- From: Shane Wiley <wileys@yahoo-inc.com>
- Date: Tue, 18 Jun 2013 17:47:31 +0000
- To: Rigo Wenning <rigo@w3.org>, "Amy Colando (LCA)" <acolando@microsoft.com>
- CC: "public-tracking@w3.org" <public-tracking@w3.org>, David Singer <singer@apple.com>
Rigo, I believe the issue here is scope. As we're nearing consensus (perhaps not) on the collection and use of data across non-affiliated web sites as a definition for tracking, the question is where does precise geolocation fit in that definition? There are many privacy issues to solve for in the online world - DNT will help advance user privacy in a meaningful way for its scope. I understand the allure of wanting to "pile on" in this process but I'd suggest we manage this in a different forum (perhaps a different W3C WG on Location data). - Shane -----Original Message----- From: Rigo Wenning [mailto:rigo@w3.org] Sent: Tuesday, June 18, 2013 10:35 AM To: Amy Colando (LCA) Cc: public-tracking@w3.org; Shane Wiley; David Singer Subject: Re: Geolocation Amy, we still need a minimum limitation on geolocation. Whatever self regulation you chose that is better will fulfill also DNT requirements. But we can't just say that the most sensitive type of data is out of scope. Only because its hard, doesn't mean we can get around it. That doesn't mean I support the current language. I will have to have a second look at it. --Rigo On Tuesday 18 June 2013 15:00:35 Amy Colando wrote: > I think the path of non normative text - or a cross reference to other > guidance? - might be helpful. Is there something that would help > adopters to understand precise location is something that requires > consent? I'm aware of self regulatory codes that contain this > principle, and if there are other standards based material that would > be good to know too. > > Like David and Shane, I paused on the current language too, as I was > measuring it against the philosophy of " third parties should treat me > as someone about whom they know nothing and remember nothing." > (except for permitted uses) Obtaining current location appears > compatible with this philisophy --and as much as we might wish DNT to > solve a bevy of privacy issues, staying aligned with the "tracking" > issue seems like the way to make progress. > > Sent from my Windows Phone > ________________________________ > From: Rigo Wenning<mailto:rigo@w3.org> > Sent: 6/18/2013 12:48 AM > To: public-tracking@w3.org<mailto:public-tracking@w3.org> > Cc: Shane Wiley<mailto:wileys@yahoo-inc.com>; David > Singer<mailto:singer@apple.com> Subject: Re: Geolocation > > Location is one of the most sensitive personal data. Just removing > text is no ok IMHO as people will look for hints on geolocation. That > we do not have provisions here is fine, but we then need non-normative > text on what to do. > > I think that fine grained geolocation use is incompatible with DNT:1 > Relying on external laws and best practices is not appropriate. We > need a minimum protection here for those unregulated markets. > > So either use postal code, but not k-anonymity, at least not without > specifying a minimum area grid: > http://www.cosic.esat.kuleuven.be/publications/article-1469.pdf > > --Rigo > > On Monday 17 June 2013 23:48:45 Shane Wiley wrote: > > David, > > > > I agree and many Codes of Conduct and separate regulatory guidelines > > are emerging to manage this issue head-on (precise geolocation / > > mobile privacy). I would recommend we drop this from the DNT > > conversation at this time. To our credit, 2 years ago when we > > started this document the external conversation on precise > > geolocation collection and use hadn't really started in earnest. > > Now > > I'd argue those efforts have far exceeded our own so best to remove > > this call out in the draft. > > > > - Shane > > > > -----Original Message----- > > From: David Singer [mailto:singer@apple.com] > > Sent: Monday, June 17, 2013 4:44 PM > > To: public-tracking@w3.org Mailing List > > Subject: Geolocation > > > > I am puzzled that we single out this particular datum, amongst all > > the possible ones. Isn't geolocation privacy best dealt with by the > > geolocation specifications, and shouldn't the general issue be dealt > > with by the limitation on tracking, i.e. > > > > if I live as a hermit in a postal code with no other inhabitants, > > then postal code DOES associate that data with me. > > > > > > David Singer > > Multimedia and Software Standards, Apple Inc.
Received on Tuesday, 18 June 2013 17:49:25 UTC