-----Original Message-----
From: CDT Email
To: [log in to unmask]
Sent: 30/05/02 14:59
Subject: Policy Post 8.13: CDT Project on Standards Explores Policy Impact
of Technological Decisions
CDT POLICY POST Volume 8, Number 13, May 30, 2002
A BRIEFING ON PUBLIC POLICY ISSUES AFFECTING CIVIL
LIBERTIES ONLINE
from
THE CENTER FOR DEMOCRACY AND TECHNOLOGY
CONTENTS:
(1) CDT Project on Standards Explores Policy Impact of
Technological Decisions
(2) CDT Standards Bulletin 1.1 May 2002
------------------------------------------------------------------------
(1) CDT PROJECT ON STANDARDS EXPLORES POLICY IMPACT OF
TECHNOLOGICAL DECISIONS
Internet technical standards have a major impact on the Internet's
uses and its future development, with broad implications for public
policy and individual rights. For this reason, CDT launched last year
its Internet Standards, Technology, and Policy Project, to increase
public awareness of and input into technical decision-making. Our
goal is to ensure that the Internet will continue to offer the freedom
and empowerment users now enjoy.
To better serve the public interest community and bring a broader
perspective to standards processes, CDT's Standards Project is
taking two important initiatives:
First, we are expanding our Standards Project website, at http://
www.cdt.org/standards/. This site will contain news and alerts about
public policy issues in the standards world, background information
on the leading standards bodies, and information on the Standards
Project. Over the coming months, we hope that the web site evolves
into a useful resource for both public interest advocates who are not
Internet experts and for technologists interested in public policy
aspects of standards development. We welcome your input on how
to best facilitate an end-user voice in standards processes.
Second, we are launching a Standards Bulletin, which every six to
eight weeks will provide updates and analysis about the work of the
organizations that design the standards and make other important
technical decisions for the Internet. Our goal is to provide the public
interest community with an introduction to the standards world,
identify and track emerging issues, and raise the public interest
involvement in the often complex process of standards development.
In this issue of the CDT Policy Post, we are attaching issue number
one of the Standards Bulletin. We hope you find it interesting, and
look forward to your feedback!
If you would like to receive future issues of the Standards Bulletin,
you can subscribe to it at the project website, http://www.cdt.org/
standards/
------------------------------------------------------------------------
(2) CDT Standards Bulletin 1.1 May 2002
[ STANDARDS BULLETIN 1.01 -- MAY 30, 2002
[
[ Policy Updates and Analysis from the Internet Standards World
[ Provided by
[ The Center for Democracy & Technology's
[ Internet Standards, Technology, and Policy Project
Welcome to the first issue of the Standards Bulletin, a new
publication from CDT's Internet Standards, Technology, & Policy
Project.
Internet technical standards have a major impact on the Internet's
uses and its future development, with broad implications for public
policy and individual activities. Public awareness of and input into
technical decision-making are needed to ensure that the Internet in
its future evolution will continue to offer the freedom and
empowerment we now enjoy. Public policy makers and policy
advocates need to be more familiar with the development of Internet
standards and the issues they bring to the fore.
Every six to eight weeks, the Standards Bulletin will provide updates
and analysis about the organizations that design those standards
and make other important technical decisions for the Internet, such
as the Internet Engineering Task Force (IETF) and the World Wide
Web Consortium (W3C). Our goal is to provide the public interest
community with an introduction to the standards world, identify and
track emerging issues, and raise familiarity with the often complex
process of standards development.
Along with this Standards Bulletin, we are also pleased to be
launching our Standards Project website, at http://www.cdt.org/
standards/. This site contains news and alerts about public policy
issues in the standards world, background information on the
leading standards bodies, and information on the Standards Project.
Over the coming months, we hope that the web site evolves into a
very useful resource on public policy and the standards processes.
We welcome any input from the community on these and other efforts
to facilitate an end-user voice in standards development.
John B. Morris
Director, Internet Standards, Technology, and Policy Project of the
Center for Democracy & Technology
* * * *
1 - STANDARDS SPOTLIGHT: IETF'S GEOPRIV WORKING GROUP.
A new working group at the Internet Engineering Task Force (IETF) is
addressing serious issues concerning the privacy of sensitive
"location" information used in a variety of emerging technologies. As
new technologies expand wireless access to the Internet, a huge
array of location-based services are in the works. Along with
consumer uses, such services can provide increased security and
enhanced emergency services. There are also on-going projects
aimed at providing (or in some cases limiting) services and content
based on the location of users with stationary Internet access.
Significant privacy and security concerns are raised by these
location-based services. Although many location-based services will
be optional and fully user-controlled, in some cases users will have
little choice but to reveal sensitive location information. Even with
user-approved services, there is a significant need to protect and
limit the dissemination of location information.
In mid-2001, in recognition of the serious privacy and security issues
raised by location based services, the Internet Engineering Steering
Group (IESG) of IETF decided to establish the "GEOPRIV" working
group for the purpose of designing to protect the privacy of location
information. As defined by its charter, the mission of the working
group is to assess the "authorization, integrity and privacy
requirements that must be met in order to transfer [location]
information, or authorize the release or representation of such
information through an agent."
In essence, the working group will create a specific format for the
expression of location privacy and security preferences. The way
those preferences are expressed and enforced will likely have a
broad impact on user privacy and control. Although this effort has
similarities to the P3P protocol of the World Wide Web Consortium, it
will be tailored to some unique characteristics of location
information. Critically, the new platform is expected to include default
privacy requirements to be applied in the absence of any privacy
rules created by a user.
The CDT Standards Project has been actively involved in the
GEOPRIV working group since its first meeting in August 2001:
* Last fall, working with Deirdre Mulligan of the Samuelson Law,
Technology, and Public Policy Clinic at Berkeley, CDT submitted to
the IETF an Internet-Draft entitled "Framework for Location
Computation Scenarios." The Internet-Draft offers initial analysis of
the location-tracking situations in which privacy must be protected.
* In collaboration with a technologist from Siemens AG in Germany,
as well as Deirdre Mulligan, CDT is working on two additional
documents: a "requirements" draft specifying what technology must
be created, and a "scenarios" draft specifying range of the situations
in which the technology must work as designed. On May 8, 2002, we
submitted the first of these in an Internet-Draft entitled "GEOPRIV
requirements."
* The "GEOPRIV Requirements" draft will be the primary focus of an
Interim Working Group Meeting to be held in June. We are hopeful
that the draft will be formally endorsed by the working group, and
finalized at the Yokohama IETF meeting in July 2002.
Following the July meeting, the Standards Project will continue to
provide updates on the progress of the GEOPRIV working group
effort. Under its current charter, the work of GEOPRIV is not expected
to be completed until early 2003.
For more information:
GEOPRIV Charter: http://www.ietf.org/html.charters/geopriv-
charter.html
"Framework for Location Computation Scenarios," Internet-Draft,
November 2001: http://www.cdt.org/standards/draft-morris-geopriv-
scenarios-00.txt (original text format), http://www.cdt.org/standards/
draft-morris-geopriv-scenarios-00.pdf (PDF format)
"GEOPRIV Requirements," Internet-Draft, April 2002: http://
www.ietf.org/internet-drafts/draft-cuellar-geopriv-reqs-02.txt (original
text format), http://www.cdt.org/standards/draft-cuellar-geopriv-
reqs02.pdf (PDF format)
* * * *
2 - STANDARDS UPDATE: QUICK DISPATCHES ON STANDARDS &
POLICY
- a OPES GROUP CONSIDERS IMPORTANCE OF PRESERVING
END-TO-END DATA INTEGRITY. IETF's working group on OPES
(Open Pluggable Edge Services) has received guidance from the
Internet Architecture Board. OPES deals with services that can reside
between a client and a server on the Internet, such as a web proxy
cache or other intermediary. CDT submitted comments noting that
such services raise serious concerns about the integrity of end-to-
end communications, and could enable tampering or censorship. In
its "considerations" document, the IAB recognized the importance of
notice and consent when such systems are used, so that possible
negative impacts are minimized. In an upcoming Standards Bulletin,
we will provide an in-depth analysis of OPES.
CDT's original comments on OPES are at http://www.imc.org/ietf-
openproxy/mail-archive/msg00828.html. The IAB's analysis of OPES
is at http://www.ietf.org/rfc/rfc3238.txt. The charter of the OPES
working group is at http://www.ietf.org/html.charters/opes-
charter.html. The home page of the OPES working group is at http://
www.ietf-opes.org/.
- b NEW CROSS-REGISTRY INFORMATION SERVICE PROTOCOL
(CRISP) PROPOSED AS SUCCESSOR TO WHOIS. At last March's
IETF meeting, experts convened in a "Birds of a Feather" (BOF)
meeting to brainstorm on a new directory protocol for domain name
registries. The current protocol, WHOIS, stores data about domain
name registrants, but its uses have broadened substantially over the
years to include law enforcement and intellectual property
enforcement uses. Controversies about access and privacy have
arisen, and a desire has emerged to reevaluate the system. CRISP
raises important policy questions that could have a serious impact
on users. The protocol is still in the formative stages and has not yet
been recognized as an IETF working group, but CDT has been
closely monitoring their work so far.
The Agenda and discussion of CRISP BOF can be found at http://
www.ietf.org/ietf/02mar/crisp.txt.
- c IEPREP WORKING GROUP BEGINS EMERGENCY
PREPAREDNESS ACTIVITY. The IETF's new working group, IEPREP
(Internet Emergency Preparedness), is poised to address key
questions about Internet use in an emergency situation. Operating
on a short timeline, IEPREP will develop guidelines for Internet
technologies that will be needed to enable rapid response to a major
emergency, but also raising issues of equity and access by the
public to important services in times of crisis. The group hopes to
finish the bulk of its work by August 2002.
The Charter of the IEPREP working group can be found at http://
www.ietf.org/html.charters/ieprep-charter.html.
- d - STANDARDS AND INTELLECTUAL PROPERTY. Both the IETF
and W3C are wrestling with important intellectual property issues.
Internet standards developed by both organizations have historically
been publicly available on a royalty-free basis, but with increasing
regularity, the work of standards groups has slowed because
proposed standards implicate technologies covered by software
patents. A long-term system to resolve or avoid patent and other IP-
related disputes is needed and CDT is following these
developments closely. The W3C is actively revising its patent policy,
and the leadership of the IETF has indicated that such an effort is on
the horizon.
The home page of the W3C Patent Policy Working Group can be
found at http://www.w3.org/2001/ppwg/.
- e - UPCOMING IETF-54 MEETING IN YOKOHAMA, JAPAN. The
second of the IETF's three 2002 in-person meetings will begin July
14 in Yokohama, Japan. IETF meetings frequently catalyze working
group activity and lead to new creativity in the standards process.
Although most of the working groups' substantive work is conducted
online, the critical progress on challenging issues can often be
made at the meetings. John Morris, Director of CDT's Standards
Project, will be attending IETF-54; feel free to contact John with any
questions or comments about the meeting. CDT will continue to
provide updates on the meeting's progress.
The home page of IETF-54 home page can be found at http://
www.ietf.org/meetings/IETF-54.html.
------------------------------------------------------------------------
Detailed information about online civil liberties issues may be
found at http://www.cdt.org/.
This document may be redistributed freely in full or linked to
http://www.cdt.org/publications/pp_8.13.shtml.
Excerpts may be re-posted with prior permission of [log in to unmask]
Policy Post 8.13 Copyright 2002 Center for Democracy and
Technology
---------------------------------------
CDT Policy Post Subscription Information
To subscribe to CDT's Policy Post list, send mail to [log in to unmask]
In
the BODY of the message type "subscribe policy-posts" without the
quotes.
To unsubscribe from CDT's Policy Post list, send mail to
[log in to unmask]
In the BODY of the message type "unsubscribe policy-posts" without
the quotes.
Detailed information about online civil liberties issues may be found at
http://www.cdt.org/
************************************************************************************
Distributed through Cyber-Society-Live [CSL]: CSL is a moderated discussion
list made up of people who are interested in the interdisciplinary academic
study of Cyber Society in all its manifestations.To join the list please visit:
http://www.jiscmail.ac.uk/lists/cyber-society-live.html
*************************************************************************************
|
