Re: wording for the privacy section from Alissa Cooper on 2008-11-04 (public-geolocation@w3.org from November 2008)

From: Alissa Cooper <acooper@cdt.org>
Date: Tue, 4 Nov 2008 15:49:50 -0500
To: Andrei Popescu <andreip@google.com>
Cc: public-geolocation <public-geolocation@w3.org>
Message-Id: <77B1AB8E-3E38-4A28-805C-9EB24126AABE@cdt.org>

On Nov 4, 2008, at 9:33 AM, Andrei Popescu wrote:
> Right, but I thought you were talking about a privacy protection
> mechanism that was actually going to help against malicious Web sites.
> It seems this is not the case?

I think the disconnect here is in your conception of "malicious"  
sites. Truly malicious sites are going to do whatever they want no  
matter how you write the API. It doesn't matter if they receive  
privacy rules, or if they make claims in a privacy policy. They will  
abuse the location information they receive, and they will find ways  
to obtain information they shouldn't have. In my opinion, malicious  
sites are not the issue here.

Rather, privacy rules would force the broad swath of non-malicious web  
developers out there to confront and grapple with privacy. As John  
said in an earlier email [1],

"The browser makers will of course not be able to force downstream  
developers to in fact play nice on privacy, but if the user's  
'expectation of privacy' is made clear to the downstream developer,  
then the developer's local law may will force them to honor those  
expectations."

The point is to make developers who would otherwise ignore privacy  
(without malicious intent) to think about it.

> So the only sites that will
> observe these rules are the well-behaved ones, which probably don't
> need these rules anyway. Or is there something that I am still
> missing?

Frankly, I would be astounded if even the small number of sites that  
already obtain location information using the existing version of this  
API (1) delete location data after some amount of time less than many  
years, and (2) commit to not sharing location information with others.  
This doesn't mean that they're "malicious," it just means that they've  
given about as little thought to privacy as is the norm. Privacy rules  
that show up tied to location information could give them an easy way  
to be better, or at the very least might prompt them to think about  
being better.

Alissa

[1] http://lists.w3.org/Archives/Public/public-geolocation/2008Oct/0085.html

Received on Tuesday, 4 November 2008 20:50:30 UTC