Fwd: CR: Identifiers for WebRTC's Statistics API

WebRTC's Stats API spec includes a security and privacy considerations section:

https://www.w3.org/TR/2018/CR-webrtc-stats-20180703/#security-and-privacy-considerations <https://www.w3.org/TR/2018/CR-webrtc-stats-20180703/#security-and-privacy-considerations>

It notes that a site can request statistics to be reported on the media stream connection in such a way as to reveal network-level information not typically available to JavaScript. There don't seem to be any mitigations suggested or required regarding this network data, although certain data is considered sensitive (data about a peer-to-peer stream that could reveal who is talking when).

I'm not clear on how this is implemented today or what limitations there are, but there seems to be a risk that a site might use WebRTC in the background just to gather statistics about the user's network connection, for example to try to narrow down the visitor's location. Revelation of local IP address is also referred to, although I know some implementers have suggested alternative methods to prevent revealing that IP address.

It might make sense for implementers to limit whether they reveal stats data depending on the user's privacy preferences/mode or whether some permission has been granted to the site.

—Nick

> Begin forwarded message:
> 
> From: Notifier <notifier@aries.w3.org>
> Subject: CR: Identifiers for WebRTC&#x27;s Statistics API
> Date: July 2, 2018 at 11:58:37 PM PT
> To: public-review-announce@w3.org
> Resent-From: public-review-announce@w3.org
> Reply-To: Notifier <notifier@aries.w3.org>
> Archived-At: <https://www.w3.org/mid/E1faFGn-000855-Rt@apus.w3.org>
> 
> Identifiers for WebRTC&#x27;s Statistics API
> 
> https://www.w3.org/TR/2018/CR-webrtc-stats-20180703/
> 
> feedback due by: 2018-12-31
> 
> Abstract
> 
> 
> This document defines a set of WebIDL objects that allow access to the statistical information about a RTCPeerConnection.
> 
> These objects are returned from the getStats API that is specified in [WEBRTC].
> 
> Status of the Document
> 
> 
> This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at https://www.w3.org/TR/.
> 
> This document is incomplete, and as such is not yet suitable for implementation. However, early experimentation is encouraged.
> 
> This document was published by the Web Real-Time Communications Working Group as a Candidate Recommendation. This document is intended to become a W3C Recommendation. Comments regarding this document are welcome. Please send them to public-webrtc@w3.org (subscribe, archives). W3C publishes a Candidate Recommendation to indicate that the document is believed to be stable and to encourage implementation by the developer community. This Candidate Recommendation is expected to advance to Proposed Recommendation no earlier than 31 December 2018.
> 
> Please see the Working Group&#x27;s implementation report.
> 
> Publication as a Candidate Recommendation does not imply endorsement by the W3C Membership. This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress.
> 
> This document was produced by a group operating under the W3C Patent Policy. W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy.
> 
> This document is governed by the 1 February 2018 W3C Process Document.