IRC log of privacy on 2013-01-24

Timestamps are in UTC.

17:13:48 [RRSAgent]
RRSAgent has joined #privacy
17:13:48 [RRSAgent]
logging to
17:14:21 [npdoty]
q+ on what review document we're (not) using
17:14:43 [tara]
ack fjh
17:14:45 [Zakim]
17:15:13 [JC]
Npdoty: We are performing reviews informally though we have talked about different documents
17:15:33 [Zakim]
17:16:50 [tara]
17:16:58 [npdoty]
17:17:28 [npdoty]
I was starting to collect resources around Privacy Considerations on the wiki here:
17:17:42 [npdoty]
(that list is too short, apologies, I need to dump more links here)
17:19:36 [npdoty]
scribenick: npdoty
17:19:44 [npdoty]
fjh: took away some concrete suggestions
17:19:59 [npdoty]
... in particular, note a security consideration around combining light/proximity with other information
17:20:08 [fjh]
Three points: 1. thank for reviewing these specs and for taking DAP as a first case
17:20:24 [npdoty]
... but then some other comments went beyond what I thought was in scope for these APIs themselves
17:20:39 [fjh]
2 concrete take away, possibly add privacy consideration on risk when information combined from various APIs
17:21:08 [tara]
17:21:10 [fjh]
3. noted PING discussion went further beyond the DAP context of the spec, in future call for review may need to include some system context
17:21:17 [npdoty]
hannes: some comments that don't give useful to the author of a specification; how could we take this into account beyond stopping work?
17:21:19 [fjh]
4. not sure I received any other take aways
17:22:59 [npdoty]
no one was surprised about the event synchronization privacy leak? and here I thought I was being original ;)
17:23:28 [npdoty]
fjh: appreciate the time and effort; started with smaller and more isolated specifications
17:23:42 [npdoty]
... other specs would be richer down the line
17:25:00 [fjh]
17:25:04 [npdoty]
17:25:10 [tara]
ack fjh
17:25:48 [JC]
JC has joined #PRIVACY
17:26:13 [JC]
Tara: You had the proximity spec as well?
17:26:30 [JC]
Yrlesru: Yes, and I basically had the same comments for it
17:26:50 [JC]
... the process was valuable for getting feedback and improving the review process
17:27:51 [JC]
Npdoty: There is a chance for gleaning information from light sensors, but not with high, med, low settings
17:28:11 [tara]
ack npdoty
17:28:13 [fjh]
17:28:37 [JC]
Tara: Henry will cover his outstanding item
17:28:43 [npdoty]
npdoty: we learned or noted rather generalized advice regarding device apis that refer to background sensors
17:28:55 [JC]
Yrlesru: Should a formal response of the reviews be sent?
17:29:03 [npdoty]
17:29:15 [JC]
Tara: An informal response is fine. We would like to see the final response.
17:29:23 [npdoty]
I think Erin had actually written up a pretty detailed or formal version
17:29:43 [JC]
Henry: I chair web ID incubator group
17:29:59 [JC]
... identity is an important part of privacy
17:30:15 [JC]
... I am interested in feedback from PING
17:30:33 [JC]
... something is private or public
17:30:48 [JC]
There is a difference between public and publicized
17:31:02 [bblfish]
17:31:07 [JC]
... we have created a few specs, see URLs
17:31:23 [bblfish]
17:31:46 [bblfish]
17:31:57 [JC]
... we have an authentication spec for authenticating over TLS with WebID
17:32:12 [JC]
... also an interoperability spec, but only a beginning
17:32:16 [bblfish]
17:32:53 [yrlesru]
Justin Brookman and Thomas Roessler say hello from CPDP.
17:32:58 [JC]
... there are many ways to do authentication and they can be separated for different agents
17:33:05 [JC]
... ID and password is not good enough
17:33:24 [tara]
Hullo back to them!
17:33:31 [JC]
... for a globally distributed social web creating new accounts is too tedious
17:34:00 [JC]
... this has created centralized authentication services, which cause privacy problems
17:34:19 [JC]
... we want distributed, decentralized social webs to have privacy
17:34:40 [JC]
... otherwise the biggest players will control all of the data over millions of users
17:34:57 [JC]
... this may be counterintuitive in this space
17:35:11 [JC]
... we would like to have specs to cover the privacy side
17:35:39 [npdoty]
17:35:42 [JC]
Tara: So you would like the group to address privacy considerations, which includes identity considerations
17:36:02 [JC]
Henry: We are working on identity which has privacy considerations
17:36:23 [bblfish]
17:36:36 [JC]
... we haven't yet put this into the simple spec, but it is in the SSL spec
17:37:02 [JC]
... you can control access to sensitive information with access control
17:37:09 [tara]
ack npdoty
17:37:15 [JC]
... without access control you cannot get the larger elements of privacy
17:37:55 [JC]
Npdoty: A lot of concerns have been expressed about lack of anonymity on the web.
17:38:14 [TallTed]
17:38:19 [JC]
... identity is important for authentication so we know who are friends are.
17:38:44 [JC]
... I can see that there is a lot of identity work and could be like the sensor review where the responses are similar
17:39:04 [TallTed]
Zakim, unmute me
17:39:04 [Zakim]
TallTed should no longer be muted
17:39:08 [JC]
... we should think about how we can condense the work or provide general responses
17:39:19 [JC]
Herny: identity on the web is not new
17:39:28 [npdoty]
17:39:32 [JC]
... it should be possible to reuse previous work
17:40:14 [JC]
... it not so much the protocol, but the deployment in the way companies use the technology
17:40:33 [JC]
... OpenID is a distributed system, but most companies want to own the identity.
17:40:56 [JC]
... so I don't see how you avoid the tendency for systems to want to own it in deployment.
17:41:14 [TallTed]
17:41:51 [JC]
Henry: The business model is difficult. Some want to get greedy and can become too big.
17:42:01 [npdoty]
BrowserID that I mentioned, is documented as a spec here:
17:42:15 [npdoty]
(the basis of the project for Mozilla Persona)
17:42:26 [JC]
... there are always players that want to work with other orgs and the current systems are orthogonal to each other
17:42:37 [npdoty]
Hannes mentioned OpenID:
17:42:59 [JC]
... in the WebID spec there is no need for a login button. We do it without need for redirect
17:43:06 [npdoty]
ack TallTed
17:43:30 [JC]
Tallted: Privacy concerns here are multiple and challenging. This group can provide guidance
17:43:36 [JC]
... for users and spec builders
17:43:49 [JC]
... WebID is like a membership card.
17:44:19 [JC]
... a simple example. In Star Wars universe I want other rebels to know I'm a rebel, but not imperial guard
17:44:28 [JC]
... same if I am an imperial guard
17:44:43 [JC]
... I want to express my identity and conceal by choice.
17:45:00 [JC]
... I may not know all rules as I start and will need to figure it out as I go
17:45:20 [JC]
... people sometimes don't understand that rules are needed at start
17:45:37 [JC]
... if people know the rules up front the may be okay with that
17:45:54 [JC]
... but they may want to know what happens to their data once it is captured
17:46:03 [yrlesru]
So, JC is talking about need to know data flow diagram of the use cases, so to know control point for privacy safeguarding controls?
17:46:18 [JC]
... everyone has a user base and wants to become an identity provider
17:46:46 [JC]
Henry: It can be tied to a government ID system
17:46:53 [yrlesru]
... And threats at points of control for privacy data lifecycle (collect, use, store, transfer, delete)?
17:47:04 [JC]
Hannes: If it is the same can't we use the same identitly system
17:47:14 [yrlesru]
Hannes not on IRC.
17:47:20 [JC]
Henry: I don't want to have a debate about which is the best system
17:47:22 [yrlesru]
He is in a sauna in Helsinki.
17:47:38 [JC]
... because we are using linked systems and protocols tied to the web
17:47:52 [JC]
... we can build distributed systems quite easily
17:47:54 [bblfish]
17:48:13 [JC]
... I have videos about the philosophy of the social web
17:48:28 [JC]
... the WebID differentiates the URL from the identity
17:48:45 [JC]
... we can work with OpenID and that is what the page is about
17:49:03 [JC]
... we need lots of thinking about how these things interoperate well
17:49:56 [JC]
Tara: We should take this to the mailing list and encourage people to provide feedback you would like to see
17:50:17 [JC]
Henry: I will propose to working group to work on privacy section and we can progress from there
17:50:18 [npdoty]
sounds good.
17:50:53 [JC]
Tara: Next item - privacy impact checklist or impact assessment from Frank
17:51:02 [JC]
... we need to get these documents started
17:51:20 [JC]
... not a formal process but things people should consider when writing specs
17:51:33 [JC]
... do you have progress on this
17:52:00 [JC]
yrlesru: I have had an opportunity to present the idea at several venues
17:52:39 [JC]
... I don't have a draft, but there is previous material
17:52:53 [JC]
... there is a draft 6 of privacy considerations
17:53:26 [JC]
... here at CPDP there were comments similar from W3C feedback
17:54:08 [JC]
... I'm looking for guidance from those on this call on what engineers want on privacy guidance
17:54:20 [JC]
Tara: Does anyone on call want to respond?
17:54:46 [JC]
Npdoty: I like the point on moving to something more systematic
17:54:58 [JC]
... the checklist got added from the ad hoc review
17:55:09 [yrlesru]
Here in CPDP we are hearing about what EU funded research and policy makers are saying needs to be done in a privacy impact assessment.
17:55:20 [JC]
... as the reviews occurred we came up with questions for the next review
17:55:20 [yrlesru]
They say the assessment should consist of:
17:55:38 [yrlesru]
- Include stakeholders (here the people defining spec),
17:55:57 [JC]
... that match IETF experience with privacy considerations
17:56:21 [JC]
Hannes: The generic questions that we saw are in the privacy considerations draft
17:56:37 [npdoty]
17:56:50 [JC]
... there are lots of things that repeat, though there are slight nuances
17:57:01 [JC]
... the point is to make people think about the questions
17:57:13 [yrlesru]
- Data flow analysis so you understand the data flowing between trusted control points and external interactors, classification of data so that personal data identified and which of that PD is "identifiable", "linkable", "observable",
17:57:14 [JC]
... we need to make the assessment again and again
17:57:36 [yrlesru]
- Then understand where threats are against identified privacy principles,
17:57:50 [yrlesru]
- Mitigation of threats,
17:58:04 [JC]
Tara: Nick fingerprining?
17:58:06 [yrlesru]
YES, Kiitos Tara, will take comments to mailing list...
17:58:15 [JC]
Npdoty: We should move this to next call.
17:58:18 [yrlesru]
- Lastly, mitigation to threats.
17:58:46 [JC]
... One thing that was mentioned was that the TAG provides high-level architecture guidance for the group
17:59:03 [JC]
... they had some advice on fingerprinting
17:59:14 [JC]
... I will look at the work and see how it can be combined.
18:00:04 [JC]
Tara: 21 or 28 for next call?
18:00:10 [npdoty]
February 21 or February 28
18:00:25 [npdoty]
no conflict on either day for me
18:01:03 [fjh]
i could be 30 min late on 21st
18:01:34 [JC]
... next call on February 28
18:01:38 [fjh]
18:01:46 [JC]
... thanks to everyone!
18:01:46 [bblfish]
18:01:48 [Zakim]
- +1.509.375.aacc
18:01:51 [yrlesru]
18:01:52 [Zakim]
18:01:53 [Zakim]
18:01:53 [Zakim]
18:01:53 [Zakim]
18:01:54 [Zakim]
18:01:54 [Zakim]
18:01:58 [Zakim]
18:01:59 [Zakim]
18:02:00 [Zakim]
Team_(privacy)17:00Z has ended
18:02:00 [Zakim]
Attendees were +358.504.87aaaa, +1.613.947.aabb, bblfish, +1.509.375.aacc, tara, fjh, estephan, JC, npdoty, TallTed, Frank_Dawson_yrlesru
18:02:02 [npdoty]
rrsagent, make logs public
18:02:05 [tara]
tara has left #privacy
18:02:09 [npdoty]
rrsagent, please draft minutes
18:02:09 [RRSAgent]
I have made the request to generate npdoty
18:02:43 [tara]
tara has joined #privacy
20:00:55 [TallTed]
TallTed has joined #privacy
20:01:35 [Zakim]
Zakim has left #privacy
21:36:46 [jeffh]
jeffh has joined #privacy
23:27:48 [npdoty]
npdoty has joined #privacy