- From: Chaals McCathie Nevile <chaals@yandex-team.ru>
- Date: Sat, 27 Feb 2016 13:10:58 +0100
- To: "Frederick Hirsch" <w3c@fjhirsch.com>, "Lukasz Olejnik (W3C)" <lukasz.w3c@gmail.com>
- Cc: "W3C Device APIs WG" <public-device-apis@w3.org>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
On Sat, 27 Feb 2016 11:31:42 +0100, Lukasz Olejnik (W3C) <lukasz.w3c@gmail.com> wrote: > 2016-02-26 1:34 GMT+01:00 Frederick Hirsch <w3c@fjhirsch.com>: > >> I attended the Privacy Interest Group (PING) call today [1] where we >> discussed privacy aspects of the Vibration API [2]. >> Note, this threat may also be applicable to Ambient Light > This is already accounted by my larger PDF that I am making public soon > (it's already being "reviewed" ;) ). (I'd love to read that) > But basically, it's as already largely stated in the current > considerations > - that Vibration API provides input that can be read by other sensor(s). Right. > 6. Applications might want to give indications when vibration is in use. > > Definitely, there SHOULD be an option to indicate it... I don't think that's right. There is an indication that vibration is in use: the device is *moving*. So there are a couple of more interesting things: When a foregrounded page has permission for vibration, there should be an indicator. The same applies to a backgrounded page - I think something like the audio playing thing that browsers have started doing would be useful. Indeed, it would copy a familiar iconic paradigm from the world of phones which have had vibrators for more than two decades (and therefore is unlikely to have any IPR issues outstanding). There are plenty of use cases for a backgrounded page having vibrate permission - the simple one being the same as the phone, that it is less obtrusive as a way of requesting attention, and works without actually seeing the device. And finally, of course it is important that all such notifications or status indicators are actually *accessible* - have sufficient contrast, are announced to screen readers / magnifiers, etc. While this is something that browsers should be doing, rather than technically part of the spec, it is worth noting that in the privacy considerations and mitigations, and tracking whether we have acieved the goal. A spec that provides theoretical accessibility but is implemented consistently in a way that discriminates against users with disabilities really isn't good enough. cheers Chaals -- Charles McCathie Nevile - web standards - CTO Office, Yandex chaals@yandex-team.ru - - - Find more at http://yandex.com
Received on Saturday, 27 February 2016 12:11:43 UTC