Re: Privacy Guidance Draft - Your Feedback Needed from David Singer on 2013-07-12 (public-privacy@w3.org from July to September 2013)

From: David Singer <singer@apple.com>
Date: Fri, 12 Jul 2013 09:27:29 +0100
To: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
Cc: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Message-id: <F0CD6FB9-E35E-4D68-A3A3-F3B27DC6D26F@apple.com>

On Jul 12, 2013, at 9:17 , Hannes Tschofenig <Hannes.Tschofenig@gmx.net> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> 
> We could add a few examples to give folks an idea how such a section could look like. 
> 
> For example, I just recently wrote one for an IETF document. 
> 
> See Section 8 of
> https://github.com/hannestschofenig/tschofenig-ids/blob/master/additional-data/draft-ietf-ecrit-additional-data-10.txt
> 
> Or would you rather like to see a "template" of what could go in there? 

Actually, I was thinking of questions to be asked (I think we had a collection started), but a template, and a list of issues that must be addressed would also be good.

"in implementations of your specification, what personal data is exposed to other parties than the person concerned?  what parties are they -- can a list be made, or is it an open exposure (e.g. snoopable)? how secure is it? how much control does the person have? how much visibility do they have into what happens to the data?  how 'private' or 'sensitive' is the data?…"

and so on.

> 
> In my experience people (including myself) like to copy existing work to have something to start with and then adjust the text appropriately. 
> 
> Ciao
> Hannes
> 
> On Jul 12, 2013, at 11:05 AM, David Singer wrote:
> 
>> I think this draft is a great start.  I wonder if we should have a section for those writing a new specification, on material to include in a privacy considerations section, and what questions to ask of the protocol designers?
>> 
>> 
>> David Singer
>> Multimedia and Software Standards, Apple Inc.
>> 
>> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> 
> iQEcBAEBCgAGBQJR37uEAAoJEGhJURNOOiAtlzcH/3MHFvcnakcOaoNet6vbGHpt
> aU5L3M1J0ZtrmCKglsf8/Ge+VpvDdvdPg2WMMCOG4Bewis58veDGX4MnIHFi/Feo
> zKPVt/+DQ7wr/t02sFzrOyZXrqMj3vYwn9mBeaUJTP0GTox1EiT6dotfYLLZ6NHt
> IEdFSctHBomYkAYITf5n9T856oYdRrnou86iHPQnSOR0qeSkl3T1TKfh3ma4WQ5c
> mc9sE/mqnMhq6I05j7YEh2E6Gt30H8C+L+QABzJEyz+GK9LUw9hLlpBBZ0Z05rT5
> js5qWuZrC5T+lPmvysbVqMjZX8lJ2INJYGZM/p9HjrBLoXJ8pV8a5MWNeRtw9x8=
> =wwr4
> -----END PGP SIGNATURE-----

David Singer
Multimedia and Software Standards, Apple Inc.

Received on Friday, 12 July 2013 08:28:04 UTC