W3C home > Mailing lists > Public > public-geolocation@w3.org > June 2008

Re: Privacy in the Geolocation Spec

From: Ian Hickson <ian@hixie.ch>
Date: Tue, 24 Jun 2008 22:10:07 +0000 (UTC)
To: Alec Berntson <alecb@windows.microsoft.com>
Cc: "public-geolocation@w3c.org" <public-geolocation@w3c.org>, Andrei Popescu <andreip@google.com>, public-geolocation@w3.org
Message-ID: <Pine.LNX.4.62.0806242206080.13974@hixie.dreamhostps.com>

On Tue, 24 Jun 2008, Alec Berntson wrote:
>
> I'd like to see some requirements around privacy. I agree that the W3C 
> spec should not define the UI constraints for privacy, however I think 
> the following guidelines should be present
> 
> 
> * The Geolocation API must not allow an application access to location 
> data without user permission
> 
> * The Geolocation API must allow the user to disable access to location 
> data at any point

I would be fine with these being SHOULDs, but if we make them MUSTs then 
we are saying that, e.g., a semi automated Web browser that uses crowd 
movements in Times Square to decide what page to navigate to would have to 
have some sort of special button somewhere to control the Geolocation API, 
which seems somewhat silly.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
Received on Tuesday, 24 June 2008 22:10:44 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 22 March 2012 18:13:39 GMT