welcome: please sign in

The following 420 words could not be found in the dictionary of 7 words (including 7 LocalSpellingWords) and are highlighted below:
above   access   accessed   accessible   accessibly   accidentally   act   action   actions   actively   activity   actual   administration   administrator   administrators   advancing   after   against   agency   agent   agents   Aggregate   all   All   an   An   and   another   Anti   Any   any   anyone   appropriate   are   as   assist   assistance   attempt   authorized   avoided   aware   backups   bandwidth   be   becomes   been   board   bodily   breaches   broad   bug   but   by   can   cannot   carrying   case   central   circumstance   circumstances   circumvent   civil   code   communicate   communications   compliance   comply   conclusion   conducting   confidential   confidentiality   Congress   construed   content   contractor   contracts   contrary   controlling   controls   Coop   cooperating   cooperation   cooperative   corporate   corporation   court   crime   criminal   data   dealing   death   defect   described   destination   diagnose   direct   director   directors   disclose   disclosed   disclosing   disclosure   dispute   does   doing   Draft   due   duties   economic   either   element   employment   enacted   encountering   enforce   enforcement   ensure   error   even   example   except   executive   exist   expansive   expectations   expedite   exploit   expulsion   extend   extent   facilitate   facilitators   failed   failure   find   fix   following   For   for   forbidden   forbidding   from   full   furtherance   given   goverment   government   grant   greater   grounds   hardware   harm   has   have   here   how   However   if   If   illegal   illegality   immunities   immunity   impose   in   inaccessible   Inc   include   includes   including   incorrect   indicate   indicates   individual   inferring   information   initiate   injury   instance   instead   intended   intercept   interest   internally   investigation   investigations   involves   is   it   It   its   jurisdiction   law   lawful   lawfully   laws   legal   legislation   liability   likelihood   limited   limits   list   longer   made   mailed   mailing   maintain   maintained   Maintaining   make   making   material   matter   may   means   member   members   Members   membership   more   must   national   nature   necessary   need   network   networks   No   no   non   nontrivial   not   Nothing   Notice   notice   notified   notify   obvious   obviously   of   officer   official   on   one   only   operation   or   order   ordinarily   ordinary   other   otherwise   out   overbearing   overbroad   own   owner   owns   particular   party   Pennsylvania   people   performance   permissible   permission   permissions   permitted   person   persons   policies   policy   possible   powers   preceding   presence   pressure   presumed   presumption   prevent   prevention   Privacy   privacy   probe   Probing   problems   prominently   protected   protection   provide   Provision   provisions   public   published   punishable   purpose   purposes   putative   question   realized   reasonable   reasonably   rebutted   regardless   regulations   relates   relevant   reliable   remedy   removal   requests   required   resignation   Resolved   respected   responding   responsible   restitution   restrict   routine   running   search   section   sections   secured   security   seek   serious   service   services   setting   settings   shall   Should   should   single   so   software   some   soon   source   sources   spam   special   specifically   staff   States   statistics   status   still   stop   storage   Stored   stored   strong   subpoena   such   Such   surveillance   suspect   system   System   systems   technical   termination   terms   than   that   The   the   their   then   therefore   they   They   third   this   This   those   through   time   to   transmissions   transmitting   treated   tribunal   trivial   two   type   Unauthorized   unauthorized   under   United   unless   unrelated   use   users   using   valid   view   violating   Violation   Violations   voluntary   vulnerabilities   vulnerability   was   website   well   what   when   Whenever   where   Whereas   which   who   will   with   within   would  

Clear message
Edit

DraftPrivacyPolicy

Draft policies.

1. Anti-FISA

Whereas, the executive administration of the United States and the United States Congress have been advancing legislation that would grant expansive surveillance powers to law enforcement, and provide broad immunities to facilitators of illegal government surveillance, and,

Whereas, the members of HCoop, Inc., have a strong privacy interest in their data and communications, and a special need for the protection of this privacy against the pressure of illegal, overbroad, and overbearing government surveillance, therefore, be it

Resolved, that the following be enacted as an official policy of HCoop, Inc.:

1. No member, director, officer, system administrator, staff, agent, or contractor of the corporation shall assist any law enforcement, any agency of the government of the United States, or any other third party in conducting surveillance or other investigation of the corporation’s members or of confidential data or transmissions on the corporation’s hardware or networks when doing so is contrary to the laws or regulations of the United States, Pennsylvania, or any other controlling jurisdiction.

2. Any director, officer, system administrator, staff, agent, or contractor of the corporation who becomes aware of illegal surveillance or investigation by any government agency of the type described in the preceding section must, to the extent permitted by law, make full disclosure of such activity to all members of the board of the corporation. If such disclosure is not lawfully permitted, then such person must, if possible, make reasonable lawful disclosure to another government agency, other than the agency or agents conducting the illegal activity, in order to stop the illegality.

3. Such assistance is forbidden and such disclosure is required regardless of any grant of immunity from civil or criminal liability, either for the individual or for the corporation, and regardless of the source of any such immunity.

4. Such assistance is forbidden and such disclosure is required regardless of any putative purpose for such surveillance or investigation, including, but not limited to, investigation or prevention of any crime, economic harm, serious bodily injury or death, or breaches of national security.

5. Provision of such assistance as in section 1 or failure to disclose as required in section 2 is grounds for termination of membership, employment, and contracts, and removal of directors from the board.

6. No member, director, officer, system administrator, staff, agent, or contractor of the corporation shall use HCoop services for criminal purposes.

7. The corporation shall seek to impose terms in all relevant contracts to enforce the provisions of this policy.

8. Nothing in the terms of this policy shall be construed to prevent anyone from lawfully cooperating with a government agency to expedite the lawful carrying out of any government investigation, where otherwise permitted by corporate policies or 18 U.S.C 2702(b) & (c).

2. Privacy

Whereas, the members of HCoop, Inc., have a strong privacy interest in their data and communications, and,

Whereas, some access to such data may be required internally by the corporation to ensure the reliable operation of its services and compliance with its policies, or to comply with the law or assist in lawful government investigations, and,

Whereas, members and staff of the corporation need notice of what privacy expectations will respected and what actions are permissible by staff, therefore, be it

Resolved, that the following be enacted as an official policy of HCoop, Inc.:

1. Members are responsible for setting appropriate permissions to restrict access to their stored data.

2. All network transmissions, regardless of source, destination, or content are confidential. Aggregate statistics of network transmissions are public.

3. Stored information that is ordinarily inaccessible to ordinary users is to be treated as confidential. Aggregate statistics of stored data are public.

4. Stored information that is ordinarily accessible to ordinary users is presumed to be public. This does not include material that is accessible to ordinary users who actively circumvent software or hardware controls due to some bug, vulnerability, or other defect, no matter how trivial the exploit or how obvious the vulnerability.

5. The presumption of the above section may be rebutted when the circumstances indicate that data was intended to be protected and confidentiality may still be maintained. For instance, obviously confidential stored data of one member accessible to other ordinary system users due to incorrect permission settings should be treated as confidential as soon as this is realized. Notice should be given to the owner of the data so that it can be secured. However, the presumption may not be rebutted if the information is published so prominently and accessibly that it is no longer possible to maintain its confidentiality. An example would be information accidentally mailed to a mailing list, published prominently on a website, or otherwise actively made public by the owner’s own error.

6. Unauthorized persons may not access or intercept confidential data of any other member or of the corporation.

7. Unauthorized persons may not probe for or attempt to exploit any security vulnerability in the corporation’s systems. “Probinghere means running code or transmitting data to search for particular vulnerabilities. It does not extend to inferring the presence of vulnerabilities from public sources of system information. Should any unauthorized member suspect or find that a vulnerability may exist, they must not attempt to diagnose, exploit, or fix it, but instead should notify a system administrator, officer, or authorized agent of the corporation.

8. Violation of sections 6 and 7 is grounds for expulsion of the member in question.

9. System administrators and other authorized agents of the corporation may access confidential data to the extent necessary to maintain the system. They may not communicate this data to any other person, except to other authorized persons only to the extent necessary to maintain the system. Maintaining the systemincludes, but is not limited to, making backups, responding to member service requests, dealing with performance problems, and so on. The member who owns the confidential data need not be notified unless two or more people have accessed nontrivial confidential data, in which case the owner must be notified within a reasonable time after the data has been accessed.

10. System administrators and other authorized agents of the corporation may view confidential data to the extent necessary to enforce the corporation’s policies. This includes technical policies such as bandwidth and storage limits, as well as policies such as those forbidding spam. Any non-routine or expansive investigation under this section must be specifically authorized by the board of directors. The member who owns the confidential data must be notified within a reasonable time of the investigation’s conclusion, unless only trivial confidential data has been accessed by a single authorized person in a routine investigation.

11. The board of directors of the corporation may access and disclose confidential data to a government agency in cooperation with a lawful investigation to the extent permissible by law, even when not required, when the investigation either (a) involves direct use of the corporation’s services in furtherance of a central element of an illegal activity, or (b) the investigation relates to an actual serious bodily injury or death, or to the reasonable likelihood of such.

12. The board of directors of the corporation may access and disclose confidential data to a government agency when required by a lawful, valid court order or subpoena authorized by a tribunal in a controlling jurisdiction, or when such access or disclosure is otherwise required by a controlling law.

13. Any person encountering confidential data under any circumstance that indicates that a member is either violating corporate policies or using corporate services in furtherance of any illegal activity may notify the board of directors, which may initiate an investigation and disclosure to law enforcement as otherwise permitted in this policy.

14. Whenever confidential data is accessed or disclosed under sections 11 through 13, notice must be given to the extent lawfully permitted to the member within a reasonable time of the conclusion of the investigation as to the nature and extent of such access and disclosure.

15. The board of directors of the corporation may access and disclose confidential data to the extent necessary in a legal action or dispute with a member, or to facilitate the expulsion or other remedy against that member when such disclosure cannot be avoided, such as by voluntary resignation or restitution.

16. No authorized person may access or disclose confidential data for purposes unrelated to their authorized duties, or to an extent greater than reasonably necessary for the authorized purpose. Violations of this section may be punishable by termination of employment or authorized status, expulsion from the cooperative, or removal from the board of directors, as appropriate.

17. The corporation shall seek to impose terms in all relevant contracts to enforce the provisions of this policy.

18. Nothing in the terms of this policy shall be construed to prevent anyone from disclosing confidential data to a goverment agency to the extent necessary when the board has been notified and has failed to act when required by law.

DraftPrivacyPolicy (last edited 2008-07-07 04:28:17 by localhost)