On 1/14/14 12:45 PM, Fred Baker (fred) wrote: > So the question in the shepherd's report should not be "tell me you > thought about the EU Data Retention Initiative and whether your > protocol's data identifies an individual". It should be "what > personal, equipment, or session identifiers, encrypted or otherwise, > are carried in your protocol? How might they be correlated with > offline data or otherwise used to infer the identity or behavior of > an individual?"
I agree - I think this is a useful framing, beyond the question of actual traffic inspection. It's pretty clear that there's been a lot of data mining, as well, and we haven't thought very carefully about what we may be leaking inadvertently. This is particularly a concern as efforts like geonet start to ramp up. Melinda _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
