Nicely said, Frederick.
Note that I am not saying that nothing should be said about privacy at
the level of an individual specification but the appropriate granularity
will very much depend on the type of work.
For example, in the context of the current privacy reviews in this group
there are lots of JavaScript APIs that are presented to us and one can
see some common patterns. To me it appears that certain privacy
decisions have been cast in stone already with the decision to follow a
code distribution model, like JavaScript provides, and hence you have to
deal with those constraints.
On 05/30/2014 04:47 PM, Frederick Hirsch wrote:
> I think what this paragraph from Hannes is also saying, and maybe we
> should clarify, is that privacy requires a system view, end-end, and
> this is what applications and implementers are able to analyze, while
> individual specifications are often components. The security and privacy
> considerations for components can highlight minimization and potential
> vulnerabilities and countermeasures, but overall issues like data
> retention and reuse (to give two obvious examples) usually cannot be
> addressed in a specification in isolation.