Hm, I confess that I searched the text of the draft for the word “privacy” and jumped to conclusions upon seeing no matches. Probably a good idea to work it in for impatient folk like me.
I would expand that section to point out that since the IMEI survives device wipes and changes of possession, it shouldn’t be assumed to identify a person. And I really wouldn’t ever expose an IMEI at the application level, but maybe it’s appropriate at the level this draft is addressing. We had endless nightmares, not only because of the wipe-survival, but because app code would try to run on a device that didn't have an IMEI and crash, and so on. -T On Fri, Jul 19, 2013 at 3:53 PM, Andrew Allen <aal...@blackberry.com> wrote: > > Tim > > Do you not think that the text in the security considerations section:: > > "because IMEIs can be loosely correlated to a user, they need to be > treated as any other personally identifiable information. In particular, > the IMEI URN MUST NOT be included in messages intended to convey any level > of anonymity" > > covers the privacy issue? > > If not what is the additional privacy concern? > > Andrew > > *From*: Tim Bray [mailto:tb...@textuality.com] > *Sent*: Friday, July 19, 2013 12:07 PM Central Standard Time > *To*: S Moonesamy <sm+i...@elandsys.com> > *Cc*: IETF-Discussion Discussion <ietf@ietf.org> > *Subject*: Re: Last call: draft-montemurro-gsma-imei-urn-16.txt > > On Fri, Jul 19, 2013 at 9:52 AM, S Moonesamy <sm+i...@elandsys.com>wrote: > >> >> It would be easier to have the draft discuss the GSMA URN only. The >> alternative is to have the draft discuss the privacy considerations of >> using IMEI and IMEISV. >> > > Good catch. Assuming this is a good idea (I’m dubious) it would be > completely unacceptable to register it without a discussion of privacy > implications. -T > > >> >> Regards, >> S. Moonesamy >> > > --------------------------------------------------------------------- > This transmission (including any attachments) may contain confidential > information, privileged material (including material protected by the > solicitor-client or other applicable privileges), or constitute non-public > information. Any use of this information by anyone other than the intended > recipient is prohibited. If you have received this transmission in error, > please immediately reply to the sender and delete this information from > your system. Use, dissemination, distribution, or reproduction of this > transmission by unintended recipients is not authorized and may be > unlawful. >
