Re: Intended usage notification from Doug Turner on 2009-03-26 (public-geolocation@w3.org from March 2009)

From: Doug Turner <doug.turner@gmail.com>
Date: Thu, 26 Mar 2009 14:17:58 -0700
To: "Thomson, Martin" <Martin.Thomson@andrew.com>
Cc: "Greg Bolsinga" <bolsinga@apple.com>, <public-geolocation@w3.org>
Message-Id: <FB1A4114-5ADF-4524-81FF-6DBDA7E2D165@gmail.com>
Hi Martin,

I like the idea, but it just will not work.  Your suggestion, because  
it is non-binding and because it will probably just be really general  
("maps.example.com needs to know your location in order to work"),  
will still require the user to click-through-to-learn.

Doug

On Mar 26, 2009, at 2:00 PM, Thomson, Martin wrote:

> This is not intended to be binding, so liars will be free to do that.
>
> This establishes a common expectation from users.  If offers a  
> standard way to get a message about why the notification exists in  
> front of a user.  Otherwise, we have the case where users learn to  
> click through with no consideration for their privacy - the warning  
> is effectively made irrelevant.
>
> --Martin
>
>> -----Original Message-----
>> From: Greg Bolsinga [mailto:bolsinga@apple.com]
>> Sent: Thursday, 26 March 2009 1:53 PM
>> To: Doug Turner
>> Cc: Thomson, Martin; public-geolocation@w3.org
>> Subject: Re: Intended usage notification
>>
>> Doug++
>>
>> On Mar 26, 2009, at 1:47 PM, Doug Turner wrote:
>>
>>>
>>> Hi Martin,
>>>
>>> Bad sites will lie, a few will probably do the "right" thing, and
>>> everyone else will just be confused.  Can't sites just use existing
>>> APIs to keep the user informed of what they are trying to do?
>>>
>>> Doug
>>>
>>> On Mar 26, 2009, at 1:39 PM, Thomson, Martin wrote:
>>>
>>>> I'd like to suggest a change that would require specification.  It
>>>> just occurred to me that the notification mechanism is lacking.
>>>>
>>>> Currently, when a site (or page) acquires location information, the
>>>> typical user interface explains that the site wants location and
>>>> offers the user an option: yes/no.  This notification does not
>>>> provide sufficient additional information for the user to make an
>>>> informed decision.
>>>>
>>>> I have no concrete suggestion, so consider this as requirements
>>>> input.  Maybe this can be entered as an issue.
>>>>
>>>> When asked, the user needs to rely on information from the site to
>>>> make this decision, information that might only be available from a
>>>> linked privacy policy, or from the context of the page, or
>>>> something else.
>>>>
>>>> If the site were able to provide a small snippet of information
>>>> that could be provided by the browser alongside its prompt:
>>>>
>>>> The site http://example.com/ wants to use this information for the
>>>> following purpose:
>>>> "We need your location so that we can find services near you."
>>>> or    "Your wife thinks that you are cheating her, we're tracking
>>>> you at her request."
>>>> or    "We are tracking your whereabouts because we think you are a
>>>> drug dealer."
>>>> Allow this request: [ yes ] [ no ].  [x] Remember this choice.
>>>>
>>>> Maybe this could also allow a link to the site privacy policy as it
>>>> applies to location.
>>>>
>>>> A second notification would be required if the description of the
>>>> usage changes at all.  This would allow sites to partition their
>>>> usage and would allow UAs to restrict usage to those that are
>>>> important to it.
>>>>
>>>> In anticipation of the expected response to this - I don't expect
>>>> that multiple notifications will be common - such a thing would
>>>> badly damage user experience.
>>>>
>>>> Such a thing would be quite useful to establish user expectations.
>>>> This could help with the privacy story.
>>>>
>>>> Cheers,
>>>> Martin
>>>>
>>>> --------------------------------------------------------------------
>> ----------------------------
>>>> This message is for the designated recipient only and may
>>>> contain privileged, proprietary, or otherwise private information.
>>>> If you have received it in error, please notify the sender
>>>> immediately and delete the original.  Any unauthorized use of
>>>> this email is prohibited.
>>>> --------------------------------------------------------------------
>> ----------------------------
>>>> [mf2]
>>>
>>>
>>
>
> ------------------------------------------------------------------------------------------------
> This message is for the designated recipient only and may
> contain privileged, proprietary, or otherwise private information.
> If you have received it in error, please notify the sender
> immediately and delete the original.  Any unauthorized use of
> this email is prohibited.
> ------------------------------------------------------------------------------------------------
> [mf2]
Received on Thursday, 26 March 2009 22:08:45 UTC