Privacy Policy

NetSage Network Data Privacy Policy
October 1, 2020

I. Introduction

NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to address the needs of today's research and education networks and archives. Modern science is increasingly data-driven and collaborative in nature, producing petabytes of data that can be shared by tens to thousands of scientists all over the world. NetSage is a partnership between Indiana University, University of California Davis, Lawrence Berkeley National Laboratory, and University of Hawaii Mānoa, and is funded by the US National Science Foundation (#1540933)

NetSage was originally funded by the NSF’s international networks program to better understand the use of the funded backbone networks and exchange points. In much the same way as other large-scale NSF facilities track their end users, NetSage was created to understand the use of the networks. The XSEDE (https://www.xsede.org/) high performance computing platform tracks end users by institution, science domain, and project, as does the Open Science Grid computing consortium (https://www.opensciencegrid.org/). NCAR/UCAR (https://library.ucar.edu/) track the use of their data resources in similar ways.

The primary interest of the NetSage project is to understand and visualize large data flows associated with research, education, and science projects. The data that is collected from the Partner Hosting Sites, generally operators of regional networks. The data is de-identified and used to understand the data transfer behaviors for large flows shared between research and education institutions. 

 

NetSage’s data privacy policy strives to balance the privacy interests of users whose data transits the networks that NetSage monitors, the operational needs of the Partner Hosting Sites, and the need to demonstrate the broader benefit of the resources to their owners, operators, and funders. We are committed to protecting privacy and informing interested parties about our policies and practices.

II. Scope of this Policy

This policy identifies:

  • The information NetSage collects about data transferred by its infrastructure;

  • The ways in which this information may be used and disclosed to third parties; and

  • The security measures adopted to prevent unauthorized access to this information. 

III. What Information Is Collected?

NetSage captures and collects active networking data (for example, latency and throughput from a tool such as perfSONAR) and passive network metadata (for example, SNMP and flow data). This data may consist of packet headers in addition to performance data, but will never contain payload data from flows. Data sets are de-identified before being stored.  Partner Hosting Site participants may choose to release additional data unrelated to NetSage, however that data is not part of this policy.

IV. Disclosure of Data

NetSage is the steward of all the network data it collects. NetSage, at the direction of the NetSage Director, may share network data under the following circumstances:

  1. NetSage plans to make summaries of de-identified Partner Hosting Site network traffic data public on the NetSage portal (for example, http://portal.netsage.global for the NSF-funded international networks).

  2. Upon request, Hosting Site Owners can have access to the full, de-identified data sets for their site.

 

Archived data is not shared with third parties unless the Hosting Site Owner requests it.

V. How Data Is Collected, Retained, and Protected

All de-identified network data is managed under the control of NetSage project members authorized by the NetSage Director.

 

NetSage takes appropriate steps to protect collected network data from unauthorized access or disclosure.  Additionally, NetSage employs industry standard security measures to protect against the disclosure, loss, misuse, and alteration of the information under our control.

VI. Notice for Updates and Changes to Policy

This document is derived from ESnet’s privacy policy (available at https://www.es.net/about/governance/data-privacy-policy/ ), which itself is derived from the Internet2’s policy on privacy of network flow data (available at http://www.internet2.edu/policies/network-flow-data-privacy-policy/ ). NetSage reserves the right to update this privacy policy at any time to reflect changes in the manner in which it deals with traffic, whether to comply with applicable regulations and self-regulatory standards, or otherwise. The Privacy Policy posted online at https://www.netsage.global/netsage-privacy-policy will always be current. We encourage you to review this statement regularly.

VII. Who to Contact if You Have Questions

If you have any questions about this privacy policy, please contact Dr. Jennifer M. Schopf, the Director of the NetSage project, at jmschopf@iu.edu.

VIII. Glossary

Networking data: Active — Network data collected using tools such as perfSONAR

 

Networking data: Passive — Network traffic data, such as netflow or sFlow data, or data collected using passive monitoring tools such as Tstat

 

Partner Hosting Site — For the NSF-funded international networks, Partner Hosting Sites (and their Owners) include AmLight (Ibarra), TransPAC4 (Schopf), PIREN (Lassner), StarLight (Mambretti), AmPATH (Ibarra), and the PacificWave Exchange (Fox).

 

Partner Hosting Site Owners — Verified contact points for the Partner Hosting Sites

IX. Relevant Links

The NetSage Privacy Policy is available at: http://www.netsage.global/home/netsage-privacy-policy

© NETSAGE 2019