Re: Privacy report on sensors, for generic sensors API.

Hi Lukasz,

I took an initial look at your report. Before I start giving specific
feedback, could you fill me in a little on your goals for this document? Is
this meant to be a comprehensive list of privacy concerns in the APIs it
mentions, or a more general case study of privacy concerns?

Any sort of "report" on a specific set of issues will quickly go out of
date - however a more general case study, where standards writers can see
some real examples of API privacy failures could be a great tool to help
people threat model.

You might want to consider re-organizing so that it's less of an Intro ->
Discussion -> Conclusion format to something a little less scientific, with
more of a focus on describing the standards, their privacy issues, the
impacts of those issues, and maybe a concluding section helping non-privacy
experts spot the common themes.


/********************************************/
Greg Norcie (norcie@cdt.org)
Staff Technologist
Center for Democracy & Technology
District of Columbia office
(p) 202-637-9800
PGP: http://norcie.com/pgp.txt



*CDT's Annual Dinner (Tech Prom) is April 6, 2016.  Don't miss out!learn
more at https://cdt.org/annual-dinner <https://cdt.org/annual-dinner>*
/*******************************************/

On Tue, Mar 29, 2016 at 10:34 AM, Lukasz Olejnik (W3C) <lukasz.w3c@gmail.com
> wrote:

> Hi Greg,
>
> No timeline, take your time.
>
> But I'm looking forward to feedback, hopefully we might bake something
> good and perhaps not entirely expected ;)
>
> Best
> Lukasz
>
> 2016-03-29 16:21 GMT+02:00 Greg Norcie <gnorcie@cdt.org>:
>
>> Hi Lukasz,
>>
>> Thanks for reaching out, we really appreciate it. We're happy to help.
>>
>> Do you have a timeline for when you'll need comments by?
>>
>>
>> /********************************************/
>> Greg Norcie (norcie@cdt.org)
>> Staff Technologist
>> Center for Democracy & Technology
>> District of Columbia office
>> (p) 202-637-9800
>> PGP: http://norcie.com/pgp.txt
>>
>>
>>
>> *CDT's Annual Dinner (Tech Prom) is April 6, 2016.  Don't miss out!learn
>> more at https://cdt.org/annual-dinner <https://cdt.org/annual-dinner>*
>> /*******************************************/
>>
>> On Tue, Mar 29, 2016 at 5:49 AM, Lukasz Olejnik (W3C) <
>> lukasz.w3c@gmail.com> wrote:
>>
>>> Dear all!
>>>
>>> I am working on a sensors privacy (impact, risk, ...) assessment for a
>>> while now. And I think now it has little sense to withhold it for any
>>> longer, as most of the work I did some time ago, anyway.
>>>
>>> It is primarily intended for Devis APIs WG (DAP), with whom I have the
>>> pleasure to work on the privacy aspects of sensors API.
>>>
>>> I invite you to take a look on the document [1]. I hope it will be
>>> useful, and I primarily hope this can be an appropriate starting input in
>>> privacy considerations of sensors.
>>> Often, as indicated in the PDF report, even perhaps far-fetched
>>> scenarios are considered. Same for cross-device risks, where plausible
>>> scenario could be pointed to.
>>>
>>> As advised in private correspondence with (and by), Tobie Langel (DAP),
>>> it would be good if specific pull(s) request(s) follow. I'll look into that
>>> next.
>>>
>>> Also of note. It is not included in the PDF (should it?), but I believe
>>> it is worthy to require a secure (i.e. TLS) connection for having access to
>>> sensors ('secure contexts') - all of them, generically and just like that.
>>> I can't imagine a scenario where this could cause any issues, apart from
>>> the need to set up a TLS, that is.
>>>
>>> I also highlight my view and want to ask a question. Can W3C give
>>> guidance/recommendation/note regarding the transparency UIs (sometimes
>>> called "privacy user interface")? A method for a straight-forward
>>> user-verification of: what/how was being used, how frequent, etc.
>>>
>>> Please, enjoy ;-)
>>>
>>>
>>> Best regards
>>> Lukasz Olejnik
>>>
>>> [1] http://lukaszolejnik.com/SensorsPrivacyReport.pdf
>>>
>>>
>>>
>>
>