From IETF-RUN@mailbag.cps.intel.com Tue May 4 12:25:17 1999 Received: from mailbag.cps.intel.com (mailbag.cps.intel.com [192.102.199.72]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA11547 for ; Tue, 4 May 1999 12:25:16 -0400 (EDT) Received: from mailbag.intel.com (mailbag.cps.intel.com [192.102.199.72]) by mailbag.cps.intel.com (8.9.1a+p1/8.9.1/d: relay.m4,v 1.6 1998/11/24 22:10:56 iwep Exp iwep $) with ESMTP id JAA05444; Tue, 4 May 1999 09:08:25 -0700 (PDT) Received: from MAILBAG.INTEL.COM by MAILBAG.INTEL.COM (LISTSERV-TCP/IP release 1.8c) with spool id 94631 for IETF-RUN@MAILBAG.INTEL.COM; Tue, 4 May 1999 09:08:24 -0700 Received: from mm02snlnto.sandia.gov (mm02snlnto.sandia.gov [132.175.109.21]) by mailbag.cps.intel.com (8.9.1a+p1/8.9.1/d: relay.m4,v 1.6 1998/11/24 22:10:56 iwep Exp iwep $) with SMTP id IAA05321 for ; Tue, 4 May 1999 08:58:22 -0700 (PDT) Received: from 132.175.109.1 by mm02snlnto.sandia.gov with ESMTP ( WorldSecure Server SMTP Relay(WSS) v3.5); Tue, 04 May 99 09:53:11 -0600 X-Server-Uuid: 7edb479a-fd89-11d2-9a77-0090273cd58c Received: from sandia.gov (oshaka.sandia.gov [134.253.45.46]) by sass165.sandia.gov (8.9.3/8.9.3) with ESMTP id JAA07666 for ; Tue, 4 May 1999 09:55:53 -0600 (MDT) X-Mailer: Mozilla 4.05 [en] (X11; U; IRIX 6.2 IP22) MIME-Version: 1.0 X-WSS-ID: 1B31C86D26793-01-01 Content-Type: multipart/alternative; boundary=------------EBFADA559CA12FEA215C3A13 Message-ID: <372F1885.AD9CB1EB@sandia.gov> Date: Tue, 4 May 1999 09:55:50 -0600 Reply-To: IETF-RUN Sender: IETF-RUN From: Barbara Jennings Subject: Whereareweat? To: IETF-RUN@mailbag.cps.intel.com --------------EBFADA559CA12FEA215C3A13 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Ted/List, Where are we at with contributing to the draft? I can provide notes or a section on privacy - and could come up with a strawman for security. Both of which would only serve as a starting place. But I don't want to duplicate effort - so please advise. --Barbara -- Barbara Jennings Sandia National Laboratories P.O. Box 5800 Albuquerque, New Mexico 87185 (505)845-8554 FAX (505)844-2067 ============================================================= "Remember, Ginger Rogers did everything Fred Astaire did, but she did it backwards and in high heels." --Faith Whittlesey --------------EBFADA559CA12FEA215C3A13 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Ted/List,

  Where are we at with contributing to the draft? I can provide
notes or a section on privacy - and could come up with a
strawman for security.  Both of which would only serve as
a starting place.

  But I don't want to duplicate effort - so please advise.

--Barbara
  

-- 

Barbara Jennings
Sandia National Laboratories
P.O. Box 5800
Albuquerque, New Mexico  87185
(505)845-8554 FAX (505)844-2067
=============================================================

"Remember, Ginger Rogers did everything Fred Astaire did,
but she did it backwards and in high heels."

                                           --Faith Whittlesey
  --------------EBFADA559CA12FEA215C3A13-- From IETF-RUN@mailbag.cps.intel.com Tue May 4 16:26:33 1999 Received: from mailbag.cps.intel.com (mailbag.cps.intel.com [192.102.199.72]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA26219 for ; Tue, 4 May 1999 16:26:32 -0400 (EDT) Received: from mailbag.intel.com (mailbag.cps.intel.com [192.102.199.72]) by mailbag.cps.intel.com (8.9.1a+p1/8.9.1/d: relay.m4,v 1.6 1998/11/24 22:10:56 iwep Exp iwep $) with ESMTP id NAA08947; Tue, 4 May 1999 13:13:07 -0700 (PDT) Received: from MAILBAG.INTEL.COM by MAILBAG.INTEL.COM (LISTSERV-TCP/IP release 1.8c) with spool id 95019 for IETF-RUN@MAILBAG.INTEL.COM; Tue, 4 May 1999 13:13:07 -0700 Received: from cor.pennvent.com ([12.3.208.92]) by mailbag.cps.intel.com (8.9.1a+p1/8.9.1/d: relay.m4,v 1.6 1998/11/24 22:10:56 iwep Exp iwep $) with ESMTP id NAA08940 for ; Tue, 4 May 1999 13:13:04 -0700 (PDT) Received: by airmail.pennvent.com with Internet Mail Service (5.5.2448.0) id ; Tue, 4 May 1999 16:14:52 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain Message-ID: Date: Tue, 4 May 1999 16:14:51 -0400 Reply-To: IETF-RUN Sender: IETF-RUN From: "Gavin, Ted (COR-EX)" Subject: Re: Whereareweat? To: IETF-RUN@mailbag.cps.intel.com Hi Barbara. Thanks for writing. Yes, please do post some thoughts on security. While I'm on vacation next week with some happy usenet pals, I'll be putting together an intital rewrite and posting it to the list shortly after. You should be seeing something around the 20th of this month, and from there, we can start narrowing in on key points to modify, add, or remove. Ted > -----Original Message----- > From: Barbara Jennings [SMTP:bjjenni@SANDIA.GOV] > Sent: Tuesday, May 04, 1999 11:56 AM > To: IETF-RUN@MAILBAG.INTEL.COM > Subject: Whereareweat? > > Ted/List, > > Where are we at with contributing to the draft? I can provide > notes or a section on privacy - and could come up with a > strawman for security. Both of which would only serve as > a starting place. > > But I don't want to duplicate effort - so please advise. > > --Barbara > > -- > > Barbara Jennings > Sandia National Laboratories > P.O. Box 5800 > Albuquerque, New Mexico 87185 > (505)845-8554 FAX (505)844-2067 > ============================================================= > > "Remember, Ginger Rogers did everything Fred Astaire did, > but she did it backwards and in high heels." > > --Faith Whittlesey > From IETF-RUN@mailbag.cps.intel.com Mon May 17 14:36:31 1999 Received: from mailbag.cps.intel.com (mailbag.cps.intel.com [192.102.199.72]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA02846 for ; Mon, 17 May 1999 14:36:30 -0400 (EDT) Received: from mailbag.intel.com (mailbag.cps.intel.com [192.102.199.72]) by mailbag.cps.intel.com (8.9.1a+p1/8.9.1/d: relay.m4,v 1.6 1998/11/24 22:10:56 iwep Exp iwep $) with ESMTP id LAA04223; Mon, 17 May 1999 11:19:48 -0700 (PDT) Received: from MAILBAG.INTEL.COM by MAILBAG.INTEL.COM (LISTSERV-TCP/IP release 1.8c) with spool id 103730 for IETF-RUN@MAILBAG.INTEL.COM; Mon, 17 May 1999 11:19:47 -0700 Received: from mm01snlnto.sandia.gov (mm01snlnto.sandia.gov [132.175.109.20]) by mailbag.cps.intel.com (8.9.1a+p1/8.9.1/d: relay.m4,v 1.6 1998/11/24 22:10:56 iwep Exp iwep $) with SMTP id LAA04072 for ; Mon, 17 May 1999 11:09:46 -0700 (PDT) Received: from 132.175.109.1 by mm01snlnto.sandia.gov with ESMTP ( WorldSecure Server SMTP Relay(WSS) v3.5); Mon, 17 May 99 12:07:22 -0600 X-Server-Uuid: 7edb479a-fd89-11d2-9a77-0090273cd58c Received: from sandia.gov (oshaka.sandia.gov [134.253.45.46]) by sass165.sandia.gov (8.9.3/8.9.3) with ESMTP id MAA27554 for ; Mon, 17 May 1999 12:07:20 -0600 (MDT) X-Mailer: Mozilla 4.05 [en] (X11; U; IRIX 6.2 IP22) MIME-Version: 1.0 X-WSS-ID: 1B5E855044493-01-01 Content-Type: multipart/alternative; boundary=------------49853CDB39FC0B3F9471FF27 Message-ID: <37405AD9.B686273@sandia.gov> Date: Mon, 17 May 1999 12:07:21 -0600 Reply-To: IETF-RUN Sender: IETF-RUN From: Barbara Jennings Subject: draft-ietf-run-adverts-00.txt To: IETF-RUN@mailbag.cps.intel.com --------------49853CDB39FC0B3F9471FF27 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Strawman section on Privacy. Comments welcome. -- Barbara Why Web Privacy? Directories, lists, or other collection sources of personal data are the current informational 'gold rush' for marketing in the United States. The U.S. Constitution contains no explicit guarantee of personal privacy. Such a right, under current legislation stands little chance against electronic technologies. The American public has expressed concern regarding intrusion into their personal privacy. Still the collection and sale of such information abounds. Self regulation by businesses utilitizing the Internet is the first choice of legislators, commercial websites and Internet aficionados. However, the profits to be made by selling personal information, and by using these lists for advertisement purposes often disuades self regulation. Senator Patrick Leahy, Ranking Minority member of the Senate Judiciary Committee states very succintly, why we should consider Internet Privacy. "Good privacy policies make good business policies. New technologies bring with them new opportunities, both for the businesses that develop and market them, and for consumers. It does not do anyone any good for consumers to hesitate to use any particular technology because they have concerns over privacy. That is why I believe that good privacy policies make good business policies." The Center for Democracy and Technology suggests 5 conditions that sites should follow tobe considerate of individuals rights to privacy: Notice of data collection Choice to opt out Access to data to rectify errors Adequate security of information database Access to contact persons at website Notice the practice of data collection authorization can be accomplished in something as simple as an automated response. This will help assure your customers that you are a business of integrity. An additional consideration that must be made is for those businesses that intend to pursue international trade with foreign countries. The European Communities have legislation for the flow of personal information. If your are inteseted in doing business across borders and particulary if you intend to share custotmer information, you will need to be able to guarantee the same privacy considerations as your foreign counterpart. Other countries and their legislation is shown below: Germany BundesDatenSchutzGesetz (BDSG) France Commision Nationale de l'informatique et de libertes (CNIL) UK Data Protection Act (DPA) Netherlands Wet PersoonsRegistraties (WPR) Australia Privacy Act 1998 (OECD DAta Protection Guidelines) Canada The Personal Information Protection and Electronic Documents Act -- Barbara Jennings Sandia National Laboratories P.O. Box 5800 M/S 0807 Albuquerque, New Mexico 87185 (505)845-8554 FAX (505)844-2067 bjjenni@sandia.gov ============================================================= "Life is to be spent not saved." D.H. Laurence --------------49853CDB39FC0B3F9471FF27 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Strawman section on Privacy.  Comments welcome.

  -- Barbara
 

Why Web Privacy?
 

Directories, lists, or other collection sources of  personal data are the current
informational 'gold rush' for marketing in the United States.  The U.S. Constitution
contains no explicit guarantee of personal privacy.  Such a right, under current
legislation stands little chance against electronic technologies. The American public
has expressed concern regarding intrusion into their personal privacy.  Still the collection and sale of such information abounds.
 

Self regulation by businesses utilitizing the Internet is the first choice of legislators,
commercial websites and Internet aficionados.  However, the profits to be made
by selling personal information, and by using these lists for advertisement purposes
often disuades self regulation.
 

Senator Patrick Leahy, Ranking Minority member of the Senate Judiciary
Committee states very succintly, why we should consider Internet Privacy. "Good
privacy policies make good business policies. New technologies bring with them new
opportunities, both for the businesses that develop and market them, and for consumers.
It does not do anyone any good for consumers to hesitate to use any particular
technology because they have concerns over privacy. That is why I believe that good
privacy policies make good business policies."
 

The Center for Democracy and Technology suggests 5 conditions that sites
should follow tobe considerate of individuals rights to privacy:
 

        Notice of data collection
        Choice to opt out
        Access to data to rectify errors
        Adequate security of information database
        Access to contact persons at website
 

Notice the practice of data collection authorization can be accomplished in
something as simple as an automated response.  This will help assure your
customers that you are a business of integrity.
 

An additional consideration that must be made is for those businesses that intend to
pursue international trade with foreign countries.  The European Communities have legislation for the flow of personal information.  If your are inteseted in doing business
across borders and particulary if you intend to share custotmer information, you will need
to be able to guarantee the same privacy considerations as your foreign counterpart.
 

Other countries and their legislation is shown below:
 

        Germany          BundesDatenSchutzGesetz  (BDSG) 
        France              Commision Nationale de l'informatique et de
                                      libertes  (CNIL)
        UK                       Data Protection Act (DPA)
        Netherlands     Wet PersoonsRegistraties (WPR)
        Australia            Privacy Act 1998 (OECD DAta Protection
                                       Guidelines)
        Canada            The Personal Information Protection and Electronic
                                       Documents Act 

-- 

Barbara Jennings
Sandia National Laboratories
P.O. Box 5800 M/S 0807
Albuquerque, New Mexico  87185
(505)845-8554 FAX (505)844-2067
bjjenni@sandia.gov
=============================================================

"Life is to be spent not saved."

  D.H. Laurence
  --------------49853CDB39FC0B3F9471FF27-- From IETF-RUN@mailbag.cps.intel.com Mon May 17 14:59:53 1999 Received: from mailbag.cps.intel.com (mailbag.cps.intel.com [192.102.199.72]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA03168 for ; Mon, 17 May 1999 14:59:53 -0400 (EDT) Received: from mailbag.intel.com (mailbag.cps.intel.com [192.102.199.72]) by mailbag.cps.intel.com (8.9.1a+p1/8.9.1/d: relay.m4,v 1.6 1998/11/24 22:10:56 iwep Exp iwep $) with ESMTP id LAA04572; Mon, 17 May 1999 11:47:00 -0700 (PDT) Received: from MAILBAG.INTEL.COM by MAILBAG.INTEL.COM (LISTSERV-TCP/IP release 1.8c) with spool id 103803 for IETF-RUN@MAILBAG.INTEL.COM; Mon, 17 May 1999 11:47:00 -0700 Received: from ftpbox.mot.com (ftpbox.mot.com [129.188.136.101]) by mailbag.cps.intel.com (8.9.1a+p1/8.9.1/d: relay.m4,v 1.6 1998/11/24 22:10:56 iwep Exp iwep $) with ESMTP id LAA04565 for ; Mon, 17 May 1999 11:46:59 -0700 (PDT) Received: [from pobox.mot.com (pobox.mot.com [129.188.137.100]) by ftpbox.mot.com (MOT-ftpbox 1.0) with ESMTP id NAA02613 for ; Mon, 17 May 1999 13:44:32 -0500 (CDT)] Received: [from az33exi02.corp.mot.com (az33exi02.corp.mot.com [129.188.185.180]) by pobox.mot.com (MOT-pobox 2.0) with ESMTP id NAA02288 for ; Mon, 17 May 1999 13:44:32 -0500 (CDT)] Received: by AZ33EXI02 with Internet Mail Service (5.5.2448.0) id ; Mon, 17 May 1999 19:44:31 +0100 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Message-ID: Date: Mon, 17 May 1999 19:44:29 +0100 Reply-To: IETF-RUN Sender: IETF-RUN From: Austin Bill-P23393 Subject: Re: draft-ietf-run-adverts-00.txt Comments: To: IETF-RUN To: IETF-RUN@mailbag.cps.intel.com It is kind of US centric. Maybe tone that down in the first paragraph as shown below. -----Original Message----- From: Barbara Jennings [mailto:bjjenni@SANDIA.GOV] Sent: Monday, May 17, 1999 11:07 AM To: IETF-RUN@mailbag.cps.intel.com Subject: draft-ietf-run-adverts-00.txt Strawman section on Privacy. Comments welcome. -- Barbara Why Web Privacy? Directories, lists, or other collection sources of personal data are the current informational 'gold rush' for Internet market ers . In the U nited States, there is no explicit guarantee of personal privacy. Such a right, under current legislation stands little chance against electronic technologies. The American public has expressed concern regarding intrusion into their personal privacy. Still the collection and sale of such information abounds. Bill Austin http://home.att.net/~wbaustin/ http://aztec.asu.edu/ http://arizona.motorola.com/ From IETF-RUN@mailbag.cps.intel.com Tue May 18 04:17:20 1999 Received: from mailbag.cps.intel.com (mailbag.cps.intel.com [192.102.199.72]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA23194 for ; Tue, 18 May 1999 04:17:20 -0400 (EDT) Received: from mailbag.intel.com (mailbag.cps.intel.com [192.102.199.72]) by mailbag.cps.intel.com (8.9.1a+p1/8.9.1/d: relay.m4,v 1.6 1998/11/24 22:10:56 iwep Exp iwep $) with ESMTP id BAA12910; Tue, 18 May 1999 01:03:42 -0700 (PDT) Received: from MAILBAG.INTEL.COM by MAILBAG.INTEL.COM (LISTSERV-TCP/IP release 1.8c) with spool id 102887 for IETF-RUN@MAILBAG.INTEL.COM; Tue, 18 May 1999 01:03:41 -0700 Received: from beatles.cselt.it (beatles.cselt.it [163.162.29.125]) by mailbag.cps.intel.com (8.9.1a+p1/8.9.1/d: relay.m4,v 1.6 1998/11/24 22:10:56 iwep Exp iwep $) with ESMTP id BAA12903 for ; Tue, 18 May 1999 01:03:40 -0700 (PDT) Received: from beatles.cselt.it (beatles.cselt.stet.it [163.162.29.125]) by beatles.cselt.it (8.8.6/8.8.5) with SMTP id KAA00779 for ; Tue, 18 May 1999 10:00:19 +0200 (MET DST) MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Content-MD5: eLbidcFAVqswmOU87af9jg== X-Mailer: dtmail 1.2.0 CDE Version 1.2 SunOS 5.6 sun4u sparc Message-ID: <199905180800.KAA00779@beatles.cselt.it> Date: Tue, 18 May 1999 10:00:19 +0200 Reply-To: Maurizio Codogno Sender: IETF-RUN From: Maurizio Codogno Subject: Re: draft-ietf-run-adverts-00.txt Comments: To: IETF-RUN@mailbag.cps.intel.com To: IETF-RUN@mailbag.cps.intel.com " Strawman section on Privacy. Comments welcome. For Italy (in Italian) there is some info at http://www.privacy.it/indice675/indicealfa.html "Legge per la tutela dei dati personali" ciao, .mau. From IETF-RUN@mailbag.cps.intel.com Tue May 18 09:54:50 1999 Received: from mailbag.cps.intel.com (mailbag.cps.intel.com [192.102.199.72]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA02423 for ; Tue, 18 May 1999 09:54:49 -0400 (EDT) Received: from mailbag.intel.com (mailbag.cps.intel.com [192.102.199.72]) by mailbag.cps.intel.com (8.9.1a+p1/8.9.1/d: relay.m4,v 1.6 1998/11/24 22:10:56 iwep Exp iwep $) with ESMTP id GAA16167; Tue, 18 May 1999 06:41:08 -0700 (PDT) Received: from MAILBAG.INTEL.COM by MAILBAG.INTEL.COM (LISTSERV-TCP/IP release 1.8c) with spool id 103348 for IETF-RUN@MAILBAG.INTEL.COM; Tue, 18 May 1999 06:41:07 -0700 Received: from cor.pennvent.com ([12.3.208.92]) by mailbag.cps.intel.com (8.9.1a+p1/8.9.1/d: relay.m4,v 1.6 1998/11/24 22:10:56 iwep Exp iwep $) with ESMTP id GAA16160 for ; Tue, 18 May 1999 06:41:04 -0700 (PDT) Received: by airmail.pennvent.com with Internet Mail Service (5.5.2448.0) id ; Tue, 18 May 1999 09:43:06 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Message-ID: Date: Tue, 18 May 1999 09:43:04 -0400 Reply-To: IETF-RUN Sender: IETF-RUN From: "Gavin, Ted (COR-EX)" Subject: Re: draft-ietf-run-adverts-00.txt To: IETF-RUN@mailbag.cps.intel.com This is good material. But, I think we risk creating more burden in including anything beyond a topical mention that there *are* local laws regarding privacy. If we include countries, then as those laws are changed, we face the burden of an undending chain of RFCs. Just my thoughts. tg > -----Original Message----- > From: Barbara Jennings [SMTP:bjjenni@SANDIA.GOV] > Sent: Monday, May 17, 1999 2:07 PM > To: IETF-RUN@MAILBAG.INTEL.COM > Subject: draft-ietf-run-adverts-00.txt > > Strawman section on Privacy. Comments welcome. > > -- Barbara > > > Why Web Privacy? > > > Directories, lists, or other collection sources of personal data are the > current > informational 'gold rush' for marketing in the United States. The U.S. > Constitution > contains no explicit guarantee of personal privacy. Such a right, under > current > legislation stands little chance against electronic technologies. The > American public > has expressed concern regarding intrusion into their personal privacy. > Still the collection and sale of such information abounds. > > > Self regulation by businesses utilitizing the Internet is the first choice > of legislators, > commercial websites and Internet aficionados. However, the profits to be > made > by selling personal information, and by using these lists for > advertisement purposes > often disuades self regulation. > > > Senator Patrick Leahy, Ranking Minority member of the Senate Judiciary > Committee states very succintly, why we should consider Internet Privacy. > "Good > privacy policies make good business policies. New technologies bring with > them new > opportunities, both for the businesses that develop and market them, and > for consumers. > It does not do anyone any good for consumers to hesitate to use any > particular > technology because they have concerns over privacy. That is why I believe > that good > privacy policies make good business policies." > > > The Center for Democracy and Technology suggests 5 conditions that sites > should follow tobe considerate of individuals rights to privacy: > > > Notice of data collection > Choice to opt out > Access to data to rectify errors > Adequate security of information database > Access to contact persons at website > > > Notice the practice of data collection authorization can be accomplished > in > something as simple as an automated response. This will help assure your > customers that you are a business of integrity. > > > An additional consideration that must be made is for those businesses that > intend to > pursue international trade with foreign countries. The European > Communities have legislation for the flow of personal information. If > your are inteseted in doing business > across borders and particulary if you intend to share custotmer > information, you will need > to be able to guarantee the same privacy considerations as your foreign > counterpart. > > > Other countries and their legislation is shown below: > > > Germany BundesDatenSchutzGesetz (BDSG) > France Commision Nationale de l'informatique et de > libertes (CNIL) > UK Data Protection Act (DPA) > Netherlands Wet PersoonsRegistraties (WPR) > Australia Privacy Act 1998 (OECD DAta Protection > Guidelines) > Canada The Personal Information Protection and > Electronic > Documents Act > -- > > Barbara Jennings > Sandia National Laboratories > P.O. Box 5800 M/S 0807 > Albuquerque, New Mexico 87185 > (505)845-8554 FAX (505)844-2067 > bjjenni@sandia.gov > ============================================================= > > "Life is to be spent not saved." > > D.H. Laurence > From IETF-RUN@mailbag.cps.intel.com Tue May 18 11:48:41 1999 Received: from mailbag.cps.intel.com (mailbag.cps.intel.com [192.102.199.72]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA09488 for ; Tue, 18 May 1999 11:48:41 -0400 (EDT) Received: from mailbag.intel.com (mailbag.cps.intel.com [192.102.199.72]) by mailbag.cps.intel.com (8.9.1a+p1/8.9.1/d: relay.m4,v 1.6 1998/11/24 22:10:56 iwep Exp iwep $) with ESMTP id IAA17499; Tue, 18 May 1999 08:26:06 -0700 (PDT) Received: from MAILBAG.INTEL.COM by MAILBAG.INTEL.COM (LISTSERV-TCP/IP release 1.8c) with spool id 103463 for IETF-RUN@MAILBAG.INTEL.COM; Tue, 18 May 1999 08:26:05 -0700 Received: from mm02snlnto.sandia.gov (mm02snlnto.sandia.gov [132.175.109.21]) by mailbag.cps.intel.com (8.9.1a+p1/8.9.1/d: relay.m4,v 1.6 1998/11/24 22:10:56 iwep Exp iwep $) with SMTP id IAA17073 for ; Tue, 18 May 1999 08:15:56 -0700 (PDT) Received: from 132.175.109.1 by mm02snlnto.sandia.gov with ESMTP ( WorldSecure Server SMTP Relay(WSS) v3.5); Tue, 18 May 99 09:13:34 -0600 X-Server-Uuid: 7edb479a-fd89-11d2-9a77-0090273cd58c Received: from sandia.gov (oshaka.sandia.gov [134.253.45.46]) by sass165.sandia.gov (8.9.3/8.9.3) with ESMTP id JAA21314 for ; Tue, 18 May 1999 09:13:34 -0600 (MDT) X-Mailer: Mozilla 4.05 [en] (X11; U; IRIX 6.2 IP22) MIME-Version: 1.0 References: X-WSS-ID: 1B5F5C1483152-01-01 Content-Type: multipart/alternative; boundary=------------D2C99678B9D0008DACDF1FA2 Message-ID: <3741839C.66967113@sandia.gov> Date: Tue, 18 May 1999 09:13:33 -0600 Reply-To: IETF-RUN Sender: IETF-RUN From: Barbara Jennings Subject: Re: draft-ietf-run-adverts-00.txt To: IETF-RUN@mailbag.cps.intel.com --------------D2C99678B9D0008DACDF1FA2 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi Ted, The other responses that I received were relating to US concentric (oops! - I will rewrite this paragraph) and from Maurizo in Italy with his country privacy contact. I tend to think that while including the local laws may be a bit of a burden to obtain, the information is quite necessary for sites to incorporate to the RFC. Additionally, while the law may change or be ammended, most times the title does not, ie U.S. Consititution. Thoughts? Barbara Gavin, Ted (COR-EX) wrote: > This is good material. But, I think we risk creating more burden in > including anything beyond a topical mention that there *are* local laws > regarding privacy. If we include countries, then as those laws are changed, > we face the burden of an undending chain of RFCs. > > Just my thoughts. > > tg > > > -----Original Message----- > > From: Barbara Jennings [SMTP:bjjenni@SANDIA.GOV] > > Sent: Monday, May 17, 1999 2:07 PM > > To: IETF-RUN@MAILBAG.INTEL.COM > > Subject: draft-ietf-run-adverts-00.txt > > > > Strawman section on Privacy. Comments welcome. > > > > -- Barbara > > > > > > Why Web Privacy? > > > > > > Directories, lists, or other collection sources of personal data are the > > current > > informational 'gold rush' for marketing in the United States. The U.S. > > Constitution > > contains no explicit guarantee of personal privacy. Such a right, under > > current > > legislation stands little chance against electronic technologies. The > > American public > > has expressed concern regarding intrusion into their personal privacy. > > Still the collection and sale of such information abounds. > > > > > > Self regulation by businesses utilitizing the Internet is the first choice > > of legislators, > > commercial websites and Internet aficionados. However, the profits to be > > made > > by selling personal information, and by using these lists for > > advertisement purposes > > often disuades self regulation. > > > > > > Senator Patrick Leahy, Ranking Minority member of the Senate Judiciary > > Committee states very succintly, why we should consider Internet Privacy. > > "Good > > privacy policies make good business policies. New technologies bring with > > them new > > opportunities, both for the businesses that develop and market them, and > > for consumers. > > It does not do anyone any good for consumers to hesitate to use any > > particular > > technology because they have concerns over privacy. That is why I believe > > that good > > privacy policies make good business policies." > > > > > > The Center for Democracy and Technology suggests 5 conditions that sites > > should follow tobe considerate of individuals rights to privacy: > > > > > > Notice of data collection > > Choice to opt out > > Access to data to rectify errors > > Adequate security of information database > > Access to contact persons at website > > > > > > Notice the practice of data collection authorization can be accomplished > > in > > something as simple as an automated response. This will help assure your > > customers that you are a business of integrity. > > > > > > An additional consideration that must be made is for those businesses that > > intend to > > pursue international trade with foreign countries. The European > > Communities have legislation for the flow of personal information. If > > your are inteseted in doing business > > across borders and particulary if you intend to share custotmer > > information, you will need > > to be able to guarantee the same privacy considerations as your foreign > > counterpart. > > > > > > Other countries and their legislation is shown below: > > > > > > Germany BundesDatenSchutzGesetz (BDSG) > > France Commision Nationale de l'informatique et de > > libertes (CNIL) > > UK Data Protection Act (DPA) > > Netherlands Wet PersoonsRegistraties (WPR) > > Australia Privacy Act 1998 (OECD DAta Protection > > Guidelines) > > Canada The Personal Information Protection and > > Electronic > > Documents Act > > -- > > > > Barbara Jennings > > Sandia National Laboratories > > P.O. Box 5800 M/S 0807 > > Albuquerque, New Mexico 87185 > > (505)845-8554 FAX (505)844-2067 > > bjjenni@sandia.gov > > ============================================================= > > > > "Life is to be spent not saved." > > > > D.H. Laurence > > -- Barbara Jennings Sandia National Laboratories P.O. Box 5800 M/S 0807 Albuquerque, New Mexico 87185 (505)845-8554 FAX (505)844-2067 bjjenni@sandia.gov ============================================================= "Life is to be spent not saved." D.H. Laurence --------------D2C99678B9D0008DACDF1FA2 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Hi Ted,
 
  The other responses that I received were relating to US concentric
(oops! - I will rewrite this paragraph) and from Maurizo in Italy with
his country privacy contact.

  I tend to think that while including the local laws may be a bit of a
burden to obtain,  the information is quite necessary for sites to incorporate
to the RFC.  Additionally, while the law may change or be ammended, most
times the title does not, ie U.S. Consititution.

 Thoughts?

Barbara
 
Gavin, Ted (COR-EX) wrote:

This is good material. But, I think we risk creating more burden in
including anything beyond a topical mention that there *are* local laws
regarding privacy. If we include countries, then as those laws are changed,
we face the burden of an undending chain of RFCs.

Just my thoughts.

tg

> -----Original Message-----
> From: Barbara Jennings [SMTP:bjjenni@SANDIA.GOV]
> Sent: Monday, May 17, 1999 2:07 PM
> To:   IETF-RUN@MAILBAG.INTEL.COM
> Subject:      draft-ietf-run-adverts-00.txt
>
> Strawman section on Privacy.  Comments welcome.
>
>   -- Barbara
>
>
> Why Web Privacy?
>
>
> Directories, lists, or other collection sources of  personal data are the
> current
> informational 'gold rush' for marketing in the United States.  The U.S.
> Constitution
> contains no explicit guarantee of personal privacy.  Such a right, under
> current
> legislation stands little chance against electronic technologies. The
> American public
> has expressed concern regarding intrusion into their personal privacy.
> Still the collection and sale of such information abounds.
>
>
> Self regulation by businesses utilitizing the Internet is the first choice
> of legislators,
> commercial websites and Internet aficionados.  However, the profits to be
> made
> by selling personal information, and by using these lists for
> advertisement purposes
> often disuades self regulation.
>
>
> Senator Patrick Leahy, Ranking Minority member of the Senate Judiciary
> Committee states very succintly, why we should consider Internet Privacy.
> "Good
> privacy policies make good business policies. New technologies bring with
> them new
> opportunities, both for the businesses that develop and market them, and
> for consumers.
> It does not do anyone any good for consumers to hesitate to use any
> particular
> technology because they have concerns over privacy. That is why I believe
> that good
> privacy policies make good business policies."
>
>
> The Center for Democracy and Technology suggests 5 conditions that sites
> should follow tobe considerate of individuals rights to privacy:
>
>
>         Notice of data collection
>         Choice to opt out
>         Access to data to rectify errors
>         Adequate security of information database
>         Access to contact persons at website
>
>
> Notice the practice of data collection authorization can be accomplished
> in
> something as simple as an automated response.  This will help assure your
> customers that you are a business of integrity.
>
>
> An additional consideration that must be made is for those businesses that
> intend to
> pursue international trade with foreign countries.  The European
> Communities have legislation for the flow of personal information.  If
> your are inteseted in doing business
> across borders and particulary if you intend to share custotmer
> information, you will need
> to be able to guarantee the same privacy considerations as your foreign
> counterpart.
>
>
> Other countries and their legislation is shown below:
>
>
>         Germany          BundesDatenSchutzGesetz  (BDSG)
>         France              Commision Nationale de l'informatique et de
>                                       libertes  (CNIL)
>         UK                       Data Protection Act (DPA)
>         Netherlands     Wet PersoonsRegistraties (WPR)
>         Australia            Privacy Act 1998 (OECD DAta Protection
>                                        Guidelines)
>         Canada            The Personal Information Protection and
> Electronic
>                                        Documents Act
> --
>
> Barbara Jennings
> Sandia National Laboratories
> P.O. Box 5800 M/S 0807
> Albuquerque, New Mexico  87185
> (505)845-8554 FAX (505)844-2067
> bjjenni@sandia.gov
> =============================================================
>
> "Life is to be spent not saved."
>
>   D.H. Laurence
>

  
-- 

Barbara Jennings
Sandia National Laboratories
P.O. Box 5800 M/S 0807
Albuquerque, New Mexico  87185
(505)845-8554 FAX (505)844-2067
bjjenni@sandia.gov
=============================================================

"Life is to be spent not saved."

  D.H. Laurence
  --------------D2C99678B9D0008DACDF1FA2--