wg-privsec-2.2-tap TASK PROPOSAL  wg_privsec-2.2-tap.html

Task Proposal: Working group for Practical Application of Privacy and Security of Personal Information

Version 2.2
Submitted June 6 2000
ISSG Vote July 14 2000

Contact:
Jonathan Robin mailto:jrobin@isoc.org
Internet Society Liaison : Unesco & Non Governmental Organizations
69, Avenue Victor Hugo
75116 Paris France
+331 4501 5750

Proposing group:

Greg Adamson
Parry Aftab
David Ankri
Julian Ashbourne
John J. Brassil
Michael Burks
Laurent Caron
David Casacuberta
Vint Cerf
Artur Herrera Colmener
John Detwiler
Florence Domps
Ted Gavin
Per Arne Godejord
Arana Greenberg
Peter Harter
Don Heath
Laurence Hecht
Elmar Hilgers
Rob Horne
Jeremy Hunsinger
Christian Jacken
Hans Klein
Sam Kritikos
Chris Kwan
Sam Lanfranco
Christian de Larrinaga
Christine Maxwell
Wawa Ngenge
Adrian Norman
Mark Perkins
Stephanie Perrin
Dominic Pinto
P.J. Ponder
Costas Popotas
Raymond Pougheon
Stefan Probst
Alan Rea
Jonathan Robin
Kim Veltman
Cynthia Waddell
Ted Wolf jr
Alan Zausner
Chris Zielinski

Abstract:

This Working Group aims at encouraging world wide adoption of fair
practices in networked security and the protection of privacy of personal
information, and to work with all groups seeking legislative harmonization
between Online and Offline privacy practices. The PAPSPI Working Group
will seek to earn global recognition as an accepted reference on the
issues, policies, and practical applications of privacy and security as
they affect individuals, the public sector and the private sector.

PROPOSAL:

OBJECTIVES:

1) To document workable and practical policies relating to privacy and the
use of personal information both by the private sector and by the public sector.

2) To act in concert with other groups working on privacy, on security and
related issues when appropriate.

3) To develop or endorse practical and applicable guidelines on privacy,
on security, and related issues after due consultation with appropriate
groups.

4) To generate expertise ensuring nominative privacy protection and
adequate security for everybody in a context guaranteeing free access to
information.

5) That relevant information not only be made publicly and freely
available but that all steps be taken to ensure that such information be
actively relayed through ISOC Chapters, by linked associations, and
I.S.T.F. members, especially in their dealings with Governmental and Non
Governmental Organizations.

6) To work with appropriate actors of the Civil Society, the Private
Sector and the Public Sector, towards establishing acceptable levels of
legislative coherency in the area of privacy, information freedom, and
online commerce. Attention will be drawn to the need for intra-national
coherency between "online" and "offline" legislation.

Tasks:

1) To obtain approval to be an ISTF Working Group with appropriate
privileges and responsibilities
2) To write a rfc or whitepaper on "Practical Guidelines for the Use of
Personal Information on the Internet
3) To explore and to reach a generally accepted definition of the term
"nominative" in respect of privacy protection
4) To explore and explain the differences between IDENTIFICATION and
AUTHENTICATION so as to reach acceptable multicultural definitions of
these terms in a context protecting privacy on and off line without unduly
discouraging commerce, e-commerce and m-commerce, as they develop,
especially through an IPv6 environment and beyond.
5) To explore the role which could be assumed by the Internet Society or
by the Internet Societal Task Force, acting alone or in concertation with
others, as a recognized international Third Party Privacy Certification
Authority
6) To explore the role of biometric technologies and to ensure that any
implementation of such technologies be coherent with an adequate
protection of personal privacy
7) To explore other issues relating to the protection of privacy and of
free access to information and to act appropriately
8) To create a procedure allowing the ISTF to respond rapidly to
recognized denials of adequate privacy protection or access to
information, and to ensure that these procedures could be used, where
appropriate, to endorse statements or positions taken by associations with
which ISOC or the ISTF has signed a Memorandum of Understanding
9) To interface where mutually appropriate with relevant IETF groups
dealing with Security and with Responsible Use of the Network (RUN) and
User Service Groups and with the Security areas of those entities with
whom ISTF or ISOC has a working relationship. Where appropriate to
network between the former and the latter.
10) To explore and to reach a consensus definition of a minimum
acceptable level of security of data collected and stored while at the
same time ensuring the individual's right to access, and, unless
contrary to national legislation, - where that legislation itself is held
consistent with the Mission Statement of the Internet Society and the
principles upheld by the Internet Societal Task Force, - to rectify
nominative data held on himself and the conditions in which that data
can be released to third parties.

Special organization:

The working group believes that to function effectively, and to avoid
undue duplication of resources, especially in the area of Internet
Security, the group should where possible encourage a shared liaison
with the Security area of the IETF, and with other appropriate
organizations, sharing all information. Furthermore, taking account the
strategic importance accorded the issues of Privacy and Security by the
Internet Society, the working group Chairperson will be an Internet Society
member of at least 2 years standing.

Organization and Operation:

The Official Guidelines for ISTF working groups upon their ratification
or until then:

Decisions are made by majority consensus as determined by the Chairman.
Initial appointments will be by simple majority election.

Appointment review/reelection is by majority consensus, or a majority
vote of no confidence given to/monitored by the ISTF Steering Committee
or by relinquishment of the office by its current holder or by a term
agreed upon in the first initial discussion of operations.

Draft papers representing the working groups output will be disseminated
to all members for comment, comment period will be a reasonable time as
determined by the Chairman.

Current Positions include a Chairperson, CoChairs, External Liaison
Representative, and Secretary, other positions may be added in the
future as needed, such as webmaster, treasurer.

The Chairman is to ensure orderliness of the group, to manage the
mailing list, and distribute the workload of the group appropriately.
The CoChairs will be responsible for the work of the subgroups.

The Secretary's job is to gather and preserve documentation of the
group's output, and make that publicly available.