canmove, Confirmed users
2,851
edits
Privacy/Policy/NTIA RFC: Difference between revisions
→III. Mozilla supports a process that is open and transparent while at the same time develops effective and meaningful codes of conduct.
| Line 147: | Line 147: | ||
Stakeholders should publish their explanations of decisions on issues discussed on the web, preferably on an open wiki, and cite sources for their reasoning (using URLs). Stakeholders should also cite the minutes/notes of their meetings with other stakeholders to explain decisions they have reached in concert. | Stakeholders should publish their explanations of decisions on issues discussed on the web, preferably on an open wiki, and cite sources for their reasoning (using URLs). Stakeholders should also cite the minutes/notes of their meetings with other stakeholders to explain decisions they have reached in concert. | ||
There are several lessons from existing consensus-based, multi-stakeholder processes in the realms of Internet policy or technical standard-setting that could be applied to the privacy multi-stakeholder process. We recommend a study of the W3C, IETF, WHATWG and microformats.org organizations. Many of the points those processes have come up with are summarized in this blog post by one of our contributors, Tantek Çelik: http://tantek.com/2011/168/b1/practices-good-open-web-standards-development. | There are several lessons from existing consensus-based, multi-stakeholder processes in the realms of Internet policy or technical standard-setting that could be applied to the privacy multi-stakeholder process. We recommend a study of the W3C, IETF, WHATWG and microformats.org organizations. Many of the points those processes have come up with are summarized in this blog post by one of our contributors, Tantek Çelik: http://tantek.com/2011/168/b1/practices-good-open-web-standards-development. | ||
==== | ====C. Defining & Incentivizing Consensus==== | ||
There are numerous factors in reaching consensus and they tend to differ based on the people involved and the issues at hand. For example, the W3C defines consensus roughly as a position which is either absent of objections, or has the least significant objections among several options. | There are numerous factors in reaching consensus and they tend to differ based on the people involved and the issues at hand. For example, the W3C defines consensus roughly as a position which is either absent of objections, or has the least significant objections among several options. | ||
The NTIA can encourage consensus by requiring that all proposals be posted publicly and all discussions be posted publicly which will encourage stakeholders to think with a broader perspective than simply their own self-interests. Let sub-groups of stakeholders form organically rather than attempting to facilitate anything in particular. To keep the overall process transparent, make sure that all materials discussed are published openly on the web, and that meeting plans/attendees/minutes/notes are similarly published openly on the | The NTIA can encourage consensus by requiring that all proposals be posted publicly and all discussions be posted publicly which will encourage stakeholders to think with a broader perspective than simply their own self-interests. Let sub-groups of stakeholders form organically rather than attempting to facilitate anything in particular. To keep the overall process transparent, make sure that all materials discussed are published openly on the web, and that meeting plans/attendees/minutes/notes are similarly published openly on the | ||
web. | web. | ||
====Requirements for a multi-stakeholder process==== | ====D. Requirements for a multi-stakeholder process==== | ||
Mozilla supports efforts to implement codes of conduct that would bring at least the level of technological and legal principles around privacy afforded to users of the web to the development of mobile apps. | Mozilla supports efforts to implement codes of conduct that would bring at least the level of technological and legal principles around privacy afforded to users of the web to the development of mobile apps. | ||
Therefore, the key requirements that a multi-stakeholder process will need to identify for privacy considerations to be addressed adequately are: | Therefore, the key requirements that a multi-stakeholder process will need to identify for privacy considerations to be addressed adequately are: | ||
| Line 158: | Line 158: | ||
# What are the legal or regulatory ramifications for failing to follow the codes of conduct? | # What are the legal or regulatory ramifications for failing to follow the codes of conduct? | ||
# How much will such codes of conduct continue to allow for innovation around novel uses of data that have user benefit? | # How much will such codes of conduct continue to allow for innovation around novel uses of data that have user benefit? | ||
=== | ===IV. Current illustrative privacy practices === | ||
Mozilla continues to implement a variety of consumer data privacy innovations in the creation of its products that we believe may help provide examples of potential areas for codes of conduct. We design our products with the following principles in mind (paraphrased from http://www.mozilla.org/en-US/privacy/ ): | Mozilla continues to implement a variety of consumer data privacy innovations in the creation of its products that we believe may help provide examples of potential areas for codes of conduct. We design our products with the following principles in mind (paraphrased from http://www.mozilla.org/en-US/privacy/ ): | ||
* No Surprises | * No Surprises | ||
| Line 181: | Line 181: | ||
* make your use of social or local features transparent and give (i) people a way to turn automatic sharing off and (ii) granular control over these features | * make your use of social or local features transparent and give (i) people a way to turn automatic sharing off and (ii) granular control over these features | ||
* obtain consent from users when necessary, especially for location and other sensitive information | * obtain consent from users when necessary, especially for location and other sensitive information | ||
=== | ===V. Accountability=== | ||
We believe that a clear accountability framework is necessary to help make a resulting code of conduct a meaningful exercise. Such an accountability framework should, at a minimum, involve: | We believe that a clear accountability framework is necessary to help make a resulting code of conduct a meaningful exercise. Such an accountability framework should, at a minimum, involve: | ||
* clear, consistent rules around what constitute a violation of the code of conduct, and | * clear, consistent rules around what constitute a violation of the code of conduct, and | ||