8. Privacy Considerations
Several of the new properties or parameters defined by this specification allow reference to "external" URIs. Access to those URIs could be tracked, leading to loss of privacy. Clients SHOULD ensure that suitable permission is granted by calendar users before such URIs are dereferenced. In particular, calendar publishers wishing to help protect the privacy of their subscribers MUST use HTTP with Transport Layer Security [RFC7230] ("https:" URIs instead of "http:" URIs) for access to calendar data or ancillary data such as images.
In general, for their own privacy protection, users have to rely on the privacy policies of any conferencing system being accessed via the "CONFERENCE" property. It is entirely possible for such systems to uniquely identify and log the activity and participation (or lack thereof) of calendar users in the conference. Calendar user agents SHOULD track which conferencing systems are used and warn users the first time a new one is about to be used. This is particularly important if the client automatically "dials in" to the conference when the event start time occurs.
By giving different calendar users different values for the "REFRESH- INTERVAL" property, it is possible for a publisher of calendar data to uniquely identify each refresh from each calendar users' clients and thereby track user activity and IP address over time. To address this, clients SHOULD add or subtract some random amount of time from the published "REFRESH-INTERVAL" value when doing actual refreshes.
This specification changes the recommendations on how "UID" property values are constructed to minimize leaking any information that might be privacy sensitive.
Privacy considerations in [RFC5545] and [RFC5546] MUST also be adhered to.
This document was automatically converted to XHTML using an RFC to HTML converter with the original text document at the Internet Engineering Task Force web site at ietf.org . The original text document should be referred to if there are any errors or discrepancies found in this document.
Need to test your iCalendar feeds? The iCalendar Validator provides developers and testers a method to validate their iCalendar feeds, which can take data from either a URL, file or text snippet and compare it against the RFC 5545 specification. We believe we have one of the best iCalendar validation tools available on the internet. More information about the validator can be found here.