Re: [STDS-802-Privacy] IEEE 802 closing plenary - Privacy EC SG extended

[Dan Harkins <dharkins@xxxxxxxxxxxxxxxxx>]

On 11/12/14 5:41 AM, "Mark Rison" <m.rison@xxxxxxxxxxx> wrote:

> (3)    Proposals regarding functionalities in IEEE 802 protocols to improve Privacy

 

I have uploaded document 11-14/1554 with some thoughts on this in the

context of 802.11.

  IMHO this does nothing to improve privacy. The idea behind it is that there is a default opt-out

and any loss of privacy requires explicit opt-in for that component of data that the user wants to

provide. The problem is that today this element does not exist and the semantics are default opt-in.

Information that people deem privacy-sensitive is gathered today and the existence of this element

in the 802.11 standard will not change that fact. IEEE cannot legislate and cannot make any

action that is outside of the protocol that is OK today be not OK tomorrow.

  The "legal backing" and "honor system" enforcement mechanisms are woefully inadequate.

  People who have privacy concerns must act as if they are in a hostile environment full of dishonorable

bad actors and scofflaws (for the simple reason that they, in fact, are in such an environment). The way

to deal with the gathering of sensitive data in such an environment revolves around "garbage in, garbage

out" and to make the data these bad actors and scofflaws are gathering as worthless as  possible. 

  Dan.

 

Mark

 

--

Mark RISON, Standards Architect, WLAN   English/Esperanto/Français

Samsung Cambridge Solution Centre       Tel: +44 1223  434600

Innovation Park, Cambridge CB4 0DS      Fax: +44 1223  434601

ROYAUME UNI                             WWW: http://www.samsung.com/uk

 

From: Zuniga, Juan Carlos [mailto:JuanCarlos.Zuniga@xxxxxxxxxxxxxxxx]
Sent: 7 November 2014 22:53
To: STDS-802-PRIVACY@xxxxxxxxxxxxxxxxx
Subject: [STDS-802-Privacy] IEEE 802 closing plenary - Privacy EC SG extended

 

Dear all,

 

The Privacy EC SG has been extended until March 2015. These are our upcoming approved meetings:

 

–        10 December 2014, (10:00 AM ET) Teleconference

–        12-15 January 2015, IEEE Interim meeting in Atlanta, GA, USA

–        4 February 2015, (10:00 AM ET) Teleconference

–        Potential PAR/CSD submission

–        25 February 2015, (10:00 AM ET) Teleconference

–        8-13 March, 2015, IEEE 802 Plenary meeting in Berlin, Germany

 

We will continue with our call for contributions on the following topics:

 

(1)    Threat Model for Privacy at Link Layer

(2)    Privacy Issues at Link Layer

(3)    Proposals regarding functionalities in IEEE 802 protocols to improve Privacy

(4)    Proposals regarding measuring levels of Privacy on Internet protocols

(5)    Implications of MAC address changes

(6)    Other…

 

So far I have received one request for presentation at the next teleconference on Dec 10. We also foresee presenting the findings from next week’s IETF 91 MAC randomization trial.

 

If you are interested in doing a presentation, please let me know.

 

Best regards,

 

Juan Carlos