|
This document proposes to serve as the IETF's privacy policy. This policy applies to data collected in conjunction with IETF activities and on public IETF-related web sites.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”
This Internet-Draft will expire on January 6, 2011.
Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
In keeping with the goals and objectives of this standards body, the IETF is committed to the highest degree of respect for the privacy of IETF participants and site visitors. This policy applies to data collected in conjunction with IETF activities, whether online or in person, and on public web sites hosted on ietf.org, iab.org, rfc-editor.org, and irtf.org (known hereafter as "IETF-related web sites"). This policy explains how the IETF applies the Fair Information Practices -- a widely accepted set of privacy principles [1] (Organization for Economic Cooperation and Development, “OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data,” 1980.) -- to the data we obtain. The Fair Information Practices may be briefly summarized as follows:
[Note 1: This document is meant to be a strawman proposal for a public-facing privacy policy that any visitor to IETF-related web sites can read and understand. Issues specific to WG chairs and I* members are therefore left out. This also means that the document is not written as a compliance document for the chair/I* audience -- it does not prescribe what they should or should not do with IETF participants' data, but rather informs participants about what the IETF does with their data.]
[Note 2: It is unlikely that the RFC model is the best model for maintaining and updating a document like this. It is more likely to fall within the scope of the IAOC and/or the Trust. While this is being sorted out, the term "we" as used in this document should be understood to encompass all IETF bodies/persons that handle participants' and site visitors' data, including the secretariat, the IAD, the IAOC, and the management of the IETF Tools. An explanation of who "we" are should be added once the document has a proper home within the IETF organizational structure.]
You can choose to share information with the IETF in a number of ways, as explained below. All of this information is stored within the United States unless otherwise noted.
Searching on IETF-related web sites:
The search terms you enter on IETF-related web sites are used only to provide you with search results.
Making an IETF Contribution:
As defined in [2] (Bradner, S., “Intellectual Property Rights in IETF Technology,” March 2005.), an "IETF Contribution" is any submission to the IETF intended by the contributor for publication as all or part of an Internet-Draft or RFC (with limited exceptions) and any statement made within the context of an IETF activity. Such statements include oral statements in IETF sessions, as well as written and electronic communications made at any time or place which are addressed to the IETF. All IETF Contributions are public information that may be indefinitely retained and posted publicly.
Signing up for a mailing list:
When you sign up for an IETF mailing list, you must provide an email address, and you may optionally provide your name and a password. We use this information only to deliver list mail to you and to administer the mailing lists. The membership list of most IETF mailing lists is available to members of those lists -- in other words, if you are subscribed to a list, you can determine who else is subscribed as well (although this is not possible for certain lists, such as ietf@ietf.org).
Sending email to a mailing list:
Emails sent to IETF mailing lists are considered to be IETF Contributions, as described above. Email messages that you send may contain information about your computer, including your IP address and the type of email program that you use. This and all email message information is public information that may be archived or replicated by anyone.
Registering to attend a meeting or social event:
When you register to attend an IETF meeting or social event, we ask you for certain information about yourself, commonly including your name, affiliation, address, email address, phone number, t-shirt size, dietary restrictions, profile URL, and credit card information. We use this information to register you and to process your payment. We disclose your payment information to our payment processor, Authorize.net. Otherwise, registration information is only disclosed in the aggregate, to the meeting host or social event coordinator, for example. Some registration information may be transferred to the location of the meeting or event to which you registered (to provide you with a name badge, for example).
Requesting a letter of invitation:
If you require a letter of invitation in order to obtain a visa or other travel document to attend an IETF meeting, you can apply for a letter through the IETF web site. To apply you must provide your name, address, email, phone number, nationality, date of birth, and passport number and expiration date. This information is used to generate a letter of invitation that is personalized to you.
Attending a meeting:
When you attend a working group session at an IETF meeting, you are required to provide your name and email address on a form known as a "blue sheet" (which often but not always is blue). The blue sheets serve as the official attendance record for working group sessions, and such records are required by the IETF Working Group Guidelines and Procedures [3] (Bradner, S., “IETF Working Group Guidelines and Procedures,” September 1998.) in support of an open Internet standards process. To the extent that [3] (Bradner, S., “IETF Working Group Guidelines and Procedures,” September 1998.) is revised to require practices in conflict with this privacy policy, this policy must be revised at the same time as [3] (Bradner, S., “IETF Working Group Guidelines and Procedures,” September 1998.).
Participating in meeting experiments:
We may from time to time experiment with new ways of collecting attendance information (such as the RFID experiment conducted at IETF 76 [4] (Internet Engineering Task Force, “RFID Tagging Experiment at IETF 76,” 2009.)). The policies surrounding the data collection and use involved in these experiments will always be announced well in advance and linked from this policy.
Submitting or updating an Intellectual Property Rights (IPR) disclosure:
When you submit or update an IPR disclosure (per [2] (Bradner, S., “Intellectual Property Rights in IETF Technology,” March 2005.)), we ask you for certain information about yourself, including your name, address, telephone number, and email address. We use this information only as described in [2] (Bradner, S., “Intellectual Property Rights in IETF Technology,” March 2005.) to handle IPR issues.
Using IETF tools:
The IETF hosts a number of tools [5] (Internet Engineering Task Force, “IETF Tools,” 2009.) on its Tools site. The wiki and tracker tools allow you to upload content and tracker tickets to individual working group pages. These tools require you to create a user account by providing your email address and a password. Other tools, including rfcdiff, idnits, and idspell, take Internet-Drafts or potential Internet-Drafts as input. We use these inputs only for the purpose of providing the tools.
Working group chairs and members of the IESG, IAB, IAOC and other leadership bodies have many additional opportunities to share information with the IETF which are not covered by this policy.
Several different kinds of information are automatically shared with the IETF when you visit IETF-related web sites:
This individualized, non-aggregated data is stored in the United States in log files. These log files are retained for 1-3 months on average (the exact retention period depends on the size of each log file, which will vary with each IETF web site). We may occasionally examine these individualized log files for troubleshooting and security purposes.
We use persistent cookies on www.ietf.org to record your preference about how you like to view the web site. These cookies are set to expire in the year 2036. We use session cookies on tools.ietf.org to manage users who log in to wiki pages.
We do not retain logs of any information collected when you access IETF materials via means other than the web (FTP or rsync, for example).
The IETF does not sell, rent, or exchange any information that we collect about our participants or site visitors. However, we will disclose information under the following circumstances:
All IETF Contributions are public information and are usually disclosed at the time the Contributions are made.
We may disclose to our payment processor (Authorize.net) the payment information you provide to us when you register to attend an IETF meeting in order to process your payment.
For all of the information we retain, we will comply with lawful requests from law enforcement and civil litigants that follow appropriate legal standards and procedures. We will object to disclosure requests that we believe are improper.
[Note: I have removed the language below about notification to participants affected by lawful process, but I think it is worth considering adopting it as IETF policy.
"If the law or a lawful order requires us to disclose information about your activities, we will (unless prohibited by law from doing so) attempt to contact you prior to such disclosure, and attempt to disclose to you the fact that we have submitted information to legal authorities or civil litigants (including disclosing which information we have submitted)."]
All log files of automatically collected data about our site visitors are deleted every 1-3 months on average. Aggregated data about visitors to our web site which cannot be linked back to individual visitors may be retained permanently. Some of this data is viewable at [6] (Internet Engineering Task Force, “Usage Statistics for www6.ietf.org,” 2010.).
Meeting registration information other than credit card information is permanently retained (including cancelled registrations). Credit card processing records are retained for 18 months.
Letter of invitation information, including passport and date of birth information, is permanently retained.
Blue sheets and IPR Disclosures are permanently retained.
IETF Tools inputs are retained for 1 month on average (the exact retention period depends on the size of the log file for each tools site).
More information about IETF data retention policies can be found in the IETF Trust Records Retention Policy [7] (IETF Trust, “IETF Trust Records Retention and Management Policy,” 2007.).
We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. When we transmit sensitive information (such as credit card numbers), we protect it through the use of the encrypted Secure Socket Layer (SSL) protocol, and you may access all IETF websites using SSL whenever desired.
When signing up for an IETF mailing list, you may optionally provide a password. You will receive monthly reminders about your mailing list subscriptions, and these reminders may contain your list passwords. Because these emails are sent unencrypted, there is a risk that your passwords may be intercepted by third parties. Because of this, you should not use the same password for an IETF mailing list that you use for any other secure transactions (such as for your banking web site or email login).
[Note: This section still needs more information about access control and encryption practices for data that gets stored.]
If we make substantial changes to this privacy policy, we will post a prominent notification on www.ietf.org and we will send a notice to the IETF-Announce mailing list about the changes. You can sign up for that mailing list and view its archives at [8] (Internet Engineering Task Force, “IETF-Announce Info Page,” .).
Feel free to contact us at [insert appropriate email address] to ask us to disclose to you any information we have about you. You have the right to correct, update, or delete information that we may have about you, except to the extent that such alteration or deletion would be contrary to the purpose and terms of [2] (Bradner, S., “Intellectual Property Rights in IETF Technology,” March 2005.) or [3] (Bradner, S., “IETF Working Group Guidelines and Procedures,” September 1998.).
If you have any concerns about this policy, please contact [insert appropriate email address].
[Note 3: This is derived from CDT's privacy policy and is offered as an example of a policy that the IETF could have.]
This document makes no request of IANA.
I would like to thank Fred Baker, John Morris, Martin Thomson, Henk Uljerwaal, Tim Polk, Rich Kulawiec and the IAOC for their reviews of this document. Glen Barney also provided invaluable insights.
[1] | Organization for Economic Cooperation and Development, “OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data,” http://www.oecd.org/document/18/0,3343,en_2649_34255_1815186_1_1_1_1,00.html, 1980. |
[2] | Bradner, S., “Intellectual Property Rights in IETF Technology,” BCP 79, RFC 3979, March 2005 (TXT). |
[3] | Bradner, S., “IETF Working Group Guidelines and Procedures,” BCP 25, RFC 2418, September 1998 (TXT, HTML, XML). |
[4] | Internet Engineering Task Force, “RFID Tagging Experiment at IETF 76,” http://www.ietf.org/EbluesheetInformation.html, 2009. |
[5] | Internet Engineering Task Force, “IETF Tools,” http://tools.ietf.org/tools/, 2009. |
[6] | Internet Engineering Task Force, “Usage Statistics for www6.ietf.org,” http://www.ietf.org/usagedata/, 2010. |
[7] | IETF Trust, “IETF Trust Records Retention and Management Policy,” http://trustee.ietf.org/docs/IETF_Trust_Records_Retention_Policy_(Complete_Final).pdf, 2007. |
[8] | Internet Engineering Task Force, “IETF-Announce Info Page,” https://www.ietf.org/mailman/listinfo/IETF-Announce. |
Alissa Cooper | |
Center for Democracy & Technology | |
1634 I Street NW, Suite 1100 | |
Washington, DC | |
USA | |
Email: | acooper@cdt.org |