On Jul 30, 2009, at 11:49 AM, Alissa Cooper wrote:
The fact that this came up in the context of subpoenas argues in the
other direction. That meeting attendance is subject to subpoena was
probably not evident (or disclosed) to most attendees. What kinds of
legal process does the Trust respond to? Do requests have to have
court backing, or would the blue sheets be disclosed to anyone who
wanted to see them? I agree that in the context of blue sheets, the
answers to these questions are unlikely to be frequently invoked.
But it still makes sense to have a policy around it and to disclose
that policy. Otherwise, people who would want to avoid signing a
sheet due to privacy concerns wouldn't even know of their need to
Furthermore, the blue sheets are in some ways the least of the data
collected by the IETF. What happens to all of our meeting
registration and payment data? What about the server logs for the
IETF web sites? I'm not saying less data should be collected (I
don't really know enough to evaluate that). I just think there
should be a policy for protecting that data and the people it
describes. It is hard to come by an organization web site that
THe Trust has a documents retention policy (the current one is at
Here is some background. I am only talking about physical material,
not electronic records.
Most of the physical material held by the IETF Trust was turned over
by CNRI as part of the the Settlement
that set up the Trust. I volunteered to evaluate this material, and
went with the IAD one cold day to look at
several pallets worth of material (much of which was CNRI material not
belonging to the Trust, such records of other conferences run by
Foretec, and all of which was gone through).
This IETF material totaled 64 boxes, including Blue Sheets (starting
with IETF 22 in 1991) and a mass of registration payment material
(starting with IETF 26 in 1993). Some of this material was obviously
highly sensitive (random samplings showed canceled checks, credit card
imprints, passport photo page copies, US Social Security Numbers,
addresses, phone numbers, etc.). While I do know how this material was
treated previously, while in the Trust's possession it was always held
in a secure storage facility.
There were various discussions by the Trustees with counsel about how
to handle this material, what should be kept, and for what periods.
Agreements with Credit Card companies mean that credit card material
has to kept for a relatively short period of time (18 months), in case
the bill is disputed, and it was decided to adopt that period for
canceled checks and other sensitive personal information.
The result is the above Document Retention Policy, and the IAD and I
duly went to the storage facility once this was enacted and the
sensitive material in the Trust's possession was destroyed. New
material is held by the Secretariat and is generally destroyed by the
Secretariat before it goes into the Trust archives. Other material is
held as called for in the Document retention policy.
I hope that you find this background useful.
On Jul 30, 2009, at 5:32 PM, David Morris wrote:
On Thu, 30 Jul 2009, Alissa Cooper wrote:
The discussion about blue sheets begs the question: does the IETF
but I didn't see one posted anywhere. If there's a legal entity
collecting personal information (which there obviously is), it
It is a stretch, which my imagination can't fathom, to consider a
list of attendees in a public meeting to be personal information.
Give the ease with which one can avoid having one's name recorded,
I don't see any issue except the administrative support issues
related to storing old paper.
Ietf mailing list
Ietf mailing list
Ietf mailing list