W3C home > Mailing lists > Public > public-dap-commits@w3.org > July 2011

2009/dap/privacy-practices Overview.html,1.8,1.9

From: Frederick Hirsch via cvs-syncmail <cvsmail@w3.org>
Date: Wed, 13 Jul 2011 18:05:07 +0000
To: public-dap-commits@w3.org
Message-Id: <E1Qh3o3-0004YR-5n@lionel-hutz.w3.org>
Update of /sources/public/2009/dap/privacy-practices
In directory hutz:/tmp/cvs-serv17493

Modified Files:
	Overview.html 
Log Message:
reworking in consideration of comments from Dom


Index: Overview.html
===================================================================
RCS file: /sources/public/2009/dap/privacy-practices/Overview.html,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -d -r1.8 -r1.9
--- Overview.html	6 Jul 2011 19:24:22 -0000	1.8
+++ Overview.html	13 Jul 2011 18:05:05 -0000	1.9
@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html>
   <head>
-    <title>Device API Privacy Best Practices for Services</title>
+    <title>Privacy Best Practices for Service Providers</title>
     <meta http-equiv='Content-Type' content='text/html;charset=utf-8' />
     <script src='../ReSpec.js/js/respec.js' class='remove'></script>
     <script class='remove'>
@@ -24,8 +24,9 @@
   </head>
   <body>
     <section id='abstract'>
-      This document describes privacy best practices relevant to device
-      APIs for web services.
+      This document describes privacy best practices for service
+      providers, including those that might use device
+      APIs.
     </section> <!-- abstract -->
 
     <section id='sotd'>
@@ -38,28 +39,41 @@
     <section id='introduction'>
       <h2>Introduction</h2>
       <p>
-        This document outlines good privacy practices for implementers
-        of web services that use 
-        device APIs. It is a companion to the privacy principles and
+        This document outlines good privacy practices for service
+        providers, including those that might use
+        device APIs. It does not repeat the privacy principles and
         requirements documented in the Device API Privacy Requirements Note
-        [[DAP-PRIVACY-REQS]].
+        [[DAP-PRIVACY-REQS]] which should also be consulted.
       </p>
     </section>
-    <section id="generalprinciples">
-      <h2>General Principles</h2>
-      <section id="privacybydesign">
+    <section id="privacybydesign">
       <h3>Privacy By Design</h3>
-      <p>Privacy should be a default mode of operation, including the
-      concepts of considering from the beginning of design and
-      implementation, making privacy the default, and reflect other
-      principles of "privacy by design" [[PRIVACY-BY-DESIGN]].</p>
+      <p>
+The principles of "Privacy by Design" should be reflected in the
+service design and implementation, including the use of device APIs.
+These are enumerated below and in more detail in the reference
+[[PRIVACY-BY-DESIGN]].</p> 
             <div class="practice">
                <p><a id="bp-privacy-by-design"></a><span
-               class="practicelab">Consider privacy as part of design</span></p>
+               class="practicelab">Follow "Privacy By Design" principles</span></p>
                <p class="practicedesc">
-                 Consider privacy when designing a service at the very
-                 beginning and the principles outlined in "Privacy by Design". 
+                 Proactively consider privacy, make preservation of
+                 privacy the default, including privacy in a
+                 user-centric and transparent design without making
+                 tradeoffs against privacy for other features as
+                 privacy is possible along with other functionality.
                </p>
+<p>These principles include the following:
+<ol>
+<li>Proactive not Reactive; Preventative not Remedial</li>
+<li>Privacy as the Default Setting</li>
+<li>Privacy Embedded into Design</li>
+<li> Full Functionality — Positive-Sum, not Zero-Sum</li>
+<li>End-to-End Security — Full Lifecycle Protection</li>
+<li>Visibility and Transparency — Keep it Open</li>
+<li>Respect for User Privacy — Keep it User-Centric</li>
+</ol></p>
+
             </div>
       </section>
       <section id="usercentric">
@@ -67,7 +81,7 @@
       <p>Privacy should be user centric.</p>
             <div class="practice">
                <p><a id="bp-user-driven"></a><span
-               class="practicelab">The user should drive decisions
+               class="practicelab">Enable the user to decisions
                that affect their privacy within the context of the service</span></p>
                <p class="practicedesc">
                  The end user should know the privacy implications of
@@ -79,8 +93,8 @@
             </div>
             <div class="practice">
                <p><a id="bp-choices-in-context"></a><span
-               class="practicelab">User decisions should be made in
-               context at the time of an operation requiring a
+               class="practicelab">Enable the user to make decisions in
+               context at the time of an operation requiring the
                decision.</span></p> 
                <p class="practicedesc">
                  User decisions work well when the user  makes the
@@ -113,9 +127,8 @@
             </div>
             <div class="practice">
                <p><a id="bp-sp-choices"></a><span
-               class="practicelab">A service provider should have the
-               opportunity to know a user privacy decision and respond
-               to it.
+               class="practicelab">Attempt to learn  user privacy
+               decisions and  respond to them.
                </span></p> 
                <p class="practicedesc">
                  Knowing the privacy preferences of a user in a given
@@ -128,7 +141,8 @@
             </div>
             <div class="practice">
                <p><a id="bp-usability"></a><span
-               class="practicelab">User centric design requires usability.
+               class="practicelab">Create a service that enables user
+               choices and control by making it usable
                </span></p> 
                <p class="practicedesc">
                  Minimal user interface interaction should be required
@@ -137,31 +151,24 @@
                  [[GEOLOCATION-PRIVACY]].  
                </p>
             </div>
-      </section>
-    </section>
-      <section id="transparency">
-      <h2>Transparency</h2>
-        <p>Services should be clear and transparent to users regarding
-          potential privacy concerns.</p>
             <div class="practice">
                <p><a id="bp-clarity"></a><span
-               class="practicelab">Clarify where collected information
-               is shared, especially when 3rd party services are
-               involved in a "mashup".
+               class="practicelab">Be clear and
+               transparent to users regarding 
+                   potential privacy concerns.
                </span></p>
                <p class="practicedesc">
                  The end user should know if information is being used
                  by the service itself or being shared with a third
-                 party, for example a location provider.
+                 party, especially when 3rd party services are
+               involved in a "mashup".
                </p>
             </div>
-  
-        <p>
-        </p>
             <div class="practice">
                <p><a id="bp-clarify-one-shot-or-repeated"></a><span
-               class="practicelab">Services should be clear as to whether information is
-          needed on a one-time basis or is necessary for a period of time and whether data retention is required.
+               class="practicelab">Be clear as to whether information is
+          needed on a one-time basis or is necessary for a period of
+               time and whether data retention is required. 
                </span></p>
                <p class="practicedesc">
                  The end user should know if how collected information
@@ -169,16 +176,19 @@
                </p>
             </div>
     </section>
+    </section>
     <section id="data-minimization">
-      <h2>Minimizing Data</h2> 
+      <h2>Minimize collection and
+transmission of personal data</h2> 
     <section id="minimization-considerations">
-      <p>Review the data and how it is structured and used, minimizing what is required to provide a service.
+      <p>Review the data and how it is structured and used, minimizing
+      the amount and detail of data required to provide a service.
       </p>
             <div class="practice">
                <p><a id="bp-data-granularity"></a><span
-               class="practicelab">Review the granularity of the data
-               and attempt to provide minimal data at the "natural"
-               granularity.</span></p> 
+               class="practicelab">Request the minimum number of data
+               items at the 
+               minimum level of detail needed to provide a service.</span></p> 
                <p class="practicedesc">
                  As an example, an address book record is not the
                  natural level of granularity as a user may wish to
@@ -192,9 +202,9 @@
             <div class="practice">
                <p><a id="bp-data-retention"></a><span
                class="practicelab">
-               Consider ramifications of data re-use over time, and review what minimum data 
-               needs to be retained, and for how long.
-               Consider potential misuses of the data and
+Retain the minimum amount of data at the minimum level of detail for
+               the minimum amount of time needed.
+               Consider potential misuses of retained data and
                possible countermeasures.
                </span></p> 
                <p class="practicedesc">
@@ -210,6 +220,32 @@
             </div>
     </section>
     </section>
+    <section id="data-confidentiality">
+      <h2>Maintain the confidentiality of personal data</h2> 
+            <div class="practice">
+               <p><a id="bp-use-https"></a><span
+               class="practicelab">
+               Maintain the confidentiality of user data in
+               transmission, for example using HTTPS for
+               transport rather than HTTP.
+               </span></p> 
+               <p class="practicedesc">
+                 Use of HTTPS can provide confidentiality of personal data in
+                 transport when an appropriate cipher suite is
+                 required.  This should be done unless an alternative
+                 means of transport confidentiality is provided. </p> 
+            <div class="practice">
+               <p><a id="bp-secure-storage"></a><span
+               class="practicelab">
+               Maintain the confidentiality of user data in
+               storage.
+               </span></p> 
+               <p class="practicedesc">
+                 Store data in encrypted form or take other means to protect
+                 confidentiality of data in storage, even in the event
+                 of a security 
+                 breakin of the server.
+               </p> 
   </body>
 </html>
 
Received on Wednesday, 13 July 2011 18:05:08 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 13 July 2011 18:05:09 GMT