Privacy was Re: [governance] Who will be in Rio?

Vittorio Bertola vb at bertola.eu
Wed Oct 10 04:14:13 EDT 2007 

Adam Peake ha scritto:
> I'm interested why Robert and Vittorio think this an issue now when it 
> hasn't been a concern for the past 4 or 5 years.  It's been the practice 
> to publish a participants list through WSIS, WGIG consultations, and all 
> IGF consultations and the Athens meeting.

I don't think it is "an issue", and I have no real problem with the 
present system, though I think it'd be better to change it and add an 
option for private registration. I just stress the fact that (at least 
if the conference were in Europe) disclosure requires your informed 
consent and possibly an opt-in/opt-out checkbox at registration (even 
ICANN has one, by the way).

Still, there are a number of valid reasons why someone may want not to 
appear in a public list of attendees, especially in a politically 
sensitive context like this. Suppose that your country (or your boss) 
calls for a boycott of the IGF and you decide to ignore it - you might 
want to be there without this getting posted on the Internet and indexed 
by Google. Or suppose that you are an activist and there's a political 
police group that tracks what you do to fill up their folders. There's a 
difference between showing up at certain times and places where you 
might be seen by some others (but perhaps also ask them not to propagate 
the news) and putting your name into an official list which is highly 
visible and gets spread everywhere.

Guru: my privacy is mine, I have to be able to decide for myself about 
whether I want to be trackable or not. There could be transparency 
issues if, for example, I were serving in a public position (in which 
case I should simply consent to the disclosure), but that is not the 
case for most participants. Several people attend in individual capacity.

Tapani:
> In any case it certainly legal to organize a conference with
> a condition that only those can participate who allow their
> participation to be published. That is certainly indicated by
> the above-quoted statement in the registration form.

According to the EU Directive (and your national implementation may 
vary), except for a few exceptions, you have to give unambiguous consent 
to every specific act of processing; your consent to processing may be 
required for you to get the service, but only if the processing is 
commensurate to the purpose for which the information was collected. In 
other words, at least in the Italian implementation of the Directive 
(but AFAIK it's the same everywhere in the EU), you must be able to opt 
out from any processing which is not strictly necessary for the primary 
purpose, which in this case is attending the conference.

For example, it is definitely necessary for your information to be held 
into a database by the organizers, and checked when you show up at the 
door, and it is also necessary to publish that you are a speaker if you 
are a speaker, otherwise how could the conference work? But it is 
debatable whether publishing the list of participants is necessary to 
make the conference work. I myself have no firm opinion on this, though 
I'd tend to say that it's not necessary and so organizers (again, in the 
hypothetical case of them being in Europe) would be required to provide 
you with an opt-in/opt-out choice.

In any case, apart from legal issues, it'd definitely be kind by the 
organizers to do so in any case - I do not see what they are gaining by 
forcing the disclosure of the participation by anyone who does not want 
this to happen, even if it was just one over 1000, and in this I agree 
with Norbert. People who do not expect privacy would just consent to the 
publishing, and people who expect it would just opt out, and everyone 
would be happy.

Anyway, there are more important issues than this one :)

Regards,
-- 
vb.                   Vittorio Bertola - vb [a] bertola.eu   <--------
-------->  finally with a new website at http://bertola.eu/  <--------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance

More information about the Governance mailing list