W3C home > Mailing lists > Public > public-privacy@w3.org > July to September 2010

Re: Draft: Privacy Workshop Report

From: Thomas Roessler <tlr@w3.org>
Date: Fri, 13 Aug 2010 12:10:18 +0200
Cc: Thomas Roessler <tlr@w3.org>, Sören Preibusch <Soeren.Preibusch@cl.cam.ac.uk>, 'Robin Berjon' <robin@berjon.com>, public-privacy@w3.org
Message-Id: <F88474AD-EFA1-492E-8A97-6692DFB024F2@w3.org>
To: David Singer <singer@apple.com>
On 12 Aug 2010, at 18:22, David Singer wrote:

> I think perhaps we also made the point that the icons 'rest' on the presumption that they highlight 'unusual' departures from 'normal' (since an icon that always appears, or never appears, doesn't convey much).

I've added some text on that:

"There was substantive feed-back and discussion about the proposal’s specific aspects. While the privacy icons approach rests on the assumption that “unusual” departures from “normal” practices are highlighted, workshop participants noted that many of the “privacy-unfriendly” practices identified in the proposal were, in fact, almost universally used by e-commerce sites."

> The icons seemed to be a third step on the road:
> a) define nomenclature, background terms, and so on, so privacy policy write-ups can avoid repeating 'what is a cookie' and so on, every time (and use common terms)
> b) define some baseline policy-fragments, so that privacy policies can say (for example) 'with respect to third-parties, we use the W3C Generous-Disclosure framework' 
> c) then, the icons kick in 'for data retention, we retain longer than the W3C Minimum Retention framework' (and hence we get an advisory icon displayed)
> Did this get captured?

I added some text:

"Participants also noted that standardizing both privacy icons and privacy rulesets would require several agreements: (a) a definition of nomenclature and background terms, and (b) a specific set of privacy properties that matter to users, and are acceptable to service providers. It was pointed out that P3P attempted to cover both of these areas, but suffered from the complexity that ensued."

> On Aug 12, 2010, at 5:14 , Sören Preibusch wrote:
>> We seemed to have some consensus that, for instance, the use of operating
>> system-wide symbols to indicate that geo-location is active is preferable to
>> having each application (browser, ...) use their own iconography.

That was actually one of Marcos' points.  I've added this to the summary of Marcos' presentation:

"The study found implementations and their iconography to be largely inconsistent. Further guidance on user interface design may be a useful work item for best practices work. During discussion, participants brought up the value of consistent iconography across different implementations."

>> I would agree there is a chance for icons failing for the same reasons that
>> P3P failed and I think there were more people nodding their heads re this
>> statement.
>> Sören
>> -----Original Message-----
>> • I'm not sure what "and that, privacy controls should be kept as close to
>> the mobile device as possible" intends to capture.
>> • Deirdre's remark that the icons would fail for the same reason as P3P did
>> was, I thought, somewhat tempered in the discussion that followed the
>> presentations.
> David Singer
> Multimedia and Software Standards, Apple Inc.
Received on Friday, 13 August 2010 10:10:24 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:23:51 UTC