W3C home > Mailing lists > Public > public-geolocation@w3.org > May 2009

Re: Additional security and privacy considerations?

From: Rigo Wenning <rigo@w3.org>
Date: Tue, 19 May 2009 00:39:17 +0200
To: Lars Erik Bolstad <lbolstad@opera.com>
Cc: Thomas Roessler <tlr@w3.org>, Doug Turner <doug.turner@gmail.com>, public-geolocation@w3.org
Message-Id: <200905190039.19995.rigo@w3.org>
Dear Lars Erik, 

a "must" on 1/ mainly gets you out of the troubled waters of European 
data protection at low cost. For me 2/ is a special explanatory 
subgroup of 1/ 

All this can be derived from the requirement to have the user's 
consent when acquiring location data as required by two EU Directives 
and subsequent transposed national law. As there is always new data 
sent over, the legal requirements are not met with a one time 
permission for data disclosure for an unforeseeable future.  

So Thomas' suggestions are rather straightforward requirements, that I 
think, will prevent subsequent troubles of implementers of the API 
Specification in the social arena and spare Participants and 
Implementers a lot of trouble with data protection officials. This is 
a real monetary advantage that has to be seen against the  
implementation cost.


Rigo Wenning
(as Privacy Activity Lead)

On Monday 18 May 2009, Lars Erik Bolstad wrote:
> > 1. User agents must inform the user when Web applications acquire
> > location information based on a consent granted previously.
> >
> >   Example: A user agent shows a specific icon in the status bar
> > when the web application that the user currently interacts with
> > has acquired location information.
> >
> > 2. When location information is passed to a web application, a
> > user interface for revoking the relevant permissions must be
> > easily and obviously available.
> >
> >   Example: By clicking on a status bar indicator for location
> > information, the user gets access to a dialogue that permits
> > revocation of the location authorization.
> >
> > 3. User agents should limit the scope of authorizations in time
> > by asking for re-authorization in certain intervals.  As a
> > general guideline, authorizations related to location information
> > should not be considered valid for more than one week. Often, a
> > shorter time will be appropriate.
> >
> > </add>
> Thomas,
> I think these are very good proposals for privacy protection on the
> UI level.
> I personally think we should leave out specific examples of how
> this could be implemented in user agents, that should be left to
> the creativity of the implementors.
> I also agree with hixie that the "must"s in the first two
> requirements should be "should"s.

Received on Monday, 18 May 2009 22:40:02 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:33:53 UTC