[vibration] privacy consideration PING comments

I attended the Privacy Interest Group (PING) call today [1] where we discussed privacy aspects of the Vibration API [2].

As you may know, we in DAP are considering updating the Vibration REC with the errata and Privacy and Security considerations to bring to REC again.

Some takeaways:

1. We need to add a Security and Privacy Considerations section.

2. This section should consider the "Cross-Device Tracking" threat

This threat consists of using vibration patterns to create a unique pattern that can allow the device to be recognized

Note, this threat may also be applicable to Ambient Light 

3. Another threat is what I might call the "identification threat", that by causing the device to vibrate one might identify an individual (e.g. in a room)

4. Mitigations were mentioned, such as changing the Vibration API to not allow an array to define the pattern, but limiting the choices (e.g. to short and long vibration patterns).

Personally I'm not quite sure that (a) we can change the API without breaking backward compatibility, and (b) whether such a change truly mitigates the threat. 

I also noted on the call that many threats need to be addressed at the application level.

Chaals also noted that we don't want to limit the vibration API too much, since it can be used for blind/sight limited people  to allow them to 'view' images etc and we wouldn't want mitigations to limit the functionality.

5. 'Fingerprinting' may or may not be a threat (not sure it is related to the vibration functionality), but it is a general threat to consider

6. Applications might want to give indications when vibration is in use.

regards, Frederick

Frederick Hirsch
Chair, W3C Device APIs WG (DAP)

www.fjhirsch.com
@fjhirsch

[1] https://lists.w3.org/Archives/Public/public-privacy/2016JanMar/0023.html

[2] https://lists.w3.org/Archives/Public/public-device-apis/2016Feb/0049.html

Received on Friday, 26 February 2016 00:35:20 UTC