Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Fwd: Persona and Prism

Bernard Tyers - ei8fdb ei8fdb at ei8fdb.org
Sat Jun 8 18:53:07 PDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

While not as big a player in the identity area as others, below is Mozilla's Identity group response to a question about legal (or otherwise) requests.


Begin forwarded message:

> From: Melvin Carvalho <melvincarvalho at gmail.com>
> Date: 8 June 2013 15:11:44 GMT+01:00
> To: Ben Adida <ben at adida.net>
> Cc: "dev-identity at lists.mozilla.org" <dev-identity at lists.mozilla.org>
> Subject: Re: Persona and Prism
> 
> On 7 June 2013 19:43, Ben Adida <ben at adida.net> wrote:
> 
>> 
>> Melvin,
>> 
>> Would it be correct to say that Persona would have no option but to comply
>>> with operations such as  "Prism"?
>>> 
>> 
>> I will speak very precisely to what I know: Mozilla Persona has not been
>> the target of these kinds of inquiries to date. If we did receive
>> inquiries, we would put them through the same rigorous process we always do
>> to determine whether there is a legal requirement for us to comply.
>> 
> 
> Thanks for getting back.  It's good to know Mozilla was not part of this.
> To be fair I'm sure most people at the other firms did not want to
> sacrifice user data, but probably felt they had no choice.  It's worse that
> this happened in secret.
> 
> e.g. facebook's comment was a little scary:
> 
> *They said: “We will protect you and your information better than any other
> company in the world.”
> 
> They say: “When Facebook is asked for data or information about specific
> individuals, we carefully scrutinize any such request for compliance with
> all applicable laws, and provide information only to the extent required by
> law.”
> *
> What's concerning is that if Persona gains in popularity, it may become
> more of a target.
> 
> 
>> 
>> It helps that we've designed the protocol to limit the data we collect
>> (without compromising our use cases, a sweet spot.)
>> 
> 
> I think this is the way to go.  I'd still like to see a "zero knowledge"
> option, but perhaps that's something for the future.
> 
> 
>> 
>> -Ben
>> 
>> 
> _______________________________________________
> dev-identity mailing list
> dev-identity at lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-identity

- --------------------------------------
Bernard / bluboxthief / ei8fdb

IO91XM / www.ei8fdb.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQEcBAEBAgAGBQJRs+AEAAoJENsz1IO7MIrrjTYH+gIR/bxG4r7tU1mCPZF/YBLm
mUO91zBMZHMBynwjRYRwRY8K/u37pvNafA8eAYttAnB7EzxDi8GbDO51fQmnov2l
tF8NqBzx38Y8+G1OQRj6CacLSCRe7Wad37lDq9Gs6UnkZ7VnckxxvHmBwYBwySc4
0/pK0Kitdi/ifTth2S89EzyoZvcK3j8XQfHugvvO1zJCFq0WXOBeREgj3Y9Ma/ps
xxjZ621rLh8nPNNhEGcvxDQObpYuJ+rcn77U1Sw4vvh322wBZeWy+1hVKs/wzsir
Y0MdlYNAgTNM81D8AADx/LSUQzAi9uki1xAUfhRG8pQ78IIpEnmoIMggAhyGuOo=
=kMbG
-----END PGP SIGNATURE-----



More information about the liberationtech mailing list