Network Privacy Notice
The Basics
Not all privacy risks apply to all users and deployments. Some users, such as those accessing web apps only, experience minimal privacy risks.
- If you received equipment to use as your internet gateway (“default route”), your internet connections pass through “Covered Infrastructure/CPE” managed by CCA.
- As with any third party managed solution, you need to be aware of the privacy risks and how they are handled.
- No networking solution can guarantee absolute security or privacy.
Important Disclosures
- The networking environment you use contains components that are considered research/experimental/training/beta environments and may have routine and exigent third party access grants.
- In general, it is impossible to guarantee absolute privacy or security.
- All networks, including this one, are subject to unauthorized access and data compromise (so-called “hacking”).
Covered Infrastructure/CPE
Your connection to the internet and other resources may include the use of:
- Firewall/routers
- Access and core switches
- Wireless access points
- Bridges/modems
- Diagnostic and monitoring equipment/software
- Servers/software
- Cameras/environmental sensors/access control/alarms
Potential Privacy Risks
- During the normal operation of the network certain logs about your activity may be stored and maintained.
- Third parties may be able to access logs.
- An improperly configured network may result in unauthorized access to certain control-related data and systems.
- As Generative AI is implemented into network technologies, it is impossible to fully know how this network’s data will be used to train the model.
Example Potential Risks
- The domain names of the websites you access are stored and viewable by others.
- The names of applications you access are highlighted in a “large bandwidth utilization” report viewable by others.
- Software designed to analyze logs can determine when you are home based upon your network traffic.
- All infrastructure is subject to compromise and unauthorized data access – no system, including this one, is fully 100% secure or private.
Sensitive Location Information
In general, your real-time and/or historical location is considered sensitive and special risks are associated with this data. These risks are caused by:
- Cameras/environmental sensors/access control/alarms that can determine your location.
For example, a camera outside can see when you enter/leave your home and interior environmental/alarm sensors can tell how long you spend in each room.
Privacy Effects
Information about your network activity may be stored and accessed.
When you access hosted applications that are a part of the infrastructure, information is logged about your session and device, including future sessions that use the same or subsequent session tokens.
There is a lesser expectation of privacy when accessing hosted applications or resources.
How your privacy is protected
Reasonable measures are taken to protect your privacy, including:
- Requiring strong, phishing resistant multifactor authentication
- Strong technical and risk management qualification required to hold “Public Trust Status” to view and modify other users’ data
- Comprehensive logging to aid in the identification and remediation of data compromise situations
- Third parties with access are expected to act in good faith
- Network technologies solely designed to identify specific user behaviors are not implemented