Incident Report
X040902 |
Category: Privacy and Security Incident ID: X040902 Priority: 9 - Missing Functionality
- Status: Initial Definition
Subject: Site Accountability Repaired in: none Assigned To: Dennis Hamilton (analysis) Reported By:
Dennis Hamilton (2004-07-02)Date Opened: 2004-09-17 Date Closed: none 1. Summary
2. Remedies
3. Actions
4. Analysis
5. Lessons Learned
- see also:
- NuovoDoc Provisional Privacy Policy
I am not able to provide a clear privacy statement for NuovoDoc (the business) and nfoCentrale (the sites). This is aggravated by the actions of other sites that I do not control and that raise privacy questions about any assurance I can offer visitors to my sites.
1. Make the lack of privacy assurance well-known and wide-spread. Expand awareness and discussion of the Provisional Privacy Policy and the publishing of an overall privacy policy.
2. Identify specific cases where privacy is not assured.
3. Identify mitigations and lead people to those through the privacy statement.
4. Carry out as a form of threat model and see what can be done to make an effective privacy model.
5. Provide something on how people can test privacy provisions and intrusive activities themselves.
Clean up. Something about provisional privacy, making the provisional privacy statement well-known, and then seeing how to take it farther. Bringing the proposed remedies into existence.
You are navigating Orcmid's Lair |
created 2004-09-17-11:45 -0700 (pdt) by orcmid |