Privacy Considerations for Internet Protocols

Nearly a decade ago, CDT began participating in Internet standardization efforts with the notion that policy implications were inherent in design decisions about the fundamental communications protocols that underlie the Internet’s functioning. As part of our participation in the Internet Engineering Task Force (IETF) – the home of protocols like IP and HTTP – we suggested a set of privacy and other policy considerations that developers of Internet protocols might take into account as part of their design processes.

Although that first effort never came to full fruition in the form of an IETF standard (RFC), certain corners of the Internet engineering community have in recent times shown a renewed interest in incorporating privacy as a design consideration within the Internet standards process. To that end, as part of the activities of the IETF’s Internet Architecture Board (IAB) on which I sit, a new set of draft privacy guidance has just been published. Although it is very much a work-in-progress, it represents a crucial step on the path toward embedding privacy consciousness in the design of new Internet standards. I’m looking forward to engaging with the IETF community and the broader privacy community in this effort. Work in the IETF proceeds largely on public mailing lists, so anyone who wants to contribute to the discussion is welcome (join the ietf-privacy list and see my message about the draft).