- From: Lukasz Olejnik (W3C) <lukasz.w3c@gmail.com>
- Date: Wed, 3 Oct 2018 12:00:03 +0200
- To: Jason Novak <jnovak@apple.com>
- Cc: Nick Doty <npdoty@ischool.berkeley.edu>, public-2018-permissions-ws@w3.org
- Message-ID: <CAC1M5qpMuym-BnB3hutNAWxmwEAE5J73pXDL_A93xQc8B9XXjg@mail.gmail.com>
Hi, The TAG questionnaire (including with my update) has something similar. That said, it is not strictly a privacy question, so including it explicitly muddles this focus. śr., 3 paź 2018 o 09:35 Jason A. Novak <jnovak@apple.com> napisał(a): > One element of the conversation at the permissions workshop was, roughly > ‘Just because we can add a feature to the web platform, should we, > particularly if it needs to be gated on a permission? Does the benefit > outweigh the risk / annoyance to the user / cognitive load?”. While the > exact words would need to be refined, I think that there’s a good question > there that is worth considering adding to the PING questionnaire; I have a > variant of it in discussion with some folks in PING now. > > On Oct 3, 2018, at 12:23 AM, Lukasz Olejnik (W3C) <lukasz.w3c@gmail.com> > wrote: > > > > wt., 2 paź 2018 o 23:53 Nick Doty <npdoty@ischool.berkeley.edu> > napisał(a): > >> Hi Lukasz, >> >> On Oct 2, 2018, at 12:06 AM, Lukasz Olejnik (W3C) <lukasz.w3c@gmail.com> >> wrote: >> >> One question: who is to ultimately decide/etc as to whether a permission >> is justified and/or makes sense? Consensus? Permissions WG? TAG? A >> dedicated 'elders of permissions' group? >> >> >> I wasn't envisioning any new enforcement/decision-making mechanisms with >> this guide. If there is general agreement on these questions or this >> approach, then I think it could come up during TAG review, or PING (Privacy >> Interest Group) review, or better yet, be considered by >> implementers/feature designers before getting to those review stages. >> > > That's what I think, PING+TAG may be enough. But again, implementors > should be included as well (and the major ones are currently, at least in > the TAG). > > >> >> That being said, there was the suggestion at this meeting that other >> stakeholders could play a role. For example, civil society groups like >> Consumer Reports might evaluate browsers or web sites in how they handle >> permissions and having a common rubric might make those evaluations viable >> or more effective. Or researchers can keep track of where the system is >> falling short. >> > > ...but on the other hand, PING+TAG would be a bit confined, so not clear > how to meaningfully manage 'engagement'. Thinking of it, such edge-cases > might be rare. But if there many be any, I would not feel comfortable not > thinking of this in advance. Alternatively, to simplify: designate a task > force composed out of TAG/PING members, so people know where to "call" (but > then - how to actually contact is a separate issue). > > I think we should not exclude the possible evolution on the permissions > front (both their meaning, potential expansion, and so). > > Kind regards > Lukasz > > >> >
Received on Wednesday, 3 October 2018 10:00:21 UTC