toni_user: rough consensus, calibrated to circumstances, that is.
toni_user: i think that privacy should be something like that too.
toni_user: rough
toni_user: and calibrated to circumenstances.
ben_geer: yes
ben_geer: but how?
toni_user: through some form, that's for sure.
ben_geer: "Calibrated to circumstance" can mean "whatever anyone thinks at any given moment".
toni_user: defined form, one that defines flexibilites and links them with political values,
 like the rest of the charter.
toni_user: not, not at all.
ben_geer: What's needed is a way to prevent it from meaning "We can keep anything we want
 secret just by claiming that it's necessary in the present circumstances."
toni_user: no, no. privacy is an exception.
toni_user: openness is by default.
toni_user: it can only work that way.
ben_geer: There are governments that have been operating in a "state of emergency"
 (i.e. exception) for 40 years.
toni_user: yes, the criteria and process remain.
toni_user: true.
toni_user: but our privacy mediator would refute the need for it.
ben_geer: Yes.
toni_user: if not, org can demand different mediator
toni_user: if the trust is lost
ben_geer: But then what does "calibrated to circumstances" mean?
toni_user: or coruption suspected.
ben_geer: How does it help the privacy mediator decide what to do?
toni_user: i can think of some circumstances, but they're impossible to justify 
when in terms to the basic political value of being able to influence
toni_user: decisions that influence you.
toni_user: since, if an openorg starts to hide a lot
toni_user: it reduces ability of other orgs and indivudals
ben_geer: (Another example: the UK government has opted out of the EU Charter of
 Fundamental Rights, on the grounds that the threat of terrorism represents an 
exceptional circumstance, so that it can detain suspects indefinitely without 
charges and without trial.  This is being challenged in the European Court of Justice.)
toni_user: to make a judgment
toni_user: as to how much would they be influenced by what openorg that hides does.
ben_geer: I think people should agree that there are some principles that are *never*
 worth violating, no matter what the circumstances.  "Exceptional circumstances" are 
very often used to justify attempts to seize more power or hide unacceptable actions.
ben_geer: That's the argument used by the US judge that has recently ruled that the 
Guantanamo Bay military trials are not adequate.
ben_geer: She said that the right to a trial in which you can hear the evidence against you,
 and have access to a lawyer, should never be given up, no matter what the circumstances.

ben_geer: maybe we need a list of reasons why privacy can be justified.  We have a couple
 in the charter, maybe it needs a more complete list for the framework.
ben_geer: And maybe we also need a list of things that cannot be kept secret in any circumstances.
ben_geer: That would help the privacy mediator do her job.
ben_geer: We should also say something about a commonly used category, "Need to Know". 
 In governments and the military, some knowledge is made accessible on a "need to know" 
basis, i.e. if you can prove you need to know it.  It doesn't sound like a good idea to me, 
but we should probably say something about it.
toni_user: are we not reversing the NTK principles.
toni_user: are we not saying NTNKT? need to not know, temorary.
toni_user: otherwise, anyone can know what they want to know.
ben_geer: Yes.
toni_user: even when pricacy is excersized, it is temporary measuer for a proposal to surface.
ben_geer: But the basis of the NTK principle is that it's not generally possible to say, 
"Everyone should be able to know this except John."  Because if everyone else knows it, 
someone will tell John.
ben_geer: So the NTK principle is a kind of compromise: we don't want John to know,
 so we'll allow people to know if we think they need to, and if we think they won't tell John.
toni_user: we don't have "except" anywhere in our framework. do we?
ben_geer: no
toni_user: hm
toni_user: i can understand NTK in terms of passwords, for example.
toni_user: or nuclear reactor access codes
ben_geer: The grey area is military operations.
ben_geer: The general public should be able to know what the military is doing, 
because armies often do nasty things when they're not supervised.
toni_user: but that does not say "except", it says "some people must know in order to keep
 some service running, or to perform some needed social function", if anyone else knowns, 
it posses risk to society too large to accept.
ben_geer: But you don't want the enemy to know what the army is doing.
toni_user: now, what is that risk? how does one defines risk. and acceptable to whome? 
ben_geer: Yes, that's the problem.  Because if you have a public debate about the risk,
 you've already revealed the secret.
ben_geer: (E.g. the US doing covert operations in Iran.)
ben_geer: But that's what the privacy mediator is for.  I think it's a great idea.
ben_geer: I think we should make a list of things that people might want to keep secret, 
and see how they fit with political principles, and then produce some guidelines for privacy mediators.
ben_geer: When secrecy is OK, when NTK is better, when public knowledge is necessary.
toni_user: sounds good to me.
toni_user: we need a privacyMediator-dev page on wiki.
ben_geer: yes
toni_user: stick those ideas there.