Possible upcoming Privacy reviews related to Device API (DAP) from Frederick.Hirsch@nokia.com on 2012-12-06 (public-privacy@w3.org from October to December 2012)

From: <Frederick.Hirsch@nokia.com>
Date: Thu, 6 Dec 2012 15:33:18 +0000
To: <public-privacy@w3.org>
CC: <runnegar@isoc.org>, <Frederick.Hirsch@nokia.com>, <dom@w3.org>
Message-ID: <1CB2E0B458B211478C85E11A404A2B270185054B@008-AM1MPN1-033.mgdnok.nokia.com>
For agenda item 6, "Upcoming privacy reviews - Others"

All DAP specifications are linked from the DAP home page roadmap which also includes their status: http://www.w3.org/2009/dap/#roadmap

In DAP the  specifications seem to fall into different categories

1. Under early development, clarifying use cases and functionality

Premature to request review, though WG does consider privacy. e.g. Network Information

2. Extremely simple specifications with no obvious privacy concerns 

Battery (CR), VIbration (CR), Proximity (LC), Ambient Light (soon LC)

Fingerprinting applies universally perhaps to any API due to its existence, but does not require specific statement in specification itself.

3. HTML Media Capture

Under revision after LC review, expect to publish updated WD, may request review.

4. Discovery and Web Intents

Topic discussed at F2F, additional revisions planned in WG.

regards, Frederick

Frederick Hirsch, Nokia
Chair, W3C DAP Working Group





On Dec 6, 2012, at 10:12 AM, Hirsch Frederick (Nokia-CIC/Boston) wrote:

> Here is information related to agenda items referring to the Devices API (DAP) working group.
> 
> (1) Agenda item 3, Report out from the TPAC DAP WG meeting and privacy (Frederick/Rigo/Christine)
> 
> The DAP minutes for the session are available here: http://www.w3.org/2009/dap/materials/minutes-2012-11-02.html#item01
> 
> I also have some informal chair's notes as well (item 7): http://lists.w3.org/Archives/Public/public-device-apis/2012Nov/0105.html
> 
> Summary report:
> 
> Members of the W3C privacy interest group (PING) joined DAP to review privacy concerns using the Pick Contacts Web Intents specification to provide concrete context. (Joined by Christine Runnegar, Rigo and Nick).
> 
> Rigo clarified that even though the WG may not make normative conformance requirements for some privacy related items, documenting a SHOULD in an informative section has value as it provides a linkage to the legal system (e.g. this allows the question as to why it was not done given that the issue was documented).
> 
> General note that there is a data protection requirement for the transfer of user data outside the user sphere, so documents should indicate need for confidentiality in data transfers (but should not mandate SSL as there may be other other mechanisms used).
> 
> WG clarified case for debugging information and Rigo noted that this is indeed acceptable even in a production system as long as the use is limited.
> 
> Please take a  look at the following:
> 
> "Web Application Privacy Best Practices" W3C WG Note:   http://www.w3.org/TR/2012/NOTE-app-privacy-bp-20120703/
> 
> "Device API Privacy Requirements" W3C WG Note: http://www.w3.org/TR/2010/NOTE-dap-privacy-reqs-20100629/
> 
> Agreement to continue discussions on PING calls as needed.
> 
> (2) Agenda item 6, Proximity API 
> 
> The Last Call of the Device APIs (DAP) Proximity API was published today and is located at http://www.w3.org/TR/2012/WD-proximity-20121206/
> 
> An example use case is  to detect when the phone is near a person's face (e.g. in a call) to avoid inadvertent touch events. The specification provides two  event mechanisms, one to indicate whether or not something is close and the other to provide implementation dependent distance information.  It appears that there  are no privacy considerations to note in the specification but feedback would be appreciated.
> 
> regards, Frederick
> 
> Frederick Hirsch, Nokia
> Chair, W3C DAP Working Group
> 
> 
> 
> 
> 
> On Dec 5, 2012, at 1:58 AM, ext Christine Runnegar wrote:
> 
>> Hello all.
>> 
>> A friendly reminder that our next call will take place on Thursday:
>> 
>> 6 December 2012 at 9am PT, 12pm ET, 16 UTC, 6pm CET
>> 
>> http://www.timeanddate.com/worldclock/fixedtime.html?iso=20121218T18&p1=1426
>> 
>> Call details and agenda appear below. 
>> 
>> We have lots to cover, so we will need to be very efficient.
>> 
>> Please volunteer to scribe!
>> 
>> Agenda:
>> 
>> 1. Welcome and introductions.
>> 2. Report out from the TPAC breakout session: Is fingerprinting a lost cause? and skeleton draft (Nick)
>> 3. Report out from the TPAC DAP WG meeting and privacy (Frederick/Rigo/Christine)
>> 4. Report out from the Do Not Track and Beyond workshop (Brad/Nick)
>> 5. Update regarding CSP privacy issues (Trent)
>> 6. Upcoming privacy reviews: 
>> - Proximity API (Frederick)
>> - others?
>> 7. Privacy considerations (Nick/Frank)
>> 8. AOB
>> 
>> Call details:
>> 
>> Zakim Bridge +1.617.761.6200, conference 7464 ("PING")
>> SIP/VOIP details available here: http://www.w3.org/2006/tools/wiki/Zakim-SIP
>> 
>> Please also join us on IRC in the #privacy room.
>> Server: irc.w3.org
>> Username: <your name>
>> Port: 6665 N.B.: not the default IRC port!
>> Channel: #privacy
>> 
>> Christine and Tara
>
Received on Thursday, 6 December 2012 15:33:50 UTC