15:54:09 <RRSAgent> RRSAgent has joined #privacy
15:54:09 <RRSAgent> logging to http://www.w3.org/2015/04/09-privacy-irc
15:54:11 <trackbot> RRSAgent, make logs 263
15:54:11 <Zakim> Zakim has joined #privacy
15:54:13 <trackbot> Zakim, this will be
15:54:13 <Zakim> I don't understand 'this will be', trackbot
15:54:14 <trackbot> Meeting: Privacy Interest Group Teleconference
15:54:14 <trackbot> Date: 09 April 2015
15:54:21 <npdoty> Zakim, this will be ping
15:54:21 <Zakim> ok, npdoty; I see Team_(privacy)16:00Z scheduled to start in 6 minutes
15:56:02 <tara> tara has joined #privacy
15:57:24 <Zakim> Team_(privacy)16:00Z has now started
15:57:31 <Zakim> + +1.613.304.aaaa
15:58:02 <tara> Zakim, aaaa is me
15:58:02 <Zakim> +tara; got it
15:58:23 <christine> christine has joined #privacy
15:58:54 <Zakim> +[IPcaller]
15:59:50 <Zakim> +??P9
15:59:51 <christine> Zakim, IPcaller is me
15:59:51 <Zakim> +christine; got it
16:00:25 <npdoty> Zakim, who is on the phone?
16:00:25 <Zakim> On the phone I see tara, christine, ??P9
16:01:00 <rigo> rigo has joined #privacy
16:01:19 <npdoty> possible topics: TPAC scheduling
16:01:29 <Zakim> +[IPcaller]
16:02:04 <npdoty> Zakim, who is making noise?
16:02:13 <Kepeng> Kepeng has joined #privacy
16:02:17 <Zakim> npdoty, listening for 12 seconds I heard sound from the following: tara (24%), [IPcaller] (26%)
16:02:17 <tara> I am echoing into the call somehow...
16:02:46 <tara> And so is Nick!
16:03:40 <tara> Yes, I thought as much. Hence going quiet for a moment until we sort it out! If they are on IRC...
16:04:12 <Zakim> +Rigo
16:04:23 <npdoty> Zakim, mute IPcaller
16:04:23 <Zakim> [IPcaller] should now be muted
16:05:33 <Kepeng> OK, IPCaller is me. I am muted now. --Kepeng
16:05:46 <tara> Thanks!
16:05:51 <npdoty> ack IP
16:05:59 <npdoty> Zakim, unmute IPcaller
16:05:59 <Zakim> [IPcaller] should no longer be muted
16:06:05 <npdoty> Zakim, IPcaller is Kepeng
16:06:05 <Zakim> +Kepeng; got it
16:06:23 <Zakim> + +1.202.407.aabb
16:08:08 <npdoty> for the minutes, Rigo proposes renaming the Privacy Interest Group "CYBERping"
16:09:19 <christine> GCCS - https://www.gccs2015.com/programme
16:09:53 <npdoty> Berkeley has received grant funding for Long-Term Cybersecurity center: http://www.ischool.berkeley.edu/cltc
16:10:25 <christine> Do we have a scribe?
16:10:28 <npdoty> rigo: legal debate in France about data retention
16:10:40 <tara> Thanks!
16:10:59 <npdoty> ... indiscriminate retention not useful, struck down by ECJ
16:11:24 <npdoty> ... but how to resolve privacy/human rights issues in prediction aspects of big data
16:11:48 <npdoty> ... as opposed to the privacy concerns about computer decisionmaking in the 1970s
16:13:37 <npdoty> npdoty: Berkeley has grant funding, along with other universities, for a Center for Long-Term Cybersecurity
16:13:52 <christine> +q
16:14:10 <npdoty> Zakim, aabb is gregnorcie
16:14:10 <Zakim> +gregnorcie; got it
16:14:57 <npdoty> gregnorcie: Greg Norcie, technologist at CDT, finishing dissertation with Jean Camp
16:15:13 <npdoty> ... embedding human rights into Web standards, so working with PING and a few other organizations to make sure that happens
16:15:51 <npdoty> tara: welcome
16:16:09 <npdoty> ... today a call with less agenda than usual, just sharing items
16:17:24 <npdoty> rigo: gave a talk at Frankfurt law firm about connected cars and security/privacy
16:18:09 <npdoty> ... a car with a valet mode to record audio/video inside and outside the car
16:18:40 <npdoty> ... received some criticism, and some features have been removed
16:19:50 <npdoty> ... concern about hacking into cars and remote control
16:20:23 <npdoty> ... W3C has an Automotive Business Group with many of the organizations involved
16:20:42 <npdoty> ... remote deployment of hotfixes
16:20:55 <npdoty> ack chr
16:21:39 <npdoty> christine: postponed item previously was ISPs injecting headers, is it worth talking about that?
16:21:45 <npdoty> tara: header enrichment
16:24:16 <christine> q+
16:25:15 <npdoty> npdoty: summary of header enrichment, privacy issues of identifiers embedded in network traffic
16:25:17 <npdoty> http://known.npdoty.name/2014/header-enrichment
16:25:25 <npdoty> (nick's list of links about header enrichment)
16:26:16 <tara> ack chr
16:26:32 <npdoty> npdoty: is there W3C work that could be done to help? or could we broker a conversation with interested parties to document how this affects a Web privacy model?
16:26:35 <rigo> q+
16:26:58 <tara> ack rigo
16:27:03 <npdoty> christine: could we issue statements as a group on particular issues, smaller than a Recommendation or Group Note, but could be posted on a blog or with TAG, etc.
16:28:09 <npdoty> rigo: if we could have a presentation on header enrichment, and invite @mnot, chair of relevant IETF HTTP WG
16:28:26 <npdoty> ... how should software react when it encounters such enrichment?
16:29:00 <npdoty> ... are there technical as well as legal restrictions?
16:30:08 <npdoty> christine: will circulate summary from meeting at IETF, to send out shortly.
16:30:30 <npdoty> ... header enrichment not particularly discussed at that time
16:31:21 <npdoty> npdoty: was header enrichment discussed at other IETF wgs?
16:31:26 <npdoty> we're not sure.
16:32:36 <wseltzer> [ it came up as a counter-example in SPUD  ]
16:33:20 <npdoty> https://tools.ietf.org/html/draft-hardie-spud-use-cases-01
16:33:56 <tara> Thanks Wendy!
16:34:05 <npdoty> Substrate Protocol for User Datagrams (SPUD)
16:35:20 <npdoty> rigo: similarly, Opera Mini browser is a sort of proxy browser, where all the requests are handled by the server and then rendered and returned as an image to your device
16:35:44 <npdoty> ... SPDY / HTTP/2 can also use a sort of caching where a server handles subrequests on your behalf
16:36:19 <npdoty> ... could be used as an anonymizing proxy or a central point to facilitate surveillance
16:38:37 <npdoty> npdoty: I had been thinking about header enrichment of identifiers that could match the Web privacy model, for example, origin-specific identifiers and a way for user agents to communicate with the network to clear identifiers
16:40:03 <npdoty> rigo: Workshop on User-Centric Controls in Berlin saw support for more transparency mechanisms, but that evercookies may always be a problem
16:41:00 <npdoty> npdoty: seems like there are some mitigations to an evercookie, and so that new technologies shouldn't introduce trivial new evercookie functionality
16:41:44 <npdoty> tara: summarizing: could have some discussions with mnot/IETF HTTP; we have some documents to review; could release a statement of some kind as a group
16:42:33 <npdoty> rigo: economic concerns about privacy and the cost of building countermeasures and mitigations
16:43:39 <npdoty> ... creating research projects?
16:44:45 <npdoty> Topic: TPAC
16:45:22 <npdoty> tara: will take to the mailing list as well. had a f2f meeting for PING at the last TPAC in Santa Clara which went well. should we plan for that in Japan this year?
16:45:28 <rigo> [note that all the great mental supporters of PING are normally at TPAC]
16:46:10 <npdoty> rigo: lots of interested people would come to PING at TPAC
16:47:15 <npdoty> npdoty: +1, and useful because some coordination possible with IETF
16:47:50 <tara> TAG is meeting two weeks from now--  F2F in SF
16:48:43 <npdoty> npdoty: TAG interested in discussing privacy and security reviews
16:49:41 <tara> Other advantage of TPAC is being able to sit in on other group's meetings and see privacy issues in those grou[s
16:50:09 <npdoty> npdoty: will meet with TAG and discuss mkwest questionnaire and our experience with privacy reviews
16:50:49 <npdoty> Kepeng: conference call time is difficult for Chinese participants
16:51:29 <rigo> 7am in Silicon Valley is hard :)
16:54:59 <npdoty> npdoty: we could have separate calls / alternating, for people to talk Asian morning / US afternoon
16:55:22 <npdoty> rigo: has been tried, but not sure what our attendance would be
16:56:00 <npdoty> tara: can look at alternate times
16:56:26 <npdoty> i/Kepeng/Topic: call time/
16:56:34 <npdoty> christine: May 14th?
16:56:53 <npdoty> 14th looks good to me
16:57:15 <npdoty> tara: same time for next call, but will look at other options
16:57:25 <Zakim> -gregnorcie
16:57:26 <Zakim> -Rigo
16:57:26 <Zakim> -tara
16:57:27 <Zakim> -christine
16:57:30 <Zakim> -??P9
16:57:30 <npdoty> chair: tara
16:57:35 <npdoty> trackbot, end meeting
16:57:35 <trackbot> Zakim, list attendees
16:57:36 <Zakim> As of this point the attendees have been +1.613.304.aaaa, tara, christine, Rigo, Kepeng, +1.202.407.aabb, gregnorcie
16:57:42 <Zakim> -Kepeng
16:57:43 <Zakim> Team_(privacy)16:00Z has ended
16:57:43 <Zakim> Attendees were +1.613.304.aaaa, tara, christine, Rigo, Kepeng, +1.202.407.aabb, gregnorcie
16:57:43 <trackbot> RRSAgent, please draft minutes
16:57:43 <RRSAgent> I have made the request to generate http://www.w3.org/2015/04/09-privacy-minutes.html trackbot
16:57:44 <trackbot> RRSAgent, bye
16:57:54 <npdoty> rrsagent, make logs public
16:58:00 <npdoty> rrsagent, please draft the minutes
16:58:00 <RRSAgent> I have made the request to generate http://www.w3.org/2015/04/09-privacy-minutes.html npdoty
16:58:45 <npdoty> npdoty has changed the topic to: Privacy Interest Group minutes from April: https://www.w3.org/2015/04/09-privacy-minutes.html
16:58:52 <npdoty> RRSAgent, bye
16:58:52 <RRSAgent> I see no action items