Re: [Geopriv] Geo URI and privacy URI

Correct - but PCP was not based on the privacy guidance document . . .

Interesting point on the irony :-)

Thanks

Carl

> PCP is dead. It has been removed from later versions of enablers. My
> impression was that no one was implementing it.
>
>> -----Original Message-----
>> From: geopriv-bounces@ietf.org [mailto:geopriv-bounces@ietf.org] On
>> Behalf Of Richard Barnes
>> Sent: Sunday, 29 March 2009 7:29 PM
>> To: creed@opengeospatial.org
>> Cc: 'GEOPRIV'; John Morris; Henning Schulzrinne
>> Subject: Re: [Geopriv] Geo URI and privacy URI
>>
>> Carl,
>>
>> Thanks for the pointer. I knew of the LIF/OMA Privacy Checking
>> Protocol
>> (PCP, aptly :) ), but last I heard, that was not widely implemented
>> (and
>> possibly deprecated).
>>
>> Also, I note with appropriate irony that the terms of use for the
>> document you referenced contain the following paragraph:
>>
>> "
>> Open Mobile Alliance's Privacy Policy
>>
>> You consent to the collection, processing and storage by Open Mobile
>> Alliance of Your personal information in accordance with the terms of
>> the Open Mobile Alliance's Privacy Policy, which is available at
>> http://www.openmobilealliance.org/privacypolicy. You agree to comply
>> with all applicable laws and regulations, and the terms of Open Mobile
>> Alliance's Privacy Policy, with respect to any access, use and/or
>> submission by You of any personal information in connection with this
>> Web site.
>> "
>>
>> ... this being the standard Web privacy model -- site decides
>> unilaterally -- in contrast to the Geopriv model, in which the site at
>> least makes an informed decision.
>>
>> Cheers,
>> --Richard
>>
>>
>> creed@opengeospatial.org wrote:
>> > All -
>> >
>> > There is a Open Mobile Alliance document titled, "LIF Privacy
>> Guidelines".
>> > This document was developed over a period from 2001 to 2002.
>> Considerable
>> > discussion (both legal and philosophical) and numerous use cases
>> > documented. This document and its contents might be useful in this
>> > discussion.
>> >
>> > Go to
>> http://www.openmobilealliance.org/tech/affiliates/lif/lifindex.html
>> > and clink on "download" for Privacy Guidelines and then agree to the
>> terms
>> > of use.
>> >
>> > Cheers
>> >
>> > Carl
>> >
>> >
>> >> I might be about to get too philosophical here, but...
>> >>
>> >> In some sense the entire Geopriv privacy architecture could be
>> >> considered a "non-starter" for the same reason you suggest below:
>> it's
>> >> meant to encourage location recipients to change their current
>> >> behavior. If it didn't require behavior change, it wouldn't have any
>> >> utility.
>> >>
>> >> Again, I think retention-expires has value even if all that results
>> >> from it is that a recipient thinks twice about its logging policy,
>> or
>> >> clarifies its disclosures about its logging policy, or realizes that
>> >> people care about its logging policy. IMO, defining a strict
>> semantic
>> >> that results in this kind of reaction is preferable to creating a
>> >> loophole in the semantic that could potentially swallow all of its
>> >> value.
>> >>
>> >> On Mar 26, 2009, at 6:12 PM, Henning Schulzrinne wrote:
>> >>
>> >>> I'm sorry, but after 6 years we're no closer to this happening.
>> >>> However, anything that requires running non-standard web setups
>> >>> seems like a non-starter. No wonder that W3C doesn't take GEOPRIV
>> >>> seriously...
>> >>>
>> >>> Henning
>> >>>
>> >>> On Mar 26, 2009, at 6:05 PM, John Morris wrote:
>> >>>
>> >>>> +1 to Alissa (perhaps not a surprise)... but for historical
>> >>>> interest, I have pasted below excerpts from three 2003 e-mails in
>> >>>> which Henning and I discussed this same topic.... John
>> >>>>
>> >>>> At 11:01 AM -0500 11/11/03, Henning Schulzrinne wrote:
>> >>>>> Date: Tue, 11 Nov 2003 11:01:13 -0500
>> >>>>> From: Henning Schulzrinne <hgs@cs.columbia.edu>
>> >>>>> To: "'geopriv@ietf.org'" <geopriv@ietf.org>
>> >>>>> Subject: [Geopriv] Questions on pidf-lo
>> >>>>>
>> >>>>> After another reading and some hallway discussions, a few
>> >>>>> questions on PIDF-LO:
>> >>>>> <snip>
>> >>>>> 3) Retention
>> >>>>>
>> >>>>> Normal operating procedure is that databases are backed up. Am I
>> >>>>> liable if a location object accidentally makes it onto the backup
>> >>>>> tape? (Example: retention is 24 hours; LO arrives at 8 pm; backup
>> >>>>> is run at midnight. I can't tell the backup routine to not backup
>> >>>>> that entry.)
>> >>>>>
>> >>>>> Worded in its current vagueness, I'm afraid that any large entity
>> >>>>> who has any exposure at all would be foolish to accept any object
>> >>>>> that in any way restricts retention and distribution.
>> >>>>>
>> >>>>> Henning
>> >>>> At 12:34 PM -0600 11/11/03, John Morris wrote:
>> >>>>> Date: Tue, 11 Nov 2003 12:34:32 -0600
>> >>>>> To: Henning Schulzrinne <hgs@cs.columbia.edu>
>> >>>>> From: John Morris <jmorris@cdt.org>
>> >>>>> Subject: Re: [Geopriv] Questions on pidf-lo
>> >>>>> Cc: "'geopriv@ietf.org'" <geopriv@ietf.org>
>> >>>>>
>> >>>>> Henning, you won't be happy with how I would answer these
>> >>>>> questions. See inline. John
>> >>>> <snip>
>> >>>>>> 3) Retention
>> >>>>>>
>> >>>>>> Normal operating procedure is that databases are backed up. Am I
>> >>>>>> liable if a location object accidentally makes it onto the
>> backup
>> >>>>>> tape? (Example: retention is 24 hours; LO arrives at 8 pm;
>> backup
>> >>>>>> is run at midnight. I can't tell the backup routine to not
>> backup
>> >>>>>> that entry.)
>> >>>>>>
>> >>>>>> Worded in its current vagueness, I'm afraid that any large
>> entity
>> >>>>>> who has any exposure at all would be foolish to accept any
>> object
>> >>>>>> that in any way restricts retention and distribution.
>> >>>>> My answer is that big entities will have to cope. In the U.S. at
>> >>>>> least, we have not yet resolved the train wreck that occurs
>> >>>>> between privacy and routine backup tapes. If the info is in a
>> >>>>> backup tape, it can be obtained through subpoena, law enforcement
>> >>>>> request, etc.
>> >>>>>
>> >>>>> And yes, I do think that companies are moving toward a more
>> >>>>> considered backup strategy that takes privacy and other legal
>> >>>>> obligations into account. It will be a slow transistion, but I
>> >>>>> think it will happen.
>> >>>>>
>> >>>>> So any entity concerned about this type of exposure should decide
>> >>>>> that certain information should simply not be retained in
>> >>>>> databases that are routinely backed up. I strongly do not think
>> >>>>> we should allow geopriv to say "do not retain the info longer
>> than
>> >>>>> the rule permits (except routine backups don't count)."
>> >>>>>
>> >>>>>> Henning
>> >>>>> John
>> >>>> At 2:56 PM -0500 11/11/03, Henning Schulzrinne wrote:
>> >>>>> Date: Tue, 11 Nov 2003 14:56:58 -0500
>> >>>>> From: Henning Schulzrinne <hgs@cs.columbia.edu>
>> >>>>> To: John Morris <jmorris@cdt.org>
>> >>>>> Cc: "'geopriv@ietf.org'" <geopriv@ietf.org>
>> >>>>> Subject: Re: [Geopriv] Questions on pidf-lo
>> >>>>>
>> >>>>> John Morris wrote:
>> >>>>>
>> >>>>>> Henning, you won't be happy with how I would answer these
>> >>>>>> questions. See inline. John
>> >>>>> I'm actually happy with *any* consistent and implementable
>> answer.
>> >>>>> I'm mostly concerned that implementors are given insufficient
>> >>>>> guidance in the spec.
>> >>>>>
>> >>>> <snip>
>> >>>>>> My answer is that big entities will have to cope. In the U.S.
>> at
>> >>>>>> least, we have not yet resolved the train wreck that occurs
>> >>>>>> between privacy and routine backup tapes. If the info is in a
>> >>>>>> backup tape, it can be obtained through subpoena, law
>> enforcement
>> >>>>>> request, etc.
>> >>>>>>
>> >>>>>> And yes, I do think that companies are moving toward a more
>> >>>>>> considered backup strategy that takes privacy and other legal
>> >>>>>> obligations into account. It will be a slow transistion, but I
>> >>>>>> think it will happen.
>> >>>>>>
>> >>>>>> So any entity concerned about this type of exposure should
>> decide
>> >>>>>> that certain information should simply not be retained in
>> >>>>>> databases that are routinely backed up. I strongly do not think
>> >>>>>> we should allow geopriv to say "do not retain the info longer
>> >>>>>> than the rule permits (except routine backups don't count)."
>> >>>>> As long as we say "this includes backup media", I'm fine - I'm
>> >>>>> just for clarity. We can't remove every ambiguity, but that's no
>> >>>>> excuse not to be precise where we can.
>> >>>> _______________________________________________
>> >>>> Geopriv mailing list
>> >>>> Geopriv@ietf.org
>> >>>> https://www.ietf.org/mailman/listinfo/geopriv
>> >>>>
>> >>> _______________________________________________
>> >>> Geopriv mailing list
>> >>> Geopriv@ietf.org
>> >>> https://www.ietf.org/mailman/listinfo/geopriv
>> >> --
>> >> ----------------------------------------------------
>> >> Alissa Cooper
>> >> Chief Computer Scientist
>> >> Center for Democracy and Technology
>> >> 202 637 9800 x110
>> >> acooper@cdt.org
>> >> http://www.cdt.org/
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> _______________________________________________
>> >> Geopriv mailing list
>> >> Geopriv@ietf.org
>> >> https://www.ietf.org/mailman/listinfo/geopriv
>> >>
>> >
>> >
>> > _______________________________________________
>> > Geopriv mailing list
>> > Geopriv@ietf.org
>> > https://www.ietf.org/mailman/listinfo/geopriv
>> >
>> _______________________________________________
>> Geopriv mailing list
>> Geopriv@ietf.org
>> https://www.ietf.org/mailman/listinfo/geopriv
>
> ------------------------------------------------------------------------------------------------
> This message is for the designated recipient only and may
> contain privileged, proprietary, or otherwise private information.
> If you have received it in error, please notify the sender
> immediately and delete the original. Any unauthorized use of
> this email is prohibited.
> ------------------------------------------------------------------------------------------------
> [mf2]
>
>

_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www.ietf.org/mailman/listinfo/geopriv
Received on Tue, 31 Mar 2009 04:15:17 -0400 (EDT)