Sam, Paul,
I did not mean to misrepresent your positions. I honestly understood
them to be as I stated, but I was wrong. My apologies for that.
And yes, I agree with Paul that privacy policies are generally not
worth all that much -- indeed, my organization (as well as, for
example, the U.S. Federal Trade Commission and others) argue that we
need stronger laws/regulations in the U.S. because of the failure of
the privacy policy approach. We want data collectors to be much more
responsible (legally and otherwise) on privacy. But privacy policies
reflect the barest minimum that any responsible organization should do.
It is depressing, at least to me, that the dominant argument on this
issue on this list - expressed by respected community members - is
that the IETF should not expend the cycles to do even this barest
minimum.
John
On Jul 7, 2010, at 5:58 PM, Sam Hartman wrote:
"John" == John Morris <jmorris-lists(_at_)cdt(_dot_)org> writes:
John> Paul, Sam, I understand your arguments to bascially be "we've
John> never had an internal privacy problem here at the IETF, and
as
John> far as I know no one decides not to participate because of
the
John> lack of a privacy policy, so we have no need to follow basic
John> standards of privacy hygiene."
This is not an accurate characterization of my argument.
I substantially agree with Paul's message in response.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf