Anonymity versus Pseudonymity (was Re: [87attendees] procedural question with remote participation)
Moving to ietf@ietf.org, since I think this is not in any way specific to Berlin. On 8/2/13 12:24, Olle E. Johansson wrote: In rtcweb we have remote participants that prefer anonymity for a number of reasons. I'm going to make a broad assumption that the "number of reasons" all relate to privacy. If that is incorrect, please weigh in. The question is how this is handled in regards to note well, when they want jabber scribes to relay opinions or proposals to the meeting. Just a note for the future. I think we should allow anonymous listeners, but should they really be allowed to participate? We had a previous conversation around pseudonyms, which I think concluded that pseudonyms are pretty much okay (and impossible to reliably detect anyway). Given this fact, someone can protect their identity through use of a consistent pseudonym. This has the property of developing a persona behind that pseudonym that the working group members can reasonably interact with. By contrast, attempting to participate in a truly anonymous fashion rather than participating with a pseudonym seems to have very little justification, with significant potential drawback for the working group. The privacy implications are pretty much identical, but it provides the illusion that one can act in a way that has no impact on a persona's reputation. IMHO, this is ripe for bad behavior, bad faith participation, and other abuses. Given the availability of pseudonymous participation, I don't think we need to tolerate anonymous participation. /a
Re: Anonymity versus Pseudonymity (was Re: [87attendees] procedural question with remote participation)
I'm completely against participating anonymously because of IPR issues. I'm mostly against pseudonymous participation for the same reason. I need to be able to know who I'm dealing with, in order to know if there are IPR issues that should be brought up.
Re: Anonymity versus Pseudonymity (was Re: [87attendees] procedural question with remote participation)
On 03/08/2013 00:13, Scott Brim wrote: > I'm completely against participating anonymously because of IPR issues. > I'm mostly against pseudonymous participation for the same reason. I > need to be able to know who I'm dealing with, in order to know if there > are IPR issues that should be brought up. More generally, there are other kinds of conflict of interest, not just intentional or accidental concealment of IPR, that can be hidden by anonymity or pseudonymity. It seems to me to be directly against the principles of open standards openly developed. Brian
Re: Anonymity versus Pseudonymity (was Re: [87attendees] procedural question with remote participation)
+1. On August 2, 2013 1:13:05 PM Scott Brim wrote: I'm completely against participating anonymously because of IPR issues. I'm mostly against pseudonymous participation for the same reason. I need to be able to know who I'm dealing with, in order to know if there are IPR issues that should be brought up.
Re: Anonymity versus Pseudonymity (was Re: [87attendees] procedural question with remote participation)
Hi Adam, I don't agree with you. I am a remote participant (2 years and never attended meetings) in the IETF organisation, do you think that IETF is fare in treating remote participants? I think the current IETF direction is in favor of attended-meeting participants, so IMHO one reason of some hidding their name is because the IETF still is not yet able to control wrong behaviour of participants who think they are well known. Thoes wrong behavior abuse peoples rights in IETF. If some are well known, the reason is because they got better opportunity in going to meetings, or that majority of participants are from two regions (North America+Europe). For me the IETF reputation is about 40% (evaluated by asking close friends that did not participate and including the way I was treated within 2 years), still needs more work to build its reputation (e.g. I think some old participants need guidance to IETF visions). For me participants' good reputation depend on their reactions: if I get a nice reply from them, or if they don't only respond to known people, or if they acknowledge efforts, or if they encourage other into IETF visions, or if they provide good ideas/inputs, or if they manage work/WG/IETF well, etc. In IETF volunteers' reputations SHOULD always be high and respected, but seems like the IETF give chance for abuse so its reputation makes some people prefer to be anonymous so they try to save their self reputation. We in IETF SHOULD not focus on people's reputation, we SHOULD focus on ideas, reasons, work-quality, documents/RFCs reputations and process-procedures reputations. We are here to document IETF reputation but not to document a person reputation or even his/her name. A person's name for me is only important when I want to refer to his/her review, draft, idea, etc. Don't forget that in procedure; any input into IETF is own also by IETF no matter what was the name given, so bad behaviour makes IETF reputation bad and then some people leave, or make anonymous names, or don't participate just listen. IMO, the majority of subscribers (in WGs) are listeners with zero participation. AB On 8/2/13, Adam Roach wrote: > Moving to ietf@ietf.org, since I think this is not in any way specific > to Berlin. > > > On 8/2/13 12:24, Olle E. Johansson wrote: >> In rtcweb we have remote participants that prefer anonymity for a number >> of reasons. > > I'm going to make a broad assumption that the "number of reasons" all > relate to privacy. If that is incorrect, please weigh in. > >> The question is how this is handled in regards to note well, when they >> want jabber scribes to relay opinions or proposals to the meeting. >> >> Just a note for the future. I think we should allow anonymous listeners, >> but should they really be allowed to participate? >> > > We had a previous conversation around pseudonyms, which I think > concluded that pseudonyms are pretty much okay (and impossible to > reliably detect anyway). > > Given this fact, someone can protect their identity through use of a > consistent pseudonym. This has the property of developing a persona > behind that pseudonym that the working group members can reasonably > interact with. > > By contrast, attempting to participate in a truly anonymous fashion > rather than participating with a pseudonym seems to have very little > justification, with significant potential drawback for the working > group. The privacy implications are pretty much identical, but it > provides the illusion that one can act in a way that has no impact on a > persona's reputation. IMHO, this is ripe for bad behavior, bad faith > participation, and other abuses. > > Given the availability of pseudonymous participation, I don't think we > need to tolerate anonymous participation. > > /a > >
Re: Anonymity versus Pseudonymity (was Re: [87attendees] procedural question with remote participation)
2 aug 2013 kl. 14:13 skrev Scott Brim : > I'm completely against participating anonymously because of IPR issues. > I'm mostly against pseudonymous participation for the same reason. I > need to be able to know who I'm dealing with, in order to know if there > are IPR issues that should be brought up. THat's exactly the problem. Unfortunately the world requires the IETF to manage IPR. There's a reason why we need to be strict with the note well. Anonymous remote *PARTICIPATION* breaks the requirements of the note well acceptance in my view. /O
Re: Anonymity versus Pseudonymity (was Re: [87attendees] procedural question with remote participation)
AB, saving your entire message for context ... You're fixing the wrong problem. The problem is not finding a way to cloak so some unspecified person doesn't experience abuse. It's important that we all know who we are dealing with. The problem, rather, is what is leading you to think anonymity might be useful, i.e. the alleged abuse itself. Scott On 08/03/13 02:41, Abdussalam Baryun allegedly wrote: > Hi Adam, > > I don't agree with you. I am a remote participant (2 years and never > attended meetings) in the IETF organisation, do you think that IETF is > fare in treating remote participants? I think the current IETF > direction is in favor of attended-meeting participants, so IMHO one > reason of some hidding their name is because the IETF still is not yet > able to control wrong behaviour of participants who think they are > well known. Thoes wrong behavior abuse peoples rights in IETF. If some > are well known, the reason is because they got better opportunity in > going to meetings, or that majority of participants are from two > regions (North America+Europe). > > For me the IETF reputation is about 40% (evaluated by asking close > friends that did not participate and including the way I was treated > within 2 years), still needs more work to build its reputation (e.g. I > think some old participants need guidance to IETF visions). For me > participants' good reputation depend on their reactions: if I get a > nice reply from them, or if they don't only respond to known people, > or if they acknowledge efforts, or if they encourage other into IETF > visions, or if they provide good ideas/inputs, or if they manage > work/WG/IETF well, etc. > > In IETF volunteers' reputations SHOULD always be high and respected, > but seems like the IETF give chance for abuse so its reputation makes > some people prefer to be anonymous so they try to save their self > reputation. We in IETF SHOULD not focus on people's reputation, we > SHOULD focus on ideas, reasons, work-quality, documents/RFCs > reputations and process-procedures reputations. We are here to > document IETF reputation but not to document a person reputation or > even his/her name. A person's name for me is only important when I > want to refer to his/her review, draft, idea, etc. Don't forget that > in procedure; any input into IETF is own also by IETF no matter what > was the name given, so bad behaviour makes IETF reputation bad and > then some people leave, or make anonymous names, or don't participate > just listen. IMO, the majority of subscribers (in WGs) are listeners > with zero participation. > > AB > > On 8/2/13, Adam Roach wrote: >> Moving to ietf@ietf.org, since I think this is not in any way specific >> to Berlin. >> >> >> On 8/2/13 12:24, Olle E. Johansson wrote: >>> In rtcweb we have remote participants that prefer anonymity for a number >>> of reasons. >> >> I'm going to make a broad assumption that the "number of reasons" all >> relate to privacy. If that is incorrect, please weigh in. >> >>> The question is how this is handled in regards to note well, when they >>> want jabber scribes to relay opinions or proposals to the meeting. >>> >>> Just a note for the future. I think we should allow anonymous listeners, >>> but should they really be allowed to participate? >>> >> >> We had a previous conversation around pseudonyms, which I think >> concluded that pseudonyms are pretty much okay (and impossible to >> reliably detect anyway). >> >> Given this fact, someone can protect their identity through use of a >> consistent pseudonym. This has the property of developing a persona >> behind that pseudonym that the working group members can reasonably >> interact with. >> >> By contrast, attempting to participate in a truly anonymous fashion >> rather than participating with a pseudonym seems to have very little >> justification, with significant potential drawback for the working >> group. The privacy implications are pretty much identical, but it >> provides the illusion that one can act in a way that has no impact on a >> persona's reputation. IMHO, this is ripe for bad behavior, bad faith >> participation, and other abuses. >> >> Given the availability of pseudonymous participation, I don't think we >> need to tolerate anonymous participation. >> >> /a >> >>
RE: Anonymity versus Pseudonymity (was Re: [87attendees] procedural question with remote participation)
AB, You write "Some people prefer to be anonymous so they try to save their self reputation" Are you pursuing this line of argument because, after - campaigning for but failing to achieve the abolition of April 1 RFCs - campaigning for but failing to achieve an acknowledgement in a MANET draft you didn't write. - campaigning for changes to the posting summary that now regularly lists you as Number One poster on this list You believe that your reputation is harmed, would require saving for meaningful interaction, and that you need pseudonymity? Lloyd Wood http://sat-net.com/L.Wood/ From: ietf-boun...@ietf.org [ietf-boun...@ietf.org] On Behalf Of Abdussalam Baryun [abdussalambar...@gmail.com] Sent: 03 August 2013 07:41 To: Adam Roach Cc: Olle E. Johansson; ietf@ietf.org Subject: Re: Anonymity versus Pseudonymity (was Re: [87attendees] procedural question with remote participation) Hi Adam, I don't agree with you. I am a remote participant (2 years and never attended meetings) in the IETF organisation, do you think that IETF is fare in treating remote participants? I think the current IETF direction is in favor of attended-meeting participants, so IMHO one reason of some hidding their name is because the IETF still is not yet able to control wrong behaviour of participants who think they are well known. Thoes wrong behavior abuse peoples rights in IETF. If some are well known, the reason is because they got better opportunity in going to meetings, or that majority of participants are from two regions (North America+Europe). For me the IETF reputation is about 40% (evaluated by asking close friends that did not participate and including the way I was treated within 2 years), still needs more work to build its reputation (e.g. I think some old participants need guidance to IETF visions). For me participants' good reputation depend on their reactions: if I get a nice reply from them, or if they don't only respond to known people, or if they acknowledge efforts, or if they encourage other into IETF visions, or if they provide good ideas/inputs, or if they manage work/WG/IETF well, etc. In IETF volunteers' reputations SHOULD always be high and respected, but seems like the IETF give chance for abuse so its reputation makes some people prefer to be anonymous so they try to save their self reputation. We in IETF SHOULD not focus on people's reputation, we SHOULD focus on ideas, reasons, work-quality, documents/RFCs reputations and process-procedures reputations. We are here to document IETF reputation but not to document a person reputation or even his/her name. A person's name for me is only important when I want to refer to his/her review, draft, idea, etc. Don't forget that in procedure; any input into IETF is own also by IETF no matter what was the name given, so bad behaviour makes IETF reputation bad and then some people leave, or make anonymous names, or don't participate just listen. IMO, the majority of subscribers (in WGs) are listeners with zero participation. AB On 8/2/13, Adam Roach wrote: > Moving to ietf@ietf.org, since I think this is not in any way specific > to Berlin. > > > On 8/2/13 12:24, Olle E. Johansson wrote: >> In rtcweb we have remote participants that prefer anonymity for a number >> of reasons. > > I'm going to make a broad assumption that the "number of reasons" all > relate to privacy. If that is incorrect, please weigh in. > >> The question is how this is handled in regards to note well, when they >> want jabber scribes to relay opinions or proposals to the meeting. >> >> Just a note for the future. I think we should allow anonymous listeners, >> but should they really be allowed to participate? >> > > We had a previous conversation around pseudonyms, which I think > concluded that pseudonyms are pretty much okay (and impossible to > reliably detect anyway). > > Given this fact, someone can protect their identity through use of a > consistent pseudonym. This has the property of developing a persona > behind that pseudonym that the working group members can reasonably > interact with. > > By contrast, attempting to participate in a truly anonymous fashion > rather than participating with a pseudonym seems to have very little > justification, with significant potential drawback for the working > group. The privacy implications are pretty much identical, but it > provides the illusion that one can act in a way that has no impact on a > persona's reputation. IMHO, this is ripe for bad behavior, bad faith > participation, and other abuses. > > Given the availability of pseudonymous participation, I don't think we > need to tolerate anonymous participation. > > /a > >
Re: Anonymity versus Pseudonymity (was Re: [87attendees] procedural question with remote participation)
On Aug 3, 2013, at 9:49 AM, Olle E. Johansson wrote: > > 2 aug 2013 kl. 14:13 skrev Scott Brim : > >> I'm completely against participating anonymously because of IPR issues. >> I'm mostly against pseudonymous participation for the same reason. I >> need to be able to know who I'm dealing with, in order to know if there >> are IPR issues that should be brought up. > > THat's exactly the problem. Unfortunately the world requires the IETF to > manage IPR. There's a reason why we need to be strict with the note well. > Anonymous remote *PARTICIPATION* breaks the requirements of the > note well acceptance in my view. Hi Olle The participation in the IETF is already pseudonymous. I have a driver's license, a passport, and a national ID card, all proving that my name is indeed Yoav Nir. But I have never been asked to present any of them at the IETF. I claim to work for Check Point, and my email address tends to suggest it, but a lot of participants use gmail addresses. I had participated in IETF mailing lists for 3 years before ever attending a meeting, and I got RFC 4478 published before attending one. At that point, none of the IETF regulars had ever seen me - I was just a claimed name on the mailing list and on the draft. As I don't have to prove an identity when registering for meetings, if that had been a ruse, I could continue running with it to this day, although by now there are two participants who can link the IETF participant with the name I use at work. BTW: nobody's stopping anybody from creating a new gmail account under the name "Yoav Nir", registering to IETF mailing lists, and posting in my name. Unless I notice it and cry foul, nobody would be the wiser. Yoav
Re: Anonymity versus Pseudonymity (was Re: [87attendees] procedural question with remote participation)
On Aug 3, 2013, at 10:23 PM, Yoav Nir wrote: > The participation in the IETF is already pseudonymous. I have a driver's > license, a passport, and a national ID card, all proving that my name is > indeed Yoav Nir. But I have never been asked to present any of them at the > IETF. I claim to work for Check Point, and my email address tends to suggest > it, but a lot of participants use gmail addresses. So, you pay cash when you register? It would probably be difficult to keep your identity secret if there were a discovery process during a patent trial. You would also have to lie on the stand, and risk severe repercussions if your lie were revealed. So yes, this is a problem, but it's not clear to me that it's a serious problem.
Re: Anonymity versus Pseudonymity (was Re: [87attendees] procedural question with remote participation)
On Aug 4, 2013, at 9:09 PM, Ted Lemon wrote: > On Aug 3, 2013, at 10:23 PM, Yoav Nir wrote: >> The participation in the IETF is already pseudonymous. I have a driver's >> license, a passport, and a national ID card, all proving that my name is >> indeed Yoav Nir. But I have never been asked to present any of them at the >> IETF. I claim to work for Check Point, and my email address tends to suggest >> it, but a lot of participants use gmail addresses. > > So, you pay cash when you register? No, I use a credit card in the name of my company's "head of purchasing", so not in my name. > It would probably be difficult to keep your identity secret if there were a > discovery process during a patent trial. You would also have to lie on the > stand, and risk severe repercussions if your lie were revealed. I would never lie at trial. But the name I use at trial doesn't go back to the IETF. > So yes, this is a problem, but it's not clear to me that it's a serious > problem. I don't think it's a serious problem anyway, but the IETF does not collect enough data to "track you down" as a condition for participation. So tracking you down becomes the lawyer's problem, not something that the IETF can give away. Yoav
Re: Anonymity versus Pseudonymity (was Re: [87attendees] procedural question with remote participation)
On Aug 4, 2013, at 3:06 PM, Yoav Nir wrote: > No, I use a credit card in the name of my company's "head of purchasing", so > not in my name. Why wouldn't that be sufficient to identify you? Is the head of purchasing going to protect your anonymity? > I would never lie at trial. But the name I use at trial doesn't go back to > the IETF. If you came to the IETF and were working for company X, registered pseudonymously, and didn't disclose IPR belonging to you or company X, and then later company X sued someone for using their IPR, you and company X would get raked over the coals, jointly and severally; the deliberate attempt to deceive would make things worse for you. And that's the point: to provide you with a strong disincentive to doing such a thing. So whether the rules prevent you from being anonymous, or prevent you from suing, everybody's happy. (IANAL, so I'm just explaining my understanding of the situation.)
Re: Anonymity versus Pseudonymity (was Re: [87attendees] procedural question with remote participation)
--On Sunday, August 04, 2013 19:31 + Ted Lemon wrote: > If you came to the IETF and were working for company X, > registered pseudonymously, and didn't disclose IPR belonging > to you or company X, and then later company X sued someone for > using their IPR, you and company X would get raked over the > coals, jointly and severally; the deliberate attempt to > deceive would make things worse for you. And that's the > point: to provide you with a strong disincentive to doing such > a thing. So whether the rules prevent you from being > anonymous, or prevent you from suing, everybody's happy. If company X wanted to collaborate with Yoav in preserving his pseudonym (i.e., not disclosing the binding to his name), they could presumably file a disclosure without identifying the particular employee for whom the disclosure was made. Especially with the ambiguities created by anonymous and pseudonymous remote participation, I assume we would not decline to post an IPR disclosure from an organization on the grounds that we didn't know who was affiliated with it who participated in the IETF. > (IANAL, so I'm just explaining my understanding of the > situation.) ditto. best, john
