Re: 答复: comments of Network Information API from Niklas Widell on 2012-03-30 (public-device-apis@w3.org from March 2012)

From: Niklas Widell <niklas.widell@ericsson.com>
Date: Fri, 30 Mar 2012 13:01:36 +0200
To: "SULLIVAN, BRYAN L" <bs3131@att.com>, Mounir Lamouri <mounir@lamouri.fr>, Public-Device-Apis <public-device-apis@w3.org>
Message-ID: <CB9B5D92.5A0F%niklas.widell@ericsson.com>

Yes, but definitely to different degrees. I think "Joe the average user"
might understand that geoloc is something that might be sensitive, while
for e.g. Taking informed decision on exposing network type probably would
confuse even "Jane the advanced and knowledgeable user". In fact that is
probably the biggest issue with prompting that it cannot express degrees
of risk. 

Best regards
Niklas

On 2012-03-29 08:53, "SULLIVAN, BRYAN L" <bs3131@att.com> wrote:

>Couldn't that be said for almost any action in which the user is expected
>to give their (presumably) informed consent? How is this different from
>GeoLoc or even the interaction with button/input elements etc which bring
>up file requesters, etc? Won't users that just blow through their
>browsing choices always subject themselves to risky outcomes, regardless
>of the API/markup context that prompted a dialog?
>
>I believe that most fingerprinting occurs anyway without any user
>interaction or awareness, and unless we are to strip the Web of any
>richness or APIs (want to go back to Lynx, anyone?), fingerprinting will
>always be an issue, but one that is driven also by user choice - that of
>which sites they visit.
>
>Thanks,
>Bryan Sullivan
>
>-----Original Message-----
>From: Niklas Widell [mailto:niklas.widell@ericsson.com]
>Sent: Wednesday, March 28, 2012 11:43 PM
>To: SULLIVAN, BRYAN L; Mounir Lamouri; Public-Device-Apis
>Subject: Re: 答复: comments of Network Information API
>
>I think the prompt would only give a false sense of security, a typical
>would user would not understand the fingerprinting issue and would just
>click ok ("who could do something bad with info about my connectivity?").
>
>Best regards,
>Niklas Widell
>
>On 2012-03-29 07:38, "SULLIVAN, BRYAN L" <bs3131@att.com> wrote:
>
>>I would support a requirement to obtain user permission to access this
>>API, if we were able to get the type attribute back, and get beyond these
>>privacy concerns.
>>
>>Thanks,
>>Bryan Sullivan
>>
>

Received on Friday, 30 March 2012 11:01:58 UTC