Indeed the context matters especially as the consent is only given in a context. Also actors are very important since even "identification" has to do with the observer and the domain. (Otherwise, we would not have a notion such as "partially anonymous, partially unlink-able". ) Also, issues around generated/inferred attributes are important. Acquired attributes + auxiliary knowledge may generate additional attributes. This is often captured as "use" or "acquisition" and implicit but is worth making note.
Nat 2013/12/19 Joseph Lorenzo Hall <[email protected]> > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > > > On 12/18/13 8:17 AM, S Moonesamy wrote: > >> > >> I suppose, to avoid confusion, it probably is better to use the > >> definition portion of it instead of the defined word in the > >> usual conversation. > > > > There has been some discussion on other IETF mailing lists about > > the definition of the word "privacy". Warren and Brandeis are > > often cited in a U.S context. The "right of personal immunity" is > > broader than privacy. > > > > Within an IETF context it might be a problem if the "right to be > > let alone" is used. In my opinion a right is guaranteed by law and > > that doesn't fit in with what the IETF does. > > Many of us from academia (in my case, having recently jumped ship for > civil society) that study privacy are more persuaded by Helen > Nissenbaum's notion of privacy as "contextual integrity". Here's the > skiny in shorter-than-book-length form: > > "I give an account of privacy in terms of expected flows of personal > information, modeled with the construct of context-relative > informational norms. The key parameters of informational norms are > actors (subject, sender, recipient), attributes (types of > information), and transmission principles (constraints under which > information flows). Generally, when the flow of information adheres to > entrenched norms, all is well; violations of these norms, however, > often result in protest and complaint. In a health care context, for > example, patients expect their physicians to keep personal medical > information con½dential, yet they accept that it might be shared with > specialists as needed. Patients’ expectations would be breached and > they would likely be shocked and dismayed if they learned that their > physicians had sold the information to a marketing company. In this > event, we would say that informational norms for the health care > context had been violated." [1] > > Much of the scholarship these days in privacy thinking is increasingly > based on this kind of contextual definition of privacy (and in the > U.S., at least, the Obama administration embraced this in a recasting > of fair information principles in their Consumer Privacy Bill of Rights). > > At CDT, we argue that "abuse" or "harm" is an anemic framing, and that > there are important privacy interests implicated after information has > been fixed and collected but before any use has been made. See > Brookman and Hans [2], if you're interested in reading more. > > [1]: http://www.amacad.org/publications/daedalus/11_fall_nissenbaum.pdf > [2]: > > http://www.futureofprivacy.org/wp-content/uploads/Brookman-Why-Collection-Matters.pdf > > - -- > Joseph Lorenzo Hall > Chief Technologist > Center for Democracy & Technology > 1634 I ST NW STE 1100 > Washington DC 20006-4011 > (p) 202-407-8825 > (f) 202-637-0968 > [email protected] > PGP: https://josephhall.org/gpg-key > fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.13 (Darwin) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBCAAGBQJSsbiPAAoJEF+GaYdAqahxrI4QAIuv0oLj2ypQ5lTQ99FlFz+w > /V5/LCOIkV0ELJneEKJYvttZFI86bl2d2ZnZ6OH58PjFRing3/cuUAlF2aqnlRey > wQnkRqijU9ULhH0sGfTXHhjlR4nHvBi6OWV8GramG9GYOZHQZObCFEyeK7UIUmuT > w4whhXmCe9r78b03BoFab8QWi0bZNt6HWD7ln5MQcHk3ERX/1qg0PzqjAaLiSIDV > TyoVp5cUUf9SdyA6xijQ1GRswgGUHFj62GkJ5bGX6bJhUAYbgGmdHkuYqhsumI+6 > lE7+3OT5vqOl9i4iqXLXlXnilqGo6lxTf9i3uSrDtfPSNKbIQIJcQokY+rsPjQqR > zS6rZ779RG0vrff/rVombLYvQE+NuQricUt2QqiFdQmVG7gZyyjupt/on7uJjjxU > QSYDXYVk8hnKZJqxnlNWTOyDiRrIl25lFx47vVitD2X4oactxrIdF2bpIzvdqFoE > g41cooUAIWWn5J6ZpwtuhlQj3ML8kwZqk1+Iv8vJkp6z5vRtwiScrMNSN+82TGA9 > KbB87KHzCVeUoDDpHGwUyLnefSj9LXhAGuEtEacJ9KMygCjGTjeKnRulCjOXBJ5Z > fEDC0KJd63PJml+kGCcabozP5NB25tMHScMY+1PoGny908IA+PmuSY2XChLLf5Fg > f4pqNw75JypzxD7jX7Z7 > =6UgP > -----END PGP SIGNATURE----- > > _______________________________________________ > ietf-privacy mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ietf-privacy > -- Nat Sakimura (=nat) Chairman, OpenID Foundation http://nat.sakimura.org/ @_nat_en
_______________________________________________ ietf-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-privacy
