They look good.
In addition, I feel that it is a good practice to put privacy policy
link as a footer item in every page as well.
In our case, right next to "Contact Us" in the footer.
=nat
(2010/01/28 10:00), John Ehrig wrote:
Darin at Refresh mocked up a couple of options for the higher
visibility location for the privacy policy (attached). Thoughts?
------------------------------------------------------------------------
*From:* [email protected]
[mailto:[email protected]] *On Behalf Of *John Ehrig
*Sent:* Wednesday, January 27, 2010 4:51 PM
*To:* [email protected]
*Subject:* Re: [OpenID board] OIDF Privacy Policy
Actually, we already do have an approved and actively in use OIDF
privacy policy (see the attached). A couple of issues:
1) It is buried in the membership portal and only viewable when you
first sign up as a new member (which is why it took me so long to
track it down)
2) It seems to be written specifically as a member privacy policy
(which may not really be an issue if we are ok with it as is for that
purpose)
I can immediately fix issue #1 by posting it in an easy to find/view
page.
Longer term, we can use this existing policy as a stating point if we
want to improve or broaden it within the legal or privacy committee.
------------------------------------------------------------------------
*From:* [email protected]
[mailto:[email protected]] *On Behalf Of *John Bradley
*Sent:* Wednesday, January 27, 2010 10:00 AM
*To:* [email protected]
*Subject:* Re: [OpenID board] OIDF Privacy Policy
I think that it would be fine to post redacted versions.
I suspect that a page with the companies and individuals who have
signed up for WG is probably more useful than the scanned agreements
themselves.
I made a IPR declaration three years ago when the OIDF was formed and
the PAPE WG started. I don't recall anyone telling me it was going to
be scanned and posted.
I like most people haven't thought about it in a while because there
haven't been new WG.
If we are going to publish information that people give us we need to
make that clear at the time of collection.
We may be violating privacy laws outside the US. I would prefer to
make sure it is not an issue for the membership.
John B.
On 2010-01-27, at 2:47 PM, Mike Jones wrote:
It would be fine to post digital images with the signatures and
address information redacted -- possibly by overlaying them with
"Information on file with OIDF" or something of that sort. (Sort of
how elevators often contain messages about the elevator license being
on file at such-and-such place.)
-- Mike
*From:* [email protected]
<mailto:[email protected]>
[mailto:[email protected]] *On Behalf Of *David
Recordon
*Sent:* Wednesday, January 27, 2010 9:40 AM
*To:* [email protected] <mailto:[email protected]>
*Subject:* Re: [OpenID board] OIDF Privacy Policy
Hey John,
I'm happy to have us reconsider the policy.
The idea is to make it incredibly transparent around who has signed
what (when it comes to IP). So far you're the first person in three
years to say anything about it.
Considering that there can be different versions of documents and some
documents with options, scanning them as PDFs seemed like the easiest
and most accurate method. 99% of the time it's also companies signing
the agreements and using corporate addresses versus personal.
If Global Inventures is able to manage these agreements and keep up to
date online records, I'm less worried about each agreement
being available online.
That said, they should be made available upon request.
--David
On Wed, Jan 27, 2010 at 7:07 AM, John Bradley <[email protected]
<mailto:[email protected]>> wrote:
In the process of setting up the AX 1.1 WG a number of things have
come to light.
One is some confusion around who needs to submit what sort of
agreement, Personal or Company.
Perhaps our new Secretary can have a look at that.
The more important one is that the OIDF has a practice of positing
scanned documents publicly including peoples signature.
A number of us don't think publicly posting our address info with a
scan of our signature is such a good idea.
I think everyone agrees that who has signed contribution agreements
and what WG they apply to should be public.
However there are ways to do that are less subject to identity theft
and other issues.
I would like to recommend that one of our committees (perhaps the
legal one) or a sub committee.
Review and publish the OIDF privacy policy and specifically if
practices like posting members PII publicly are appropriate.
The board can then consider those recommendations.
In the interim I would like GlobalInventures to redact my signature
from any and all of the IPR agreements they publish.
I don't think we can be credible respecting peoples right to privacy
on the internet if we don't do a credible job with our own members.
There may be other privacy issues I am not currently aware of as well.
I think being proactive about privacy can only increase participation
from the community in general.
Regards
John B.
_______________________________________________
board mailing list
[email protected] <mailto:[email protected]>
http://lists.openid.net/mailman/listinfo/openid-board
_______________________________________________
board mailing list
[email protected] <mailto:[email protected]>
http://lists.openid.net/mailman/listinfo/openid-board
_______________________________________________
board mailing list
[email protected]
http://lists.openid.net/mailman/listinfo/openid-board
--
Nat Sakimura ([email protected])
Nomura Research Institute, Ltd.
Tel:+81-3-6274-1412 Fax:+81-3-6274-1547
_______________________________________________
board mailing list
[email protected]
http://lists.openid.net/mailman/listinfo/openid-board
