Re: ISSUE-235 (Auditability requirement for security) from Nicholas Doty on 2014-11-19 (public-tracking@w3.org from November 2014)

From: Nicholas Doty <npdoty@w3.org>
Date: Tue, 18 Nov 2014 16:57:47 -0800
To: Walter van Holst <walter.van.holst@xs4all.nl>
Cc: Tracking Protection Working Group <public-tracking@w3.org>
Message-Id: <E5725BDB-44DF-4158-B461-DDE1C1409CE9@w3.org>

Separate as to whether this auditing requirement is a good idea for the recommendation, I'd propose a couple small, friendly amendments to the language, as per below.

> For the purposes of this recommendation, auditable is understood as having sufficient records of access and use of data retained such that an independent auditor would have a reasonable level of confidence that the data retained is exclusively used for the permitted uses or that breaches of this can be detected ex-post. For example, an auditor might use a similar level of confidence to that required for the organization's financial records.


(Use independent instead of third-party, as the document has a separate definition for third-party. Use "recommendation". "Example" rather than "yardstick".)

Thanks,
Nick

On October 29, 2014, at 12:01 PM, Justin Brookman <jbrookman@cdt.org> wrote:

> For those who don’t feel like visiting the wiki, Walter has proposed to retain the auditability requirement, and to clarify with the following language:
> 
> In this context auditable is typically understood that there are sufficient records available of access and use of data retained that a third-party auditor would have a reasonable level of confidence that the data retained is exclusively used for the permitted uses or that  breaches of this can be detected ex-post. A good yardstick of the level of confidence would be a similar level of confidence required for the organisation's financial records.
> 
> </walter>
> 
> I don’t have any great insight into the manner in which companies typically document their access and use of tracking databases, but I’d welcome opinions on whether this would represent a marginal burden to companies.
> 
> On Oct 29, 2014, at 7:59 AM, Walter van Holst <walter.van.holst@xs4all.nl> wrote:
> 
>> On 2014-10-22 17:40, Justin Brookman wrote:
>> 
>>> I do not have a general notion of what an auditor would consider to be
>>> auditable, so why don’t you propose specific text (doesn’t have to be
>>> in the next 20 minutes!) for the group to consider.
>> 
>> I have put a proposal underneath Vincent's in the wiki:
>> 
>> https://www.w3.org/wiki/Privacy/TPWG/Change_Proposal_Remove_auditable_security_requirement
>> 
>> Sadly, I'm very unlikely to be able to attend today's call. Feedback by mail, either on- or off-list would be much appreciated.
>> 
>> Regards,
>> 
>> Walter
> 
> 
>

Received on Wednesday, 19 November 2014 00:57:58 UTC