W3C home > Mailing lists > Public > public-privacy@w3.org > January to March 2013

PING - informal chairs' summary for 24 January

From: Tara Whalen <tjwhalen@gmail.com>
Date: Thu, 21 Feb 2013 15:34:54 -0500
Message-ID: <CA+T70AjUK-ebQh0fnwez+Jz4aVuJ=TK=y9cNE5opZi7G3iMnmg@mail.gmail.com>
To: public-privacy@w3.org
Hi all.
Here is the informal chairs' summary for 24 January 2013.
Hearty thanks to JC for scribing!

The next call will be on 28 February 2013 at the usual time (9am PT, 12pm
ET, 16 UTC, 6pm CET)

 --------
Resources for Privacy Considerations
For our ongoing task of developing the Privacy Considerations document,
please note that Nick has started collecting resources on the wiki at
http://www.w3.org/wiki/Privacy/Privacy_Considerations. Please contribute.

Privacy Reviews: Ambient Light Events and Proximity Events
As requested by the Device APIs Working Group (DAP), PING members provided
some feedback about privacy considerations for two specifications: Ambient
Light Events and Proximity Events via the email list and on the call. One
item that emerged through the comments was that there may need to be a
privacy consideration about the risk arising from combining information
from various APIs (which may not be evident in each individual
specification).

Frederick Hirsch spearheaded this effort and kindly agreed to consolidate
the PING comments and convey them to the DAP. On the call, Frederick
provided some comments about the review process. First of all, he thanked
PING for reviewing these specifications for the DAP, adding that PING had
provided useful feedback for the DAP. He noted that some of the PING
discussion went outside the scope of the actual specification under review
(i.e., risks arising from sensors in general), so he suggested there may be
a need to talk more about context for future reviews.

This initial set of reviews was really the first "test case" for PING. We
expect to refine this process as we conduct more reviews. Many thanks again
to all those who reviewed the specifications and provided their comments.

WebID Incubator Group
Henry Story chairs the WebID Incubator Group (
http://www.w3.org/2005/Incubator/webid/wiki/Main_Page), and is interested
in getting feedback from PING in regards to privacy considerations for
identity. The group has created some specifications to date (
https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html;
http://www.w3.org/2005/Incubator/webid/spec/) and a preliminary spec on
interoperability  (
http://www.w3.org/2005/Incubator/webid/wiki/Identity_Interoperability). The
goal is to try to provide for privacy in authentication systems for
distributed/decentralized social webs (as an alternative to centralized
systems controlled by a few major players). Of course, there are major
privacy considerations with identity systems, and the WebID group would
welcome comments from PING. Discussions to follow on the mailing list.

Privacy Impact Assessment/Checklist
Frank Dawson is working on this item, as part of the ongoing work on
Privacy Considerations and related guidance. Frank has been presenting this
work at various forums and trying to assess what types of guidance would be
most useful for engineers. Some additional items for a simple "checklist"
for review were identified on a informal basis by Nick Doty during the
discussion of the DAP specifications (above). This is likely evolve as PING
carries out more reviews, and could be incorporated into our privacy
guidance documents.

Fingerprinting guidance -  This item will be on the next callís agenda.

Christine and Tara
Received on Thursday, 21 February 2013 20:35:24 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 21 February 2013 20:35:24 GMT