[Chapter-delegates] ISOC nominees must discuss ISOC's exclusion, financial support for chapters, board independence, finding waste

Richard Hill rhill at hill-a.ch
Tue Sep 17 02:22:32 PDT 2019 

Dear Dave,

 

I agree that there are variations in who advocates for what within the US government.  And that official US policy is not necessarily very clear.

 

Best,

Richard

 

From: Dave Burstein [mailto:daveb at dslprime.com] 
Sent: mardi, 17. septembre 2019 11:02
To: Richard Hill
Cc: Christine Saegesser; ISOC Chapter Delegates
Subject: Re: [Chapter-delegates] ISOC nominees must discuss ISOC's exclusion, financial support for chapters, board independence, finding waste

 

Richard

 

Re: ISOC policies are not aligned with US policies: encryption and data protection/privacy. 

Actually, the US is still allowing encryption and different officials have made different comments. As recently as June 2019, some in the US gov was considering blocking encryption but others effectively blocked them so far. 


Trump officials weigh encryption crackdown <https://www.politico.com/story/2019/06/27/trump-officials-weigh-encryption-crackdown-1385306>  "DHS is internally divided." 


There remain some conservative republicans who join with liberals to block legislation so far. I could have encrypted this email to you.  

============

On privacy, again US (and ISOC) have deliberately ambiguous policies. 

 

The US government under both Obama and Trump supported and signed  "the Organisation for Economic Co-operation and Development (OECD) 2013 Privacy Guidelines," (below) a typical political document that has not changed things. It's as close to an official US position on privacy as I could find. Richard, does ISOC strongly disagree? 

 

Every Trump Republican I've read is strongly in favour of privacy, including some close to ISOC. From the Trump Presidential platform

"We intend to advance policies that protect data privacy" "In recent years, technology companies have responded to market demand for products and services that protect the privacy of customers through increasingly sophisticated encryption technology. These increased privacy protections have become crucial to the digital economy." "We applaud the advance of technology in electronic medical records while affirming patient privacy and ownership of personal health information"

 

To make a difference on privacy, we need to get past the hypocrisy even if that will anger our government and corporate allies. What we have is a lot of talk and pr, not action.

 

I just read https://www.internetsociety.org/policybriefs/privacy/ and some of ISOC's other statements. They do not read very differently than the official government statements. High order principles that everyone can agree with but almost no specific government or private/collective actions that would make much difference.  Not merely are they so vague as to be meaningless, it actually turns out ISOC's official policy is based on on the US government approved OECD 

 <https://www.internetsociety.org/policybriefs/privacy/> 


Quote <https://www.internetsociety.org/policybriefs/privacy/> 

The following principles are derived from the Organisation for Economic Co-operation and Development (OECD) 2013 Privacy Guidelines, and are widely recognized as providing a good foundation for developing online privacy policies and practices:

·         Collection limitation. There should be limits to the collection of personal data. Any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject.

·         Data quality. Personal data should be relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, should be accurate, complete, and kept up-to-date.

·         Purpose specification. The purposes for which personal data is collected should be specified. The use should be limited to those purposes or other purposes that are not incompatible.

·         Use limitation. Personal data should not be disclosed, made available, or used for other purposes except with the consent of the individual or where authorised by law.

·         Security safeguards. Personal data should be protected by reasonable security safeguards.

·         Openness. There should be a general policy of openness about developments, practices, and policies with respect to personal data.

·         Individual participation. Individuals should have the right to obtain information about personal data held by others and to have it erased, rectified, completed, or amended, as appropriate.

·         Accountability. Those who collect personal data should be accountable for complying with the principles.

 

 

On Tue, Sep 17, 2019 at 3:55 AM Richard Hill via Chapter-delegates <chapter-delegates at elists.isoc.org> wrote:

Dear Dave,

 

While I agree with the gist of what you say below, I can think of at least two instances in which ISOC policies are not aligned with US policies: encryption and data protection/privacy.

 

Best,

Richard

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://elists.isoc.org/mailman/private/chapter-delegates/attachments/20190917/6abef335/attachment.htm>

More information about the Chapter-delegates mailing list