IETF A. Cooper Internet-Draft Center for Democracy & Intended status: Informational Technology Expires: August 17, 2010 February 13, 2010 IETF Privacy Policy draft-cooper-privacy-policy-00 Abstract This document proposes to serve as the IETF's privacy policy. This policy applies to data collected in conjunction with IETF activities and on public IETF-related web sites. Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on August 17, 2010. Copyright Notice Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect Cooper Expires August 17, 2010 [Page 1] Internet-Draft IETF Privacy Policy February 2010 to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the BSD License. 1. Introduction In keeping with the goals and objectives of this standards body, the IETF is committed to the highest degree of respect for the privacy of IETF participants and site visitors. This policy applies to data collected in conjunction with IETF activities, whether online or in person, and on public web sites hosted on ietf.org, iab.org, iesg.org, rfc-editor.org, and irtf.org (known hereafter as "IETF- related web sites"). This policy explains how the IETF applies the Fair Information Practices -- a widely accepted set of privacy principles [1] -- to the data we collect. [Note: This document is meant to be a strawman proposal for a public- facing privacy policy that any visitor to IETF-related web sites can read and understand. The policies described are a combination of observations about the data the IETF collects, language from the ISOC privacy policy, and examples of good policies from other organizations. The document was drafted without direct knowledge of the server log practices on ietf.org and the other domains, but instead based on common web server practices. The text of this document should be modified to reflect actual IETF practices should they differ from common practices. The hope is that this document will generate discussion within the community and attention from those who know more about what the IETF's privacy practices actually are. It is not clear that the RFC model is the best model for a document like this, but hopefully by starting this way we can generate a good discussion.] 2. Information that is automatically collected on IETF-related web sites Several different kinds of information are automatically collected when you visit IETF-related web sites: o Internet Protocol (IP) address: The address of your computer on the Internet. Your IP address gets transmitted whenever you communicate online or visit web sites so that the content you are accessing can be delivered to you. Cooper Expires August 17, 2010 [Page 2] Internet-Draft IETF Privacy Policy February 2010 o Browser type and operating system: The name and version number of your web browser (for example, Internet Explorer 7 or Firefox 3.5.3) and operating system (for example, Windows XP or Mac OS X). o Cookie: A piece of information that your browser can record after visiting a web site. We use cookies on www.ietf.org, tools.ietf.org, and [fill in other subdomains as appropriate]. o URL of the page that directed you to our site: If you arrive at an IETF-related web site through a link on another web site -- a search engine or a blog, for example -- our web servers will record the address of the web page that referred you to our site. If you arrive at our web site by clicking on a search result returned by a search engine, our servers may (depending on the search engine) record the search terms that you used. o Whether you have bookmarked our web site(s) on your web browser. This information is only reported for Internet Explorer users. [Note: This is true for other organizations' privacy policies, but not sure if it belongs here.] o The web page(s) within our site(s) that you visit, the web page you visit first on one of our sites (the entry page), and the web page you visit last on one of our sites (the exit page) o Bandwidth used: The total number of bytes downloaded when you browse one of our sites o Amount of time you spend during a visit to one of our sites o Time and date of your site visit [Note: Is the list above correct? What else gets collected automatically?] This individualized, non-aggregated data is stored in log files that we will delete every [X] days. We may occasionally examine these individualized log files for troubleshooting and security purposes. [Note: Is this true? What else is done with this data?] We use persistent cookies on www.ietf.org to record your preference about how you like to view the web site. These cookies have a [fill in expiration period] lifetime. We use persistent cookies on tools.ietf.org for [fill in purposes]. These cookies have a [fill in expiration period] lifetime. Cooper Expires August 17, 2010 [Page 3] Internet-Draft IETF Privacy Policy February 2010 3. Information you can choose to share with the IETF You can choose to share information with the IETF in a number of ways: Searching on IETF-related web sites: The search terms you enter on IETF-related web sites are used only to provide you with search results. Making an IETF Contribution: As defined in [2], an "IETF Contribution" is any submission to the IETF intended by the contributor for publication as all or part of an Internet-Draft or RFC (with limited exceptions) and any statement made within the context of an IETF activity. Such statements include oral statements in IETF sessions, as well as written and electronic communications made at any time or place which are addressed to the IETF. All IETF Contributions are public information that we may indefinitely retain and post publicly. Signing up for a mailing list: When you sign up for an IETF mailing list, you must provide an email address, and you may optionally provide your name and a password. We use this information only to deliver list mail to you and to administer the mailing lists. Registering to attend a meeting or social event: When you register to attend an IETF meeting or an IETF social event, we ask you for certain information about yourself, commonly including your name, affiliation, address, email address, phone number, t-shirt size, dietary restrictions, profile URL, and credit card information. We use this information to register you for the meeting and to process your payment. [Note: What else is this information used for? With whom is it shared? Is it appropriate to include the social event registration in this item, or is that information sometimes collected and processed by the sponsor?] Attending a meeting: When you attend a working group session at an IETF meeting, you are required to provide your name and email address on a form known as a "blue sheet" (which often but not always is blue). The blue sheets serve as the official attendance record for working group sessions, and such records are required by [3] in support of an open Internet standards process. To the extent [3] is revised to require practices in conflict with this privacy policy, this policy must be revised at the same time as [3]. We may also from time to time experiment with other ways of collecting attendance information (such as the RFID experiment conducted at IETF 76 [4]). The policies surrounding the data collection and use involved in these experiments will always be Cooper Expires August 17, 2010 [Page 4] Internet-Draft IETF Privacy Policy February 2010 announced well in advance and linked from this policy. Submitting or updating an Intellectual Property Rights (IPR) disclosure: When you submit or update an IPR disclosure (per [2]), we ask you for certain information about yourself, including your name, address, telephone number, and email address. We use this information only as described in [2] to handle IPR issues. Using IETF tools: The IETF hosts several tools [5] on its web site -- including rfcdiff, idnits, and idspell -- that take Internet-Drafts or potential Internet-Drafts as input. We use these inputs only for the purpose of providing the tools. [Note: What is missing from this list?] Working group chairs, IESG members, and IAB members have many additional opportunities to share information with the IETF which are not covered by this policy. [Note: Should those be documented here and covered by this policy? Or should they be documented elsewhere and linked from here?] 4. Data disclosure The IETF does not sell, rent, or exchange any information that we collect about our participants or site visitors. However, we will disclose information under the following circumstances: All IETF Contributions are public information and are usually disclosed at the time the Contributions are made. We may disclose to our payment processor [Note: Who is this?] the payment information you provide to us when you register to attend an IETF meeting in order to process your payment. For all of the information we retain, we will comply with lawful requests from law enforcement and civil litigants that follow appropriate legal standards and procedures. If the law or a lawful order requires us to disclose information about your activities, we will (unless prohibited by law from doing so) attempt to contact you prior to such disclosure, and attempt to disclose to you the fact that we have submitted information to legal authorities or civil litigants (including disclosing which information we have submitted). We will object to disclosure requests that we believe are improper. Cooper Expires August 17, 2010 [Page 5] Internet-Draft IETF Privacy Policy February 2010 5. Data retention All log files of automatically collected data about our site visitors are deleted every [X] days. [Note: Some information about log file back-ups and the retention of search terms should be inserted here.] Aggregated data about visitors to our web site which cannot be linked back to individual visitors may be retained permanently. Meeting registration information other than credit card information is permanently retained. Credit card processing records are retained for 18 months. [Note: This is how the policy appears based on the IETF Trust Records Retention and Management Policy.] Blue sheets are permanently retained. IPR Disclosures are permanently retained. IETF Tools inputs are [fill in the correct policy]. More information about IETF data retention policies can be found in the IETF Trust Records Retention Policy [6]. 6. Security Considerations Online transactions of a sensitive nature, such as those involving credit card numbers, are protected by secure browser connections. Our site supports the use of secure socket layer (SSL) encryption technology to encrypt your information prior to transmission over the Internet. [Note: This is derived from ISOC's policy. Does the IETF have the same policy? Is there more to say here?] 7. Changes to the privacy policy If we make substantial changes to this privacy policy, we will post a prominent notification on www.ietf.org and we will send a notice to the IETF-Announce mailing list about the changes. You can sign up for that mailing list at [7]. 8. Your privacy questions Feel free to contact us at [insert appropriate email address] to ask us to disclose to you any information we have about you. You have the right to correct, update, or delete information that we may have Cooper Expires August 17, 2010 [Page 6] Internet-Draft IETF Privacy Policy February 2010 about you, except to the extent that such alteration or deletion would be contrary to the purpose and terms of [2] or [3]. If you have any concerns about this policy, please contact [insert appropriate email address]. [Note: This is derived from CDT's privacy policy and is offered as an example of a policy that the IETF could have.] 9. IANA Considerations This document makes no request of IANA. 10. Acknowledgements I would like to thank Fred Baker and John Morris for their reviews of this document. 11. Informative References [1] Organization for Economic Cooperation and Development, "OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data", http://www.oecd.org/document/18/ 0,3343,en_2649_34255_1815186_1_1_1_1,00.html, 1980. [2] Bradner, S., "Intellectual Property Rights in IETF Technology", BCP 79, RFC 3979, March 2005. [3] Bradner, S., "IETF Working Group Guidelines and Procedures", BCP 25, RFC 2418, September 1998. [4] Internet Engineering Task Force, "RFID Tagging Experiment at IETF 76", http://www.ietf.org/EbluesheetInformation.html, 2009. [5] Internet Engineering Task Force, "IETF Tools", http://tools.ietf.org/tools/, 2009. [6] IETF Trust, "IETF Trust Records Retention and Management Policy", http://trustee.ietf.org/docs/ IETF_Trust_Records_Retention_Policy_(Complete_Final).pdf, 2007. [7] Internet Engineering Task Force, "IETF-Announce Info Page", https://www.ietf.org/mailman/listinfo/IETF-Announce. Cooper Expires August 17, 2010 [Page 7] Internet-Draft IETF Privacy Policy February 2010 Author's Address Alissa Cooper Center for Democracy & Technology 1634 I Street NW, Suite 1100 Washington, DC USA Email: acooper@cdt.org Cooper Expires August 17, 2010 [Page 8]