Privacy Considerations for Internet Protocols
RFC 6973

Document Type RFC - Informational (July 2013; No errata)
Last updated 2013-07-24
Replaces draft-iab-privacy-terminology, draft-morris-privacy-considerations
Stream IAB
Formats plain text pdf html bibtex
Stream IAB state Published RFC
Consensus Boilerplate Unknown
RFC Editor Note (None)
Internet Architecture Board (IAB)                              A. Cooper
Request for Comments: 6973                                           CDT
Category: Informational                                    H. Tschofenig
ISSN: 2070-1721                                   Nokia Siemens Networks
                                                                B. Aboba
                                                                   Skype
                                                             J. Peterson
                                                           NeuStar, Inc.
                                                               J. Morris

                                                               M. Hansen
                                                                     ULD
                                                                R. Smith
                                                                   Janet
                                                               July 2013

             Privacy Considerations for Internet Protocols

Abstract

   This document offers guidance for developing privacy considerations
   for inclusion in protocol specifications.  It aims to make designers,
   implementers, and users of Internet protocols aware of privacy-
   related design choices.  It suggests that whether any individual RFC
   warrants a specific privacy considerations section will depend on the
   document's content.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Architecture Board (IAB)
   and represents information that the IAB has deemed valuable to
   provide for permanent record.  It represents the consensus of the
   Internet Architecture Board (IAB).  Documents approved for
   publication by the IAB are not a candidate for any level of Internet
   Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc6973.

Cooper, et al.                Informational                     [Page 1]
RFC 6973                 Privacy Considerations                July 2013

Copyright Notice

   Copyright (c) 2013 IETF Trust and the persons identified as the
   document authors.  All rights reserved.  This document is subject to
   BCP 78 and the IETF Trust's Legal Provisions Relating to IETF
   Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

Cooper, et al.                Informational                     [Page 2]
RFC 6973                 Privacy Considerations                July 2013

Table of Contents

   1. Introduction ....................................................4
   2. Scope of Privacy Implications of Internet Protocols .............5
   3. Terminology .....................................................6
      3.1. Entities ...................................................7
      3.2. Data and Analysis ..........................................8
      3.3. Identifiability ............................................9
   4. Communications Model ...........................................10
   5. Privacy Threats ................................................12
      5.1. Combined Security-Privacy Threats .........................13
           5.1.1. Surveillance .......................................13
           5.1.2. Stored Data Compromise .............................14
           5.1.3. Intrusion ..........................................14
           5.1.4. Misattribution .....................................14
      5.2. Privacy-Specific Threats ..................................15
           5.2.1. Correlation ........................................15
           5.2.2. Identification .....................................16
           5.2.3. Secondary Use ......................................16
           5.2.4. Disclosure .........................................17
           5.2.5. Exclusion ..........................................17
   6. Threat Mitigations .............................................18
      6.1. Data Minimization .........................................18
           6.1.1. Anonymity ..........................................19
           6.1.2. Pseudonymity .......................................20
           6.1.3. Identity Confidentiality ...........................20
           6.1.4. Data Minimization within Identity Management .......21
      6.2. User Participation ........................................21
Show full document text