1. privecsg-15-0004-00-0000 1 Privacy Recommendation PAR Proposal Date: [2015-01-15] Authors: NameAffiliationPhoneEmail Juan Carlos ZúñigaInterDigital Labsj.c.zuniga@ieee.org Notice: This document does not represent the agreed view of the IEEE 802 EC Privacy Recommendation SG. It represents only the views of the participants listed in the ‘Authors:’ field above. It is offered as a basis for discussion. It is not binding on the contributor, who reserve the right to add, amend or withdraw material contained herein. Copyright policy: The contributor is familiar with the IEEE-SA Copyright Policy.http://standards.ieee.org/IPR/copyrightpolicy.html Patent policy: The contributor is familiar with the IEEE-SA Patent Policy and Procedures: and.http://standards.ieee.org/guides/bylaws/sect6-7.html#6http://standards.ieee.org/guides/opman/sect6.html#6.3 Abstract This document presents a PAR-CSD text proposal for consideration/discussion by the IEEE 802 Privacy EC SG.

2. privecsg-15-0004-00-0000 2 Privacy Recommendation PAR/CSD Proposal Juan Carlos Zuniga InterDigital Labs

3. privecsg-15-0004-00-0000 3 Title IEEE Recommended Practice for Information technology-- Telecommunications and information exchange between systems-- Local and metropolitan area networks: Privacy considerations for IEEE 802 Protocols.

4. privecsg-15-0004-00-0000 4 Scope of the Project This document specifies a privacy threat model for IEEE 802 protocols and provides recommendations for protocol developers and implementers… –A) to include features in the design of [new] protocols to protect against [these] privacy threats. –B) on how to protect against privacy threats when designing [new] protocols.

5. privecsg-15-0004-00-0000 5 Purpose The recommended practice document will provide recommendations to address privacy threats applicable to link layer technologies, including threats such as Surveillance, Monitoring, Stored Data Compromise, Intrusion, Misattribution, Correlation, Identification, Secondary Use, Disclosure and Exclusion.

6. privecsg-15-0004-00-0000 6 Need There have been recent concerns about Internet privacy. SDOs such as IETF and W3C have decided to take actions to improve privacy features in Internet technologies. Some of the technologies developed in IEEE 802 play a major role in Internet connectivity. IEEE 802 has been collaborating with IETF in many fronts and the need to develop privacy guidelines in IEEE 802 has been identified as one new area for collaboration between the two organizations. –A) This project will describe the privacy threats applicable to IEEE 802 technologies and will provide recommendations for IEEE 802 protocol developers and implementers to provide privacy in Link Layer technologies. –B) This document will provide recommendations on how to consider privacy as part of protocol design and how to inform readers and implementers of protocol specifications about privacy issues.

7. privecsg-15-0004-00-0000 7 Stakeholders Developers, providers, and users of services, content and equipment for wired and wireless network connectivity. This includes software developers, networking IC developers, bridge and NIC vendors, service providers and users.

8. privecsg-15-0004-00-0000 8 Possible Registration Activity This project does not envision any registration activity.

9. privecsg-15-0004-00-0000 9 Managed Objects Describe the plan for developing a definition of managed objects. The plan shall specify one of the following: –a) The definitions will be part of this project. –b) The definitions will be part of a different project and provide the plan for that project or anticipated future project. –c) The definitions will not be developed and explain why such definitions are not needed. c) This is a recommended practice document that does not specify any parameters, so it has no managed objects.

10. privecsg-15-0004-00-0000 10 Coexistence A WG proposing a wireless project shall demonstrate coexistence through the preparation of a Coexistence Assurance (CA) document unless it is not applicable. –a) Will the WG create a CA document as part of the WG balloting process as described in Clause 13? (yes/no) –b) If not, explain why the CA document is not applicable. A CA document is not applicable because this project does not use wireless spectrum.

11. privecsg-15-0004-00-0000 11 Broad Market Potential Each proposed IEEE 802 LMSC standard shall have broad market potential. At a minimum, address the following areas: –a) Broad sets of applicability. –b) Multiple vendors and numerous users. The wired and wireless Internet industries are experiencing unprecedented growth. New social networks and applications are being used across multiple networks and devices. These developments bring enormous economic and social value to individuals and to society as a whole. Users are increasingly aware of privacy issues. According to GSMA (Mobile Privacy Principles), “A critical factor for the sustainable development of this eco-system is a robust and effective framework for the protection of privacy, where users can continue to have confidence and trust in Internet technologies, applications and services.” Privacy has also been identified as a key feature for Internet service providers, network providers and device manufacturers, as recent industry announcements show. Most Internet connections make use of a technology developed in IEEE 802 (e.g. IEEE 802.3, 802.1 and 802.11), and some companies have already started implementing privacy features on top of IEEE 802 protocols. Providing privacy features is already seen as a business advantage. This recommendation will mitigate the risk of privacy threats on IEEE 802 technologies and will foster continued growth of deployment of IEEE 802 technologies for communication devices.

12. privecsg-15-0004-00-0000 12 Compatibility Each proposed IEEE 802 LMSC standard should be in conformance with IEEE Std 802, IEEE 802.1AC, and IEEE 802.1Q. If any variances in conformance emerge, they shall be thoroughly disclosed and reviewed with IEEE 802.1 WG prior to submitting a PAR to the Sponsor. –a) Will the proposed standard comply with IEEE Std 802, IEEE Std 802.1AC and IEEE Std 802.1Q? –b) If the answer to a) is no, supply the response from the IEEE 802.1 WG. –The review and response is not required if the proposed standard is an amendment or revision to an existing standard for which it has been previously determined that compliance with the above IEEE 802 standards is not possible. In this case, the CSD statement shall state that this is the case. a) Yes.

13. privecsg-15-0004-00-0000 13 Distinct Identity Each proposed IEEE 802 LMSC standard shall provide evidence of a distinct identity. Identify standards and standards projects with similar scopes and for each one describe why the proposed project is substantially different. There is no other standard that defines a privacy threat model and recommended practice for IEEE 802 protocols.

14. privecsg-15-0004-00-0000 14 Technical Feasibility Each proposed IEEE 802 LMSC standard shall provide evidence that the project is technically feasible within the time frame of the project. At a minimum, address the following items to demonstrate technical feasibility: –a) Demonstrated system feasibility. –b) Proven similar technology via testing, modeling, simulation, etc. The recommended practice will define high level [guidelines] that can be followed by protocol designers and implementers to ensure privacy is provided. Hence, no specific technical changes will be specified. [However, some experiments have been carried out and technical reports of these experiments can/will be provided.]

15. privecsg-15-0004-00-0000 15 Economic Feasibility Each proposed IEEE 802 LMSC standard shall provide evidence of economic feasibility. Demonstrate, as far as can reasonably be estimated, the economic feasibility of the proposed project for its intended applications. Among the areas that may be addressed in the cost for performance analysis are the following: –a) Balanced costs (infrastructure versus attached stations). –b) Known cost factors. –c) Consideration of installation costs. –d) Consideration of operational costs (e.g., energy consumption). –e) Other areas, as appropriate. Mitigation techniques for privacy threats are mainly software-based solutions, which have a minimal impact on the cost of the devices.