Orcmid's Lair

Incident Report X040902
Offered Privacy

orcmid>
sostegno>

X040902>
0.00 2004-09-17-12:26 -0700


Category: Privacy and Security Incident ID: X040902
Priority: 9 - Missing Functionality
Status: Initial Definition
Subject: Site Accountability Repaired in: none
Assigned To: Dennis Hamilton (analysis) Reported By: 
Dennis Hamilton (2004-07-02)
Date Opened: 2004-09-17 Date Closed: none

1. Summary
2. Remedies
3. Actions
4. Analysis
5. Lessons Learned

see also:
NuovoDoc Provisional Privacy Policy

1. Summary (2004-09-17):

I am not able to provide a clear privacy statement for NuovoDoc (the business) and nfoCentrale (the sites).  This is aggravated by the actions of other sites that I do not control and that raise privacy questions about any assurance I can offer visitors to my sites.

2. Remedies (2004-09-17):

1. Make the lack of privacy assurance well-known and wide-spread.  Expand awareness and discussion of the Provisional Privacy Policy and the publishing of an overall privacy policy.

2. Identify specific cases where privacy is not assured.

3. Identify mitigations and lead people to those through the privacy statement.

4. Carry out as a form of threat model and see what can be done to make an effective privacy model.

5. Provide something on how people can test privacy provisions and intrusive activities themselves.

3. Actions (as of 2004-09-17):

4. Analysis (2004-09-17):

5. Lessons Learned (tbd)


0.00 2004-09-17-11:45 Create Initial Incident Identification, Analysis, and Proposed Actions
Capture enough material so that related investigation can be defined and this report can be polished later.  Manage with a  job jar.  Although I am in a high-level of cluelessness around this topic, I can at least let visitors to my sites know that much.

Construction Zone (Hard Hat Area)

You are navigating Orcmid's Lair

created 2004-09-17-11:45 -0700 (pdt) by orcmid
$$Author: Orcmid $
$$Date: 05-02-11 16:48 $
$$Revision: 5 $

Home