[OpenID board] OIDF Privacy Policy

DeWitt Clinton dewitt at google.com
Thu Jan 28 06:40:51 UTC 2010 

Did you know that "privacy" is the one link that appears on every page
hosted by google?

(Okay, not really, but it's pretty darn close.)

There's a good reason for this, and it sets a very good example.  So +1 to
putting the link in the footer on openid.net.  And on every site.

-DeWitt

On Wed, Jan 27, 2010 at 10:32 PM, David Recordon <recordond at gmail.com>wrote:

> Please no.  There are very few parts of the site which people are actually
> interacting with and where we accept data.  I'm fine with this on pages for
> things like the membership tool and wiki.
>
> --David
>
>
> On Wed, Jan 27, 2010 at 10:30 PM, Nat Sakimura <n-sakimura at nri.co.jp>wrote:
>
>>  They look good.
>>
>> In addition, I feel that it is a good practice to put privacy policy link
>> as a footer item in every page as well.
>> In our case, right next to "Contact Us" in the footer.
>>
>> =nat
>>
>>
>> (2010/01/28 10:00), John Ehrig wrote:
>>
>>  Darin at Refresh mocked up a couple of options for the higher visibility
>> location for the privacy policy (attached).  Thoughts?
>>
>>
>>  ------------------------------
>>
>> *From:* openid-board-bounces at lists.openid.net [
>> mailto:openid-board-bounces at lists.openid.net<openid-board-bounces at lists.openid.net>]
>> *On Behalf Of *John Ehrig
>> *Sent:* Wednesday, January 27, 2010 4:51 PM
>> *To:* openid-board at lists.openid.net
>> *Subject:* Re: [OpenID board] OIDF Privacy Policy
>>
>>
>>
>> Actually, we already do have an approved and actively in use OIDF privacy
>> policy (see the attached).  A couple of issues:
>>
>> 1) It is buried in the membership portal and only viewable when you first
>> sign up as a new member (which is why it took me so long to track it down)
>>
>> 2) It seems to be written specifically as a member privacy policy (which
>> may not really be an issue if we are ok with it as is for that purpose)
>>
>>
>>
>> I can immediately fix issue #1 by posting it in an easy to find/view page.
>>
>>
>>
>>
>> Longer term, we can use this existing policy as a stating point if we want
>> to improve or broaden it within the legal or privacy committee.
>>
>>
>>  ------------------------------
>>
>> *From:* openid-board-bounces at lists.openid.net [
>> mailto:openid-board-bounces at lists.openid.net<openid-board-bounces at lists.openid.net>]
>> *On Behalf Of *John Bradley
>> *Sent:* Wednesday, January 27, 2010 10:00 AM
>> *To:* openid-board at lists.openid.net
>> *Subject:* Re: [OpenID board] OIDF Privacy Policy
>>
>>
>>
>> I think that it would be fine to post redacted versions.
>>
>>
>>
>> I suspect that a page with the companies and individuals who have signed
>> up for WG is probably more useful than the scanned agreements themselves.
>>
>>
>>
>> I made a IPR declaration three years ago when the OIDF was formed and the
>> PAPE WG started.  I don't recall anyone telling me it was going to be
>> scanned and posted.
>>
>>
>>
>> I like most people haven't thought about it in a while because there
>> haven't been new WG.
>>
>>
>>
>> If we are going to publish information that people give us we need to make
>> that clear at the time of collection.
>>
>>
>>
>> We may be violating privacy laws outside the US.   I would prefer to make
>> sure it is not an issue for the membership.
>>
>>
>>
>> John B.
>>
>>
>>
>>
>>
>> On 2010-01-27, at 2:47 PM, Mike Jones wrote:
>>
>>
>>
>> It would be fine to post digital images with the signatures and address
>> information redacted – possibly by overlaying them with “Information on file
>> with OIDF” or something of that sort.  (Sort of how elevators often contain
>> messages about the elevator license being on file at such-and-such place.)
>>
>>
>>
>>                                                             -- Mike
>>
>>
>>
>> *From:* openid-board-bounces at lists.openid.net [
>> mailto:openid-board-bounces at lists.openid.net<openid-board-bounces at lists.openid.net>
>> ] *On Behalf Of *David Recordon
>> *Sent:* Wednesday, January 27, 2010 9:40 AM
>> *To:* openid-board at lists.openid.net
>> *Subject:* Re: [OpenID board] OIDF Privacy Policy
>>
>>
>>
>> Hey John,
>>
>> I'm happy to have us reconsider the policy.
>>
>>
>>
>> The idea is to make it incredibly transparent around who has signed what
>> (when it comes to IP).  So far you're the first person in three years to say
>> anything about it.
>>
>>
>>
>> Considering that there can be different versions of documents and some
>> documents with options, scanning them as PDFs seemed like the easiest and
>> most accurate method.  99% of the time it's also companies signing the
>> agreements and using corporate addresses versus personal.
>>
>>
>>
>> If Global Inventures is able to manage these agreements and keep up to
>> date online records, I'm less worried about each agreement
>> being available online.
>>
>>
>>
>> That said, they should be made available upon request.
>>
>>
>>
>> --David
>>
>> On Wed, Jan 27, 2010 at 7:07 AM, John Bradley <jbradley at mac.com> wrote:
>>
>> In the process of setting up the AX 1.1 WG a number of things have come to
>> light.
>>
>> One is some confusion around who needs to submit what sort of agreement,
>> Personal or Company.
>> Perhaps our new Secretary can have a look at that.
>>
>> The more important one is that the OIDF has a practice of positing scanned
>> documents publicly including peoples signature.
>>
>> A number of us don't think publicly posting our address info with a scan
>> of our signature is such a good idea.
>>
>> I think everyone agrees that who has signed contribution agreements and
>> what WG they apply to should be public.
>>
>> However there are ways to do that are less subject to identity theft and
>> other issues.
>>
>> I would like to recommend that one of our committees (perhaps the legal
>> one) or a sub committee.
>>
>> Review and publish the OIDF privacy policy and specifically if practices
>> like posting members PII publicly are appropriate.
>>
>> The board can then consider those recommendations.
>>
>> In the interim I would like GlobalInventures to redact my signature from
>> any and all of the IPR agreements they publish.
>>
>> I don't think we can be credible respecting peoples right to privacy on
>> the internet if we don't do a credible job with our own members.
>>
>> There may be other privacy issues I am not currently aware of as well.
>>
>> I think being proactive about privacy can only increase participation from
>> the community in general.
>>
>> Regards
>> John B.
>> _______________________________________________
>> board mailing list
>> board at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-board
>>
>>
>>
>> _______________________________________________
>> board mailing list
>> board at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-board
>>
>>
>>
>>
>> _______________________________________________
>> board mailing listboard at lists.openid.nethttp://lists.openid.net/mailman/listinfo/openid-board
>>
>>
>>
>> --
>> Nat Sakimura (n-sakimura at nri.co.jp)
>> Nomura Research Institute, Ltd.
>> Tel:+81-3-6274-1412 Fax:+81-3-6274-1547
>>
>>
>> _______________________________________________
>> board mailing list
>> board at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-board
>>
>>
>
> _______________________________________________
> board mailing list
> board at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-board/attachments/20100127/b6bef9e2/attachment-0001.htm>

More information about the board mailing list