Thank Gerv. See below. On Fri, Sep 4, 2015 at 1:49 AM, Gervase Markham <[email protected]> wrote:
> Hi Marshall, > > This is great - thanks for putting it together. > > On 02/09/15 22:53, [email protected] wrote: > > 2) Minimal Impact Mozilla Principle #2 states that the Internet is a > > global public resource. Government surveillance decisions should take > > into account global implications for trust and security online by > > focusing activities on those with minimal impact. > > What does "those" refer to in this last sentence? > This should be reworded. "focusing on those [activities] with minimal impact." > > > Efforts should be made to collect only the information that is > > needed. Whenever possible, only data on specific, identifiable users > > should be collected, rather than collecting data from a large group > > of users with the expectation that it can be triaged later. > > Activities should be designed to minimize their impact on the > > Internet infrastructure and on user trust. Compromise of or > > unauthorized access to third party infrastructure or systems should > > be avoided if at all possible and is wholly unacceptable if other > > avenues for obtaining third party cooperation are available. > > I would add: and this applies even if access through those legal avenues > is denied. (I.e. you can't go and hack Google's computers because a > judge turns down your warrant.) > Good point. I think this is implicit but could be more clear. > > > oversight should be evidence-based and start with an analysis of the > > national security benefits and potential harms of programs in > > question. > > This is a good point, but is it related to the oversight, or to the > policies? That is to say, I think oversight is about "making sure they > do what the law says", but an analysis of benefits and harms is about > "making sure the law says the right thing". > Good oversight is actually about both and for most of the key oversight bodies, their writ isn't just about making intelligence agencies do what the law says but actually also about making sure they do the appropriate policy balancing within the bounds of the law. This is more true of legislative bodies and slightly less true of Judicial oversight bodies. One key problem with many of these bodies today is that they focus on litigious analysis to the exclusion of sound policy analysis, a problem that is magnified by the fact that the activities take place is secret and are thus not subject to sound *public *policy analysis. > > Gerv > _______________________________________________ governance mailing list [email protected] https://lists.mozilla.org/listinfo/governance
