Fwd: Re: Wide Review of MediaStream Image Capture API, Media Capture from DOM Elements API and MediaStream Recording API from Stefan Håkansson LK on 2018-02-16 (public-media-capture@w3.org from February 2018)

From: Stefan Håkansson LK <stefan.lk.hakansson@ericsson.com>
Date: Fri, 16 Feb 2018 13:12:56 +0000
To: "public-media-capture@w3.org" <public-media-capture@w3.org>
CC: Nick Doty <npdoty@ischool.berkeley.edu>
Message-ID: <HE1PR07MB3418FB9B9666B1F8924299FBC9CB0@HE1PR07MB3418.eurprd07.prod.outlook.com>

I just noted that this mail never made it to this list.

-------- Forwarded Message --------
Subject: Re: Wide Review of MediaStream Image Capture API, Media Capture 
from DOM  Elements API and MediaStream Recording API
Date: Wed, 17 Jan 2018 16:10:45 -0800
From: Nick Doty <npdoty@ischool.berkeley.edu>
To: Stefan Håkansson LK <stefan.lk.hakansson@ericsson.com>, 
webrtc-chairs@w3.org <webrtc-chairs@w3.org>
CC: public-mediacapture@w3.org, public-privacy (W3C mailing list) 
<public-privacy@w3.org>

The Privacy Interest Group discussed these documents on a recent call, 
and had some questions about the privacy and security considerations.

In particular, the three documents proposed for Candidate Recommendation 
status have very different privacy/security considerations sections. 
Would it make sense to align them and review them consistently?

MediaStream Recording has no mention of privacy and no privacy or 
security considerations sections. Issue #122 from last April notes that 
it would be useful to go through the self-review questionnaire as a 
starting point, and we agree.
https://github.com/w3c/mediacapture-record/issues/122 
<https://github.com/w3c/mediacapture-record/issues/122>
We suspect that privacy will be a very germane topic for an API that 
allows for permanent recording of user video data and would be worth 
consideration as part of the wide review process, prior to steps like 
Candidate Recommendation. Current specification and implementation also 
adds an isTypeSupported method which provides drive-by fingerprinting 
surface, not currently constrained by user permissions or interaction. 
The current draft of our Mitigating Browser Fingerprinting guidance may 
be helpful:
https://w3c.github.io/fingerprinting-guidance/ 
<https://w3c.github.io/fingerprinting-guidance/>

MediaStream Image Capture primarily refers to getUserMedia for 
security/privacy considerations. There is at least one mention in the 
spec about a fingerprinting surface mitigation (in using ranges on image 
height and width), but I'm not clear on the particular risk and its 
mitigation. Do the other capabilities and constrainable properties also 
add to fingerprinting surface? Is EXIF data (mentioned in the privacy 
considerations section) specified by this document? Would that also be 
relevant to the MediaStream Recording API?

 From Element has its own developed privacy considerations section, 
particularly focused on origin separation. Is it expected that handling 
origin separation is to be handled by implementors or is there best 
practices or implementation guidelines that will be provided?  If the 
latter, is Feature Policy an applicable solution here?

Cheers,
Nick, for the Privacy Interest Group (PING)

CC Privacy Interest Group; I've tried to capture comments from our last 
call, but others should feel free to chime in with things I've missed or 
to contribute issues on Github as suggested by the WebRTC Working Group.

> On Dec 2, 2017, at 12:22 AM, Stefan Håkansson LK <stefan.lk.hakansson@ericsson.com> wrote:
> 
> Dear Chairs,
> 
> The WebRTC Working Group is working toward publishing the MediaStream
> Image Capture API, the Media Capture from DOM Elements API and the
> MediaStream Recording API as Candidate Recommendations and is therefore
> seeking review from a variety of groups on the documents:
> 
> https://w3c.github.io/mediacapture-image/
> https://w3c.github.io/mediacapture-fromelement/
> https://w3c.github.io/mediacapture-record/
> 
> We have contacted a number of groups with specific request for feedback,
> but also welcome feedback from any other group interested in doing so.
> 
> We would appreciate to receive feedback before January 12, 2018. We hope
> to request transition to Candidate Recommendation early next year for
> all the documents.
> 
> If you have any comments, we prefer that you submit them as Github
> issues to:
> 
> https://github.com/w3c/mediacapture-image/issues
> https://github.com/w3c/mediacapture-fromelement/issues
> https://github.com/w3c/mediacapture-record/issues
> 
> respectively.
> 
> Alternatively, you can send your comments by email to
> public-mediacapture@w3.org.
> 
> Thanks,
> For the WebRTC chairs,
> Stefan Hakansson
> 
>

Received on Friday, 16 February 2018 13:13:24 UTC