new security/privacy review questions

Hi all,

Myself and Joe Hall been working on a rewrite of the TAG security
questionaire[1], which incorporates privacy concerns as well as security
concerns. (For example, we include some of the questions raised by Nick in
his privacy questionnaire.[2])

We also split the questionnaire into a security section and a privacy
section (with the implication all new standards should enumerate their
privacy impacts as well as their security impacts.)

The goal is that for each question, there will eventually be an explanation
and a concrete, real world example.


I've attached a .odt outlining our proposed questions, as well as a PDF in
case you don't have an ODT capable editor installed. (I recommend

*Greg Norcie ( <>)*

*Staff Technologist*
*Center for Democracy & Technology*
1634 Eye St NW Suite 1100
Washington DC 20006
(p) 202-637-9800



Received on Wednesday, 24 June 2015 13:35:15 UTC