I agree, at the moment ‘privacy’ is defined roughly as the things you miss when you realize you have lost it, which is not a usable definition; but I also agree, we’re in the process of learning.
One of the big realizations I had as a result of the W3C workshop was that we tend to equate privacy with a lack of knowledge i.e. if we could all be anonymous online, we’d be private, which while true, leaves a whole load of questions unanswered. In the physical world, there are a whole bunch of aspects to privacy that we intuitively understand (though they may vary by culture); it’s not hard to imagine situations where people would respond ‘you just don’t do that!’. Much real-world privacy respects context, for example (if you meet your therapist at a party, you know it’s him and he knows it’s you and you both know there are certain subjects you won’t talk about). There are also aspects of degree (people don’t mind being an accidental inclusion in someone else’s photo snapshots, but they do mind if they are featured or a video continues to include them). So, just as security has sub-areas, I would argue that privacy does: anonymization, data minimization, respect for context, degree/quantity, and so on. Finally, I have long pleaded that those concerned with privacy but technology-unaware — philosophers, legislators, et al. — give us more insight into this question (“what is online privacy”) and say less about technologies, as I am confident that if we understood the field and the principles better, engineers would work out what that meant in engineering and technology terms. > On May 2, 2016, at 14:29 , Christian Huitema <[email protected]> wrote: > > On Sunday, May 1, 2016 4:12 PM, Dave Crocker wrote: >> >> If the term is to be a non-technical and vague reference, then let's stop > using it >> as if it were a technical term. Philosophical, academic and social terms > are >> fine; the problem is when we use them as if they pertained to technical >> specifics. > > Well, we do use the term "security" liberally, don't we? It is certainly > just as vague, but it is useful as a section header. It encourages protocol > designers to be concerned with the broad issue of security attacks. I think > that we have consensus that protocol designers should also be concerned with > the broad issue of privacy attacks. > >> If we intend the term to have technical utility, it's needs precise and > useful >> definition. > > It took some time to establish categories for security attacks -- denial of > service, information disclosure, spoofing, elevation of privilege, etc. The > analysis of privacy attacks is not quite as advanced, but we start getting > broad categories, such as disclosure of the exchanged data, disclosure of > metadata, linkability of different activities, and disclosure of traffic > patterns. As we gain more experience, I expect that these categories will > stabilize. > > -- Christian Huitema > > > > > > _______________________________________________ > ietf-privacy mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ietf-privacy Dave Singer [email protected] David Singer Manager, Software Standards, Apple Inc. _______________________________________________ ietf-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-privacy
