17:13:48 RRSAgent has joined #privacy 17:13:48 logging to http://www.w3.org/2013/01/24-privacy-irc 17:14:21 q+ on what review document we're (not) using 17:14:43 ack fjh 17:14:45 -??P26 17:15:13 Npdoty: We are performing reviews informally though we have talked about different documents 17:15:33 +??P26 17:16:50 q? 17:16:58 q- 17:17:28 I was starting to collect resources around Privacy Considerations on the wiki here: http://www.w3.org/wiki/Privacy/Privacy_Considerations 17:17:42 (that list is too short, apologies, I need to dump more links here) 17:19:36 scribenick: npdoty 17:19:44 fjh: took away some concrete suggestions 17:19:59 ... in particular, note a security consideration around combining light/proximity with other information 17:20:08 Three points: 1. thank for reviewing these specs and for taking DAP as a first case 17:20:24 ... but then some other comments went beyond what I thought was in scope for these APIs themselves 17:20:39 2 concrete take away, possibly add privacy consideration on risk when information combined from various APIs 17:21:08 q? 17:21:10 3. noted PING discussion went further beyond the DAP context of the spec, in future call for review may need to include some system context 17:21:17 hannes: some comments that don't give useful to the author of a specification; how could we take this into account beyond stopping work? 17:21:19 4. not sure I received any other take aways 17:22:59 no one was surprised about the event synchronization privacy leak? and here I thought I was being original ;) 17:23:28 fjh: appreciate the time and effort; started with smaller and more isolated specifications 17:23:42 ... other specs would be richer down the line 17:25:00 q+ 17:25:04 q+ 17:25:10 ack fjh 17:25:48 JC has joined #PRIVACY 17:26:13 Tara: You had the proximity spec as well? 17:26:30 Yrlesru: Yes, and I basically had the same comments for it 17:26:50 ... the process was valuable for getting feedback and improving the review process 17:27:51 Npdoty: There is a chance for gleaning information from light sensors, but not with high, med, low settings 17:28:11 ack npdoty 17:28:13 q? 17:28:37 Tara: Henry will cover his outstanding item 17:28:43 npdoty: we learned or noted rather generalized advice regarding device apis that refer to background sensors 17:28:55 Yrlesru: Should a formal response of the reviews be sent? 17:29:03 s/Yrlesru/fjh/ 17:29:15 Tara: An informal response is fine. We would like to see the final response. 17:29:23 I think Erin had actually written up a pretty detailed or formal version 17:29:43 Henry: I chair web ID incubator group 17:29:59 ... identity is an important part of privacy 17:30:15 ... I am interested in feedback from PING 17:30:33 ... something is private or public 17:30:48 There is a difference between public and publicized 17:31:02 http://www.w3.org/2005/Incubator/webid/wiki/Main_Page 17:31:07 ... we have created a few specs, see URLs 17:31:23 https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html 17:31:46 http://www.w3.org/2005/Incubator/webid/spec/ 17:31:57 ... we have an authentication spec for authenticating over TLS with WebID 17:32:12 ... also an interoperability spec, but only a beginning 17:32:16 http://www.w3.org/2005/Incubator/webid/wiki/Identity_Interoperability 17:32:53 Justin Brookman and Thomas Roessler say hello from CPDP. 17:32:58 ... there are many ways to do authentication and they can be separated for different agents 17:33:05 ... ID and password is not good enough 17:33:24 Hullo back to them! 17:33:31 ... for a globally distributed social web creating new accounts is too tedious 17:34:00 ... this has created centralized authentication services, which cause privacy problems 17:34:19 ... we want distributed, decentralized social webs to have privacy 17:34:40 ... otherwise the biggest players will control all of the data over millions of users 17:34:57 ... this may be counterintuitive in this space 17:35:11 ... we would like to have specs to cover the privacy side 17:35:39 q+ 17:35:42 Tara: So you would like the group to address privacy considerations, which includes identity considerations 17:36:02 Henry: We are working on identity which has privacy considerations 17:36:23 http://www.w3.org/2005/Incubator/webid/spec/#publishing-the-webid-profile-document 17:36:36 ... we haven't yet put this into the simple spec, but it is in the SSL spec 17:37:02 ... you can control access to sensitive information with access control 17:37:09 ack npdoty 17:37:15 ... without access control you cannot get the larger elements of privacy 17:37:55 Npdoty: A lot of concerns have been expressed about lack of anonymity on the web. 17:38:14 q+ 17:38:19 ... identity is important for authentication so we know who are friends are. 17:38:44 ... I can see that there is a lot of identity work and could be like the sensor review where the responses are similar 17:39:04 Zakim, unmute me 17:39:04 TallTed should no longer be muted 17:39:08 ... we should think about how we can condense the work or provide general responses 17:39:19 Herny: identity on the web is not new 17:39:28 s/Herny/Hannes/ 17:39:32 ... it should be possible to reuse previous work 17:40:14 ... it not so much the protocol, but the deployment in the way companies use the technology 17:40:33 ... OpenID is a distributed system, but most companies want to own the identity. 17:40:56 ... so I don't see how you avoid the tendency for systems to want to own it in deployment. 17:41:14 q? 17:41:51 Henry: The business model is difficult. Some want to get greedy and can become too big. 17:42:01 BrowserID that I mentioned, is documented as a spec here: https://github.com/mozilla/id-specs/blob/prod/browserid/index.md 17:42:15 (the basis of the project for Mozilla Persona) 17:42:26 ... there are always players that want to work with other orgs and the current systems are orthogonal to each other 17:42:37 Hannes mentioned OpenID: http://openid.net/ 17:42:59 ... in the WebID spec there is no need for a login button. We do it without need for redirect 17:43:06 ack TallTed 17:43:30 Tallted: Privacy concerns here are multiple and challenging. This group can provide guidance 17:43:36 ... for users and spec builders 17:43:49 ... WebID is like a membership card. 17:44:19 ... a simple example. In Star Wars universe I want other rebels to know I'm a rebel, but not imperial guard 17:44:28 ... same if I am an imperial guard 17:44:43 ... I want to express my identity and conceal by choice. 17:45:00 ... I may not know all rules as I start and will need to figure it out as I go 17:45:20 ... people sometimes don't understand that rules are needed at start 17:45:37 ... if people know the rules up front the may be okay with that 17:45:54 ... but they may want to know what happens to their data once it is captured 17:46:03 So, JC is talking about need to know data flow diagram of the use cases, so to know control point for privacy safeguarding controls? 17:46:18 ... everyone has a user base and wants to become an identity provider 17:46:46 Henry: It can be tied to a government ID system 17:46:53 ... And threats at points of control for privacy data lifecycle (collect, use, store, transfer, delete)? 17:47:04 Hannes: If it is the same can't we use the same identitly system 17:47:14 Hannes not on IRC. 17:47:20 Henry: I don't want to have a debate about which is the best system 17:47:22 He is in a sauna in Helsinki. 17:47:38 ... because we are using linked systems and protocols tied to the web 17:47:52 ... we can build distributed systems quite easily 17:47:54 http://bblfish.net/ 17:48:13 ... I have videos about the philosophy of the social web 17:48:28 ... the WebID differentiates the URL from the identity 17:48:45 ... we can work with OpenID and that is what the page is about 17:49:03 ... we need lots of thinking about how these things interoperate well 17:49:56 Tara: We should take this to the mailing list and encourage people to provide feedback you would like to see 17:50:17 Henry: I will propose to working group to work on privacy section and we can progress from there 17:50:18 sounds good. 17:50:53 Tara: Next item - privacy impact checklist or impact assessment from Frank 17:51:02 ... we need to get these documents started 17:51:20 ... not a formal process but things people should consider when writing specs 17:51:33 ... do you have progress on this 17:52:00 yrlesru: I have had an opportunity to present the idea at several venues 17:52:39 ... I don't have a draft, but there is previous material 17:52:53 ... there is a draft 6 of privacy considerations 17:53:26 ... here at CPDP there were comments similar from W3C feedback 17:54:08 ... I'm looking for guidance from those on this call on what engineers want on privacy guidance 17:54:20 Tara: Does anyone on call want to respond? 17:54:46 Npdoty: I like the point on moving to something more systematic 17:54:58 ... the checklist got added from the ad hoc review 17:55:09 Here in CPDP we are hearing about what EU funded research and policy makers are saying needs to be done in a privacy impact assessment. 17:55:20 ... as the reviews occurred we came up with questions for the next review 17:55:20 They say the assessment should consist of: 17:55:38 - Include stakeholders (here the people defining spec), 17:55:57 ... that match IETF experience with privacy considerations 17:56:21 Hannes: The generic questions that we saw are in the privacy considerations draft 17:56:37 https://datatracker.ietf.org/doc/draft-iab-privacy-considerations/ 17:56:50 ... there are lots of things that repeat, though there are slight nuances 17:57:01 ... the point is to make people think about the questions 17:57:13 - Data flow analysis so you understand the data flowing between trusted control points and external interactors, classification of data so that personal data identified and which of that PD is "identifiable", "linkable", "observable", 17:57:14 ... we need to make the assessment again and again 17:57:36 - Then understand where threats are against identified privacy principles, 17:57:50 - Mitigation of threats, 17:58:04 Tara: Nick fingerprining? 17:58:06 YES, Kiitos Tara, will take comments to mailing list... 17:58:15 Npdoty: We should move this to next call. 17:58:18 - Lastly, mitigation to threats. 17:58:46 ... One thing that was mentioned was that the TAG provides high-level architecture guidance for the group 17:59:03 ... they had some advice on fingerprinting 17:59:14 ... I will look at the work and see how it can be combined. 18:00:04 Tara: 21 or 28 for next call? 18:00:10 February 21 or February 28 18:00:25 no conflict on either day for me 18:01:03 i could be 30 min late on 21st 18:01:34 ... next call on February 28 18:01:38 thanks 18:01:46 ... thanks to everyone! 18:01:46 thansk 18:01:48 - +1.509.375.aacc 18:01:51 Thx! 18:01:52 -estephan 18:01:53 -TallTed 18:01:53 -fjh 18:01:53 -npdoty 18:01:54 -tara 18:01:54 -bblfish 18:01:58 -Frank_Dawson_yrlesru 18:01:59 -JC 18:02:00 Team_(privacy)17:00Z has ended 18:02:00 Attendees were +358.504.87aaaa, +1.613.947.aabb, bblfish, +1.509.375.aacc, tara, fjh, estephan, JC, npdoty, TallTed, Frank_Dawson_yrlesru 18:02:02 rrsagent, make logs public 18:02:05 tara has left #privacy 18:02:09 rrsagent, please draft minutes 18:02:09 I have made the request to generate http://www.w3.org/2013/01/24-privacy-minutes.html npdoty 18:02:43 tara has joined #privacy 20:00:55 TallTed has joined #privacy 20:01:35 Zakim has left #privacy 21:36:46 jeffh has joined #privacy 23:27:48 npdoty has joined #privacy