Internet DRAFT - draft-moonesamy-privacy-identifiers
draft-moonesamy-privacy-identifiers
Individual Submission S. Moonesamy
Internet-Draft
Intended status: Informational September 14, 2013
Expires: March 18, 2014
Privacy and Identifiers
draft-moonesamy-privacy-identifiers-01
Abstract
The Internet provides the ability for information to be spread beyond
geographical boundaries at the speed of light. Once information is
available over the Internet it leaves the private realm. If the
information can be used to identify a person it can affect the
privacy of the individual. There are cases when it can increase the
physical risk to the individual or where it can have a negative
financial impact. Some types of information can be an embarassment
to an individual and negatively affect the person's reputation.
This document discusses about identifiers in the context of privacy.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 18, 2014.
Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
Moonesamy Expires March 18, 2014 [Page 1]
Internet-Draft Privacy and Identifiers September 2013
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Background . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2.1. Note . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Link Layer Identifiers . . . . . . . . . . . . . . . . . . . 3
4. Internet Identifiers . . . . . . . . . . . . . . . . . . . . 3
4.1. IP address . . . . . . . . . . . . . . . . . . . . . . . 3
4.2. Email address . . . . . . . . . . . . . . . . . . . . . . 3
5. Session Identifiers . . . . . . . . . . . . . . . . . . . . . 4
6. The right amount of information . . . . . . . . . . . . . . . 4
7. Security Considerations . . . . . . . . . . . . . . . . . . . 4
8. Recommendations . . . . . . . . . . . . . . . . . . . . . . . 5
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5
10. Informative References . . . . . . . . . . . . . . . . . . . 5
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 6
1. Background
In 1657 the General Post Office was set up in England, Scotland and
Ireland [Ord1]. One of the secondary purposes was "to discover and
prevent many dangerous, and wicked designs". In 1844 there was a
political row after it was discovered that the Post Office was
intercepting letters.
In 1881 French law about the freedom of the press [Leg1] offered
protection for facts about an individual's private life by giving the
individual the ability to seek redress by legal means if these facts
were published by the press. In 1890 [Leg2] it was mentioned that
recent inventions and business methods call attention to the next
step which must be taken for the protection of the person, and for
securing the individual.
In 1948 the United Declaration of Human Rights [Leg3] stated that "No
one shall be subjected to arbitrary interference with his privacy,
family, home or correspondence, nor to attacks upon his honour and
reputation. Everyone has the right to the protection of the law
against such interference or attacks".
Moonesamy Expires March 18, 2014 [Page 2]
Internet-Draft Privacy and Identifiers September 2013
In 2000 the IETF published a policy on wiretapping [RFC2804]. One of
the observations was that "experience shows that tools designed for
one purpose that are effective for another tend to be used for that
other purpose too, no matter what its designers intended".
2. Introduction
The Internet provides the ability for information to be spread beyond
geographical boundaries at the speed of light. Once information is
available over the Internet it leaves the private realm. Although
there is the ability to seek redress by legal means if information
about an individual's private life is being distributed publicly over
the Internet, it can be an impossible task when multiple juridictions
are involved. In essence, the information cannot be contained once
it leaves the private realm.
If the information shared can be used to identify a person it can
affect the privacy of the individual. There are cases when it can
increase the physical risk to the individual or where it can have a
negative financial impact. Some types of information can be an
embarassment to an individual and negatively affect the person's
reputation.
This document discusses about identifiers in the context of privacy.
2.1. Note
This Internet-Draft can be discussed on the ietf-privacy@ietf.org
mailing list. [RFC-Editor: please remove this paragraph]
3. Link Layer Identifiers
A link layer identifier, such as a MAC address, is used to identify a
physical device. A link layer identifier, in contrast with
identifiers used at other layers, is considered as a physical
identifier as it is embedded in the device.
4. Internet Identifiers
4.1. IP address
An Internet Identifier known as an IP address indicates where it is
[RFC0791].
4.2. Email address
Moonesamy Expires March 18, 2014 [Page 3]
Internet-Draft Privacy and Identifiers September 2013
An email address is a character string that identifies a user to whom
mail will be sent or a location into which mail will be deposited
[RFC5321].
5. Session Identifiers
A Session Identifier uniquely identifies a communication session.
For example, a cookie [RFC6265] is session identifier used by HTTP
servers to store state. The HTTP server can send the user agent a
cookie. The user agent returns that cookie in subsequent requests.
There are two types of cookies, session cookies and persistent
cookies. A session cookie is destroyed when the user agent is
closed. A persistent cookie is preserved across multiple sessions
and is only destroyed once it reaches its expiration date.
6. The right amount of information
When a person explicitly addresses the remote end at the IP layer the
person consents to the transmission of the IP address assigned to
local end. The IP addresses of the two end-hosts are necessary for
IP-layer communication to be possible. When a person sends an email
the person consents to the transmission of an email address. The
email address is necessary for the recipient of the email to be able
to reply to it.
As a short-lived mechanism to store state it can be argued that a
session identifier such as a session cookie is necessary to provide
the functionality for a communication session. There may be valid
reasons for having a persistent cookie, for example, to store the
preferences of the individual. A persistent cookie can also be used
to track a person's usage of a service. If the intention of the
person is not clear, he/she may have to be asked for consent.
In an all-or-nothing proposition a person is faced with the
inevitable choice of sharing information to be able to communicate.
The interests and motivation of the two ends (e.g. the entity
providing a service at one end and the person using the service at
the other end) are not aligned. It is difficult for the average
person to take an informed decision about the amount of personal data
that needs to be shared. There is an implicit assumption that the
underlying protocols are transmitting the right amount of information
needed for the protocols to work. There is a reasonable expectation
that the person will be provided with a cautionary notice to which he
/she must consent to if the information being disclosed may adversely
affect the person.
7. Security Considerations
Moonesamy Expires March 18, 2014 [Page 4]
Internet-Draft Privacy and Identifiers September 2013
It is a myth that people become anonymous when they are in a crowd.
Naive users view the Internet as a place where they are anonymous and
by extension, incorrectly assume they should not be concerned about
their privacy.
Privacy policies usually end up as disclaimers of liability instead
of policies aimed at protecting privacy.
8. Recommendations
It is recommended that an identifier be used at the layer at which
its functionality is necessary for communication to be
established.
It is recommended not to transmit link layer identifiers over the
Internet.
9. IANA Considerations
This document does not request any action from IANA.
[RFC-Editor: please remove this paragraph]
10. Informative References
[ARTDP] European Union, "Opinion 2/2008 on the review of the
Directive 2002/58/EC on privacy and electronic
communications (ePrivacy Directive)", , <http://
ec.europa.eu/justice/policies/privacy/docs/wpdocs/2008/
wp150_en.pdf>.
[EUD] European Union, "Directive EU 95/46/EC of the European
Parliament and the Council", , <http://ec.europa.eu/
justice/policies/privacy/docs/95-46-ce/
dir1995-46_part1_en.pdf>.
[Leg1] France, "Loi du 29 juillet 1881 sur la liberte de la
presse", 1881, <http://www.legifrance.gouv.fr/affichTexte.
do;jsessionid=5C23937E6B7BDEA19A5266987D1E7792.tpdjo15v_2?
cidTexte=JORFTEXT000000877119&dateTexte=20101002>.
[Leg2] Harvard Law Review, "The right to privacy", ,
<http://faculty.uml.edu/sgallagher/Brandeisprivacy.htm>.
[Leg3] United Nations, "The universal declaration of human
rights", , <http://www.un.org/en/documents/udhr/>.
Moonesamy Expires March 18, 2014 [Page 5]
Internet-Draft Privacy and Identifiers September 2013
[NIST] NIST, "Guide to Protecting the Confidentiality of
Personally Identifiable Information (PII)", ,
<csrc.nist.gov/publications/nistpubs/800-122/
sp800-122.pdf>.
[Ord1] United Kingdom, "An Act for setling the Postage of
England, Scotland and Ireland", June 1657,
<http://www.british-history.ac.uk/>.
[RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, September
1981.
[RFC2804] IAB IESG, "IETF Policy on Wiretapping", RFC 2804, May
2000.
[RFC5321] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321,
October 2008.
[RFC6265] Barth, A., "HTTP State Management Mechanism", RFC 6265,
April 2011.
[RFC6973] Cooper, A., Tschofenig, H., Aboba, B., Peterson, J.,
Morris, J., Hansen, M., and R. Smith, "Privacy
Considerations for Internet Protocols", RFC 6973, July
2013.
[USDC] United States District Court Western District of
Washington, "Johnson et al. v. Microsoft, Case No.
C06-0900RAJ", .
Author's Address
S. Moonesamy
76, Ylang Ylang Avenue
Quatre Bornes
Mauritius
Email: sm+ietf@elandsys.com
Moonesamy Expires March 18, 2014 [Page 6]