idnits 2.17.1 draft-moonesamy-privacy-identifiers-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (September 14, 2013) is 3877 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Unused Reference: 'ARTDP' is defined on line 211, but no explicit reference was found in the text == Unused Reference: 'EUD' is defined on line 217, but no explicit reference was found in the text == Unused Reference: 'NIST' is defined on line 233, but no explicit reference was found in the text == Unused Reference: 'RFC6973' is defined on line 254, but no explicit reference was found in the text == Unused Reference: 'USDC' is defined on line 259, but no explicit reference was found in the text Summary: 0 errors (**), 0 flaws (~~), 6 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Individual Submission S. Moonesamy 3 Internet-Draft 4 Intended status: Informational September 14, 2013 5 Expires: March 18, 2014 7 Privacy and Identifiers 8 draft-moonesamy-privacy-identifiers-01 10 Abstract 12 The Internet provides the ability for information to be spread beyond 13 geographical boundaries at the speed of light. Once information is 14 available over the Internet it leaves the private realm. If the 15 information can be used to identify a person it can affect the 16 privacy of the individual. There are cases when it can increase the 17 physical risk to the individual or where it can have a negative 18 financial impact. Some types of information can be an embarassment 19 to an individual and negatively affect the person's reputation. 21 This document discusses about identifiers in the context of privacy. 23 Status of This Memo 25 This Internet-Draft is submitted in full conformance with the 26 provisions of BCP 78 and BCP 79. 28 Internet-Drafts are working documents of the Internet Engineering 29 Task Force (IETF). Note that other groups may also distribute 30 working documents as Internet-Drafts. The list of current Internet- 31 Drafts is at http://datatracker.ietf.org/drafts/current/. 33 Internet-Drafts are draft documents valid for a maximum of six months 34 and may be updated, replaced, or obsoleted by other documents at any 35 time. It is inappropriate to use Internet-Drafts as reference 36 material or to cite them other than as "work in progress." 38 This Internet-Draft will expire on March 18, 2014. 40 Copyright Notice 42 Copyright (c) 2013 IETF Trust and the persons identified as the 43 document authors. All rights reserved. 45 This document is subject to BCP 78 and the IETF Trust's Legal 46 Provisions Relating to IETF Documents 47 (http://trustee.ietf.org/license-info) in effect on the date of 48 publication of this document. Please review these documents 49 carefully, as they describe your rights and restrictions with respect 50 to this document. Code Components extracted from this document must 51 include Simplified BSD License text as described in Section 4.e of 52 the Trust Legal Provisions and are provided without warranty as 53 described in the Simplified BSD License. 55 Table of Contents 57 1. Background . . . . . . . . . . . . . . . . . . . . . . . . . 2 58 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 59 2.1. Note . . . . . . . . . . . . . . . . . . . . . . . . . . 3 60 3. Link Layer Identifiers . . . . . . . . . . . . . . . . . . . 3 61 4. Internet Identifiers . . . . . . . . . . . . . . . . . . . . 3 62 4.1. IP address . . . . . . . . . . . . . . . . . . . . . . . 3 63 4.2. Email address . . . . . . . . . . . . . . . . . . . . . . 3 64 5. Session Identifiers . . . . . . . . . . . . . . . . . . . . . 4 65 6. The right amount of information . . . . . . . . . . . . . . . 4 66 7. Security Considerations . . . . . . . . . . . . . . . . . . . 4 67 8. Recommendations . . . . . . . . . . . . . . . . . . . . . . . 5 68 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 69 10. Informative References . . . . . . . . . . . . . . . . . . . 5 70 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 6 72 1. Background 74 In 1657 the General Post Office was set up in England, Scotland and 75 Ireland [Ord1]. One of the secondary purposes was "to discover and 76 prevent many dangerous, and wicked designs". In 1844 there was a 77 political row after it was discovered that the Post Office was 78 intercepting letters. 80 In 1881 French law about the freedom of the press [Leg1] offered 81 protection for facts about an individual's private life by giving the 82 individual the ability to seek redress by legal means if these facts 83 were published by the press. In 1890 [Leg2] it was mentioned that 84 recent inventions and business methods call attention to the next 85 step which must be taken for the protection of the person, and for 86 securing the individual. 88 In 1948 the United Declaration of Human Rights [Leg3] stated that "No 89 one shall be subjected to arbitrary interference with his privacy, 90 family, home or correspondence, nor to attacks upon his honour and 91 reputation. Everyone has the right to the protection of the law 92 against such interference or attacks". 94 In 2000 the IETF published a policy on wiretapping [RFC2804]. One of 95 the observations was that "experience shows that tools designed for 96 one purpose that are effective for another tend to be used for that 97 other purpose too, no matter what its designers intended". 99 2. Introduction 101 The Internet provides the ability for information to be spread beyond 102 geographical boundaries at the speed of light. Once information is 103 available over the Internet it leaves the private realm. Although 104 there is the ability to seek redress by legal means if information 105 about an individual's private life is being distributed publicly over 106 the Internet, it can be an impossible task when multiple juridictions 107 are involved. In essence, the information cannot be contained once 108 it leaves the private realm. 110 If the information shared can be used to identify a person it can 111 affect the privacy of the individual. There are cases when it can 112 increase the physical risk to the individual or where it can have a 113 negative financial impact. Some types of information can be an 114 embarassment to an individual and negatively affect the person's 115 reputation. 117 This document discusses about identifiers in the context of privacy. 119 2.1. Note 121 This Internet-Draft can be discussed on the ietf-privacy@ietf.org 122 mailing list. [RFC-Editor: please remove this paragraph] 124 3. Link Layer Identifiers 126 A link layer identifier, such as a MAC address, is used to identify a 127 physical device. A link layer identifier, in contrast with 128 identifiers used at other layers, is considered as a physical 129 identifier as it is embedded in the device. 131 4. Internet Identifiers 133 4.1. IP address 135 An Internet Identifier known as an IP address indicates where it is 136 [RFC0791]. 138 4.2. Email address 139 An email address is a character string that identifies a user to whom 140 mail will be sent or a location into which mail will be deposited 141 [RFC5321]. 143 5. Session Identifiers 145 A Session Identifier uniquely identifies a communication session. 146 For example, a cookie [RFC6265] is session identifier used by HTTP 147 servers to store state. The HTTP server can send the user agent a 148 cookie. The user agent returns that cookie in subsequent requests. 149 There are two types of cookies, session cookies and persistent 150 cookies. A session cookie is destroyed when the user agent is 151 closed. A persistent cookie is preserved across multiple sessions 152 and is only destroyed once it reaches its expiration date. 154 6. The right amount of information 156 When a person explicitly addresses the remote end at the IP layer the 157 person consents to the transmission of the IP address assigned to 158 local end. The IP addresses of the two end-hosts are necessary for 159 IP-layer communication to be possible. When a person sends an email 160 the person consents to the transmission of an email address. The 161 email address is necessary for the recipient of the email to be able 162 to reply to it. 164 As a short-lived mechanism to store state it can be argued that a 165 session identifier such as a session cookie is necessary to provide 166 the functionality for a communication session. There may be valid 167 reasons for having a persistent cookie, for example, to store the 168 preferences of the individual. A persistent cookie can also be used 169 to track a person's usage of a service. If the intention of the 170 person is not clear, he/she may have to be asked for consent. 172 In an all-or-nothing proposition a person is faced with the 173 inevitable choice of sharing information to be able to communicate. 174 The interests and motivation of the two ends (e.g. the entity 175 providing a service at one end and the person using the service at 176 the other end) are not aligned. It is difficult for the average 177 person to take an informed decision about the amount of personal data 178 that needs to be shared. There is an implicit assumption that the 179 underlying protocols are transmitting the right amount of information 180 needed for the protocols to work. There is a reasonable expectation 181 that the person will be provided with a cautionary notice to which he 182 /she must consent to if the information being disclosed may adversely 183 affect the person. 185 7. Security Considerations 186 It is a myth that people become anonymous when they are in a crowd. 187 Naive users view the Internet as a place where they are anonymous and 188 by extension, incorrectly assume they should not be concerned about 189 their privacy. 191 Privacy policies usually end up as disclaimers of liability instead 192 of policies aimed at protecting privacy. 194 8. Recommendations 196 It is recommended that an identifier be used at the layer at which 197 its functionality is necessary for communication to be 198 established. 200 It is recommended not to transmit link layer identifiers over the 201 Internet. 203 9. IANA Considerations 205 This document does not request any action from IANA. 207 [RFC-Editor: please remove this paragraph] 209 10. Informative References 211 [ARTDP] European Union, "Opinion 2/2008 on the review of the 212 Directive 2002/58/EC on privacy and electronic 213 communications (ePrivacy Directive)", , . 217 [EUD] European Union, "Directive EU 95/46/EC of the European 218 Parliament and the Council", , . 222 [Leg1] France, "Loi du 29 juillet 1881 sur la liberte de la 223 presse", 1881, . 227 [Leg2] Harvard Law Review, "The right to privacy", , 228 . 230 [Leg3] United Nations, "The universal declaration of human 231 rights", , . 233 [NIST] NIST, "Guide to Protecting the Confidentiality of 234 Personally Identifiable Information (PII)", , 235 . 238 [Ord1] United Kingdom, "An Act for setling the Postage of 239 England, Scotland and Ireland", June 1657, 240 . 242 [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, September 243 1981. 245 [RFC2804] IAB IESG, "IETF Policy on Wiretapping", RFC 2804, May 246 2000. 248 [RFC5321] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321, 249 October 2008. 251 [RFC6265] Barth, A., "HTTP State Management Mechanism", RFC 6265, 252 April 2011. 254 [RFC6973] Cooper, A., Tschofenig, H., Aboba, B., Peterson, J., 255 Morris, J., Hansen, M., and R. Smith, "Privacy 256 Considerations for Internet Protocols", RFC 6973, July 257 2013. 259 [USDC] United States District Court Western District of 260 Washington, "Johnson et al. v. Microsoft, Case No. 261 C06-0900RAJ", . 263 Author's Address 265 S. Moonesamy 266 76, Ylang Ylang Avenue 267 Quatre Bornes 268 Mauritius 270 Email: sm+ietf@elandsys.com