Re: ISSUE-235 (Auditability requirement for security) from Shane M Wiley on 2014-11-05 (public-tracking@w3.org from November 2014)

From: Shane M Wiley <wileys@yahoo-inc.com>
Date: Wed, 5 Nov 2014 16:49:42 +0000 (UTC)
To: David Singer <singer@apple.com>, Justin Brookman <jbrookman@cdt.org>
Cc: Walter van Holst <walter.van.holst@xs4all.nl>, Tracking Protection Working Group <public-tracking@w3.org>
Message-ID: <352387806.646849.1415206182230.JavaMail.yahoo@jws10095.mail.ne1.yahoo.com>

I strongly agree with you David.  All systems are already auditable at any time - even data destruction elements, data containment, etc.  If it exists technically, it is auditable.  Let's please move on to more meaningful conversation for the working group.




 Shane Wiley
VP, Privacy & Data Governance
Yahoo
      From: David Singer <singer@apple.com>
 To: Justin Brookman <jbrookman@cdt.org> 
Cc: Walter van Holst <walter.van.holst@xs4all.nl>; Tracking Protection Working Group <public-tracking@w3.org> 
 Sent: Wednesday, November 5, 2014 9:15 AM
 Subject: Re: ISSUE-235 (Auditability requirement for security)
   

On Oct 29, 2014, at 19:01 , Justin Brookman <jbrookman@cdt.org> wrote:

> For those who don’t feel like visiting the wiki, Walter has proposed to retain the auditability requirement, and to clarify with the following language:
> 
> In this context auditable is typically understood that there are sufficient records available of access and use of data retained that a third-party auditor would have a reasonable level of confidence that the data retained is exclusively used for the permitted uses or that  breaches of this can be detected ex-post. A good yardstick of the level of confidence would be a similar level of confidence required for the organisation's financial records. 
> 
> </walter>
> 
> I don’t have any great insight into the manner in which companies typically document their access and use of tracking databases, but I’d welcome opinions on whether this would represent a marginal burden to companies.


There is something a little odd about adding a retention requirement to a specification which, on the face of it, is trying to minimize the amount of data retained.

Audit-ability could as easily be process rather than data based, couldn’t it?  An auditor could check what processes and procedures are defined, and that they are followed in practice.

> 
> On Oct 29, 2014, at 7:59 AM, Walter van Holst <walter.van.holst@xs4all.nl> wrote:
> 
>> On 2014-10-22 17:40, Justin Brookman wrote:
>> 
>>> I do not have a general notion of what an auditor would consider to be
>>> auditable, so why don’t you propose specific text (doesn’t have to be
>>> in the next 20 minutes!) for the group to consider.
>> 
>> I have put a proposal underneath Vincent's in the wiki:
>> 
>> https://www.w3.org/wiki/Privacy/TPWG/Change_Proposal_Remove_auditable_security_requirement
>> 
>> Sadly, I'm very unlikely to be able to attend today's call. Feedback by mail, either on- or off-list would be much appreciated.
>> 
>> Regards,
>> 
>> Walter
> 
> 
> 

David Singer
Manager, Software Standards, Apple Inc.

Received on Wednesday, 5 November 2014 16:51:36 UTC