.
That's true. The idea is that the open standardization process in
the IETF leads to technologies that exercise data minimization
because different stakeholder with different interests participate
in the standardization activity and therefore avoid excessive and
unnecessary sharing of data. This of course assumes that there is
some understanding of what privacy is and what goals we may want to accomplish.
The above looks at this from a different angle. I am not disagreeing
by the way. The wall is the asymmetry of power. We can go around
that wall with a process where the various interests work together on
finding a balance. We could also move that wall around, or rather,
move the boundaries so that the problem can be less complex.
Definitely. The contextual nature makes it very difficult for
certain protocols to make a clear cut. Then, there are other ways to
deal with this situation - as we had been trying to do in Geopriv
with user preference indications.
There has been some nice work coming out of Geopriv.
Many of the privacy laws a build on the basis that someone is able
to make that decision - either it is the end user or someone on his
/ her behalf. Think about children. Typically, you would assume that
their parents make that decision. Then, in many cases we (you and
me) also use tools to outsource some of the decision making and to
delegate it to people we trust. For example, if you download
Ghostery or Adblocker for usage with your browser you decide to rely
on specific companies to decide what to block and what not.
Privacy laws vary, i.e. it depends on the culture of the region. In
some regions it is left to the individual to make the decision. In
some regions society is viewed as having a responsibility in helping
the individual make the decision. In some respect, it could be about
delegation of trust.
That's a good point. We had been discussing this issue while working
on the privacy considerations document and we said that we wouldn't
mandate anything (particularly since the enforcement would only come
through the community and through the IESG - not the IAB).
Particularly at the early phase of our work on the privacy
guidelines we weren't quite sure whether the level of privacy
understanding is actually mature enough.
Agreed.
However, some time has passed and the privacy guidelines document is
stable now. So, it might be interesting to hear what the community thinks.
Yes.
Regards,
S. Moonesamy
_______________________________________________
ietf-privacy mailing list
ietf-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-privacy