Guys, have a look at the lovely privacy consideration document the IAB
published not too long ago. It explains you how we see privacy (which is
different to what other people consider under privacy). It turns out
that is exactly the approach we have taken with security many years ago.
Just compare it with security and you will for sure understand that the
decision making process about how to design a system isn't entirely
without judgement about what threats you care about and what security
solutions you are willing to put in place. Most of the decisions are
about tradeoffs.
The same is true for privacy.
I don't like this "we cannot define it precisely and so we shouldn't do
anything about it" attitude.
Just pushing responsibilities to other communities does not help make
progress. For this reason I have written https://goo.gl/a35BY2, which
explains in what areas challenges exist.
Ciao
Hannes
Am 31.10.13 16:05, schrieb Tony Rutkowski:
Hi Rich,
You've hit several nails on the head here as to
why the premises for the list are so flawed.
Privacy (as opposed to PPII) is a legal,
societal, and religious matter, yet it is never
defined, and assumed by the proponents of
the list as accepted as an absolute tenet. So
what if one is not of that religious persuasion?
What if you don't want to pay the broad array
of significant real costs and elevated threats
to finance those religious beliefs? for example,
there are no use cases of where any form of
pervasive monitoring has brought down a plane.
Similarly neither "pervasive" nor "monitoring"
nor the concatenation of the two are defined
or even explained.
All of this is highly context dependent - as you
and others have repeatedly pointed out, and even
Stephen admits - raising the specter of bad actors.
Gee, not much new there. However, the group
seemed to have been spun up over good actors
doing serious jobs, not bad ones. That's ironic.
In fact, the proffered use cases seem directed
at impeding good actors and potentially seriously
damaging good actor requirements.
This is one of the worst examples of IETF upper
layer excesses witnessed over many decades.
While it can be written off as a canard to keep
some religious persuasions happy, it does real
harm to the IETF's stature. This stuff belongs on
K-street and other lobbying venues, not in a
serious technical body that needs to accommodate
a broad spectrum of perspectives and needs.
--tony
On 10/30/2013 11:36 AM, Richard Shockey wrote:
[RS> ] Who's privacy? The calling party or the called party. This is my
point. Enabling privacy for one may violate the privacy of the other.
Now we
are really blasting past Layer 8-10 Economic Political and Religious into
Layer 11 Philosophy. I'm totally incompetent to make judgments on that
Layer.
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
