On Apr 26, 2018, at 10:27 AM, Dave O'Reilly <[email protected]> wrote:
> Let me clarify: I’m not saying that there are no problems with judicial 
> systems around the world but I was commenting, in response to your point, 
> that IP address will usually form part of the evidence and will not generally 
> be relied upon as identifying the suspect without supporting evidence from 
> other sources. 

I think what Tom is getting at, and also what I was getting at in my earlier 
comment, is that we simply can't make the assertion that "IP address will 
usually form part of the evidence and will not generally be relied upon as ... 
etc".

One thing to bear in mind is that often the purpose of data collection under a 
repressive regime is to provide a pretext for prosecution, not to provide 
evidence in an adversarial trial.   The point is to be able to say that you did 
something to single out the intended victim of the prosecution, not that what 
you say you did actually accurately singled out that victim.

You've asked privately what my objection to the document is, and I haven't had 
time to re-review it yet (sorry—yesterday was jam-packed).   But what got me 
interested in the first place is that I think that it's really important to be 
serious about evaluating these issues and not simply think about this in terms 
of a particular isolated case, like Denmark's judicial system or the system in 
the U.S.

In practice, regimes where data collected will be used as a pretext probably 
have more total residents than countries where citizens' rights are taken 
seriously, either as a matter of custom or as a matter of law.   And in the 
U.S. it's pretty clear that rule of law doesn't apply anymore to anyone who is 
not a citizen, nor does it appear in practice to apply fully to citizens who 
are not white.   And we've seen with the recent U.K. Windrush scandal that this 
is also true in the U.K., and while it's great that it's creating a furor in 
the press, it's not clear that the situation is going to get substantially 
better as a result.

The problem with the IETF taking a position on these matters is that it grants 
the IETF's legitimacy not only to legitimate investigative bodies and judicial 
bodies, but also to illegitimate such bodies.  And so the bar for adoption of 
work in this area is not "this would improve public safety in situations where 
it's used properly," but rather "how could this be misused, and what 
responsibility could the IETF wind up bearing for that misuse."

_______________________________________________
Int-area mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/int-area

Reply via email to