IETF Draft 24 Feb. 2016

Internet Engineering Task Force Statement Concerning Personal Data

General – Most Personal Data Submitted to IETF Will Become Public

The Internet Engineering Task Force (“IETF”) operates in an open and transparent fashion.   As a part of this transparency, any contributions, submissions, statements or communications made to us, including postings or other contributions you make to IETF’s website, most IETF mailing lists, all Internet-Drafts or other contributions that you submit, comments you send to IETF regarding IETF or IETF documents, intellectual property disclosures and updates, requests for document authentication, subpoenas, IETF meeting or mailing list registrations, and most other information that you send, submit or post to IETF, and any information that we collect about you through your use of any IETF web site, mailing list or other resource (collectively, your “Personal Data”), other than as expressly excepted in this Statement, will be made public through electronic and other means. You should be aware of our transparent operation when communicating with us.

By providing us with your Personal Data, you are consenting to our disclosure and use of it for IETF-related purposes as described in this Statement. By subscribing to an IETF mailing list or submitting a contribution to IETF, you consent to our using your Personal Data to communicate with you about your participation in IETF. 

IETF also collects information, including through audio and video recording, during and in connection with its events, meetings, mailing lists and conferences, and automatically through its web sites.  All such information may be made public and used by IETF in connection with IETF-related purposes.

Certain visitor characteristics may be reflected in our web server logs (such as, operating system, browser version, and Internet Protocol (IP) address). When you interact with our web sites we may use cookies to uniquely identify you during a session to allow us to process your online transactions and requests and to verify your identity, after you have logged in to a web site and to track user activity between sessions.  Web site visitors who disable their web browser’s ability to accept cookies or alter user tracking will be able to browse the site; however some web site features may not function well if you disable cookies.  IETF does not currently recognize browsers’ Do Not Track (DNT) requests with respect to our web sites.

You Consent to International Transmission of Your Data

Due to the nature of the Internet and our international operations, your communications and submissions may result in the transfer of your information across national boundaries and outside of your country of residence. By communicating with IETF and submitting information to us, you consent to these transfers and to the use of your information as described in this Statement. If you provide Personal Data to IETF, you acknowledge and agree that such Personal Data may be transferred from your current location to others in any country in the world.

Exceptions – Information That We Do Not Release to the Public

As an exception to IETF’s general policy of releasing information to the public, there are certain limited types of Personal Data that we do not release to the public in the ordinary course of our operations (“Non-Public Information”). The categories of Non-Public Information that we currently recognize are described below. 

  Payment Information

  Payment information is not currently collected or stored on IETF's servers. If IETF were to  collect payment card or bank account data from you, we would not release this information to the public.  If you conduct transactions using our web sites (e.g., meeting registration), payment and payment card information will be entered directly into a third party processor’s systems and is not currently transmitted through or stored by our web sites. 

  Non-Public Mailing Lists

  A small number of IETF mailing lists, including the NomCom, IAB, IAOC and IESG mailing lists, are not open to the public. These mailing lists are clearly indicated as non-public in their registration materials.  We do not make the contents of these mailing lists open to the public.

  Passwords

  Some areas of the IETF web site and some IETF mailing lists require you to create and enter a password.  IETF will store these passwords and does not make them available to the public.

Security

We believe that we have implemented commercially reasonable precautions to prevent the unauthorized use, disclosure and alteration of Non-Public Information. However, no data security measures can guarantee complete data security, and IETF does not guaranty the confidentiality of anything that you submit to IETF. Please contact us at privacy@ietf.org if you believe that the security or integrity of any non-public information that you have submitted to IETF has been compromised. Additionally, we may at times be required by law to release Non-Public Information, and we reserve the right to do so if we believe in good faith that such release is required by applicable law, regulation or judicial order.

Children

Our websites are not intended for use by children under 13 years old.  We do not knowingly collect personally identifiable information from, or target our websites to, children under the age of 13.  In accordance with the United States Children’s Online Privacy Protection Act of 1998, if we discover that a child under 13 has provided us with personally identifiable information, without the consent and participation of a parent or guardian, we will remove it from our systems.

Inquiries

If you would like to request information regarding our disclosure of your Personal Data to third parties for direct marketing purposes, please email your request to privacy@ietf.org and we will provide this information free of charge. This information includes a list of the categories of Personal Data that was shared with third parties for direct marketing purposes and the names and addresses of all third parties with which we shared such information in the immediately preceding calendar year.

Compliance

If you have any questions regarding this Statement or believe that IETF is not following the procedures described in this Statement, please contact privacy@ietf.org.  You also may contact us if you have any concerns about the accuracy of, or wish to correct, your Personal Data.  We reserve the right to decline any request to remove or alter information on the IETF web site or in our records except to the extent that we are legally required to do so.

Other Organizations

For the avoidance of doubt, this Statement relates solely to the activities of IETF, and does not cover any non-IETF activities of the Internet Society or any other organization that may be affiliated with IETF.

Consent

Subject to the above provisions, by communicating information (including Personal Data), you consent to the collection, public disclosure and use of information by us in accordance with this Statement.