Privacy policy as a protocol issue

Simon E Spero (
Mon, 23 Jan 1995 00:45:41 +0100

I've been working on some of the tricky bits of the HTTP-NG negotiation
mechanism (Dave's started nagging me again :-), and one of the domains I've
been trying to dot the t's on deals with policy options.

These policy controls were originally designed to benefit information
providers- for example, many sub-licencees of databases are required in their
contracts to display copyright information provided by the real owner of the
database. They were also intended to control the storage and further
distribution of copyrighted information.

However, this kind of policy control can also be used to protect clients.
For example, a user might wish to request that log information not be forwarded
to outside parties, or even between departments within a given organisation.

Commercial sites might prefer to be able to use access information to assist in
consumer service; academic sites will tend to follow full ALA best practice.

Having support for this kind of negotiation in the protocol seems useful to
me - it doesn't add much to the implementation, and does address some privacy

Are there any other policy areas that would benefit from protocol support- the
whole area can get pretty murky pretty fast. Comments?


-- Options to support adminstrative policy

-- Policies for Clients

Mandatory-Display BOOLEAN -- Will honour requests for mandatory
-- display (licences, etc).
Honour-CopyControl BOOLEAN -- Will honour copy control requests
-- (e.g. don't save to disk, don't
-- cache, don't redistribute)
-- Policies for Servers

-- Logging
Log-Direct BIT STRING -- Log use by provider
Log-Internal BIT STRING -- Log use by providers organisation
Log-External BIT STRING -- Log use by external party.
-- Log options
En-Clair(0) -- May store log data unencrypted
Individual(1) -- Traceable to specific individual
Site(2) -- Traceable to specific site
Armed-Defence(3)-- Will use deadly force to protect log data :)