Re: Adding another permission? A guide

wt., 2 paź 2018 o 23:53 Nick Doty <npdoty@ischool.berkeley.edu> napisał(a):

> Hi Lukasz,
>
> On Oct 2, 2018, at 12:06 AM, Lukasz Olejnik (W3C) <lukasz.w3c@gmail.com>
> wrote:
>
> One question: who is to ultimately decide/etc as to whether a permission
> is justified and/or makes sense? Consensus? Permissions WG? TAG? A
> dedicated 'elders of permissions' group?
>
>
> I wasn't envisioning any new enforcement/decision-making mechanisms with
> this guide. If there is general agreement on these questions or this
> approach, then I think it could come up during TAG review, or PING (Privacy
> Interest Group) review, or better yet, be considered by
> implementers/feature designers before getting to those review stages.
>

That's what I think, PING+TAG may be enough.  But again, implementors
should be included as well (and the major ones are currently, at least in
the TAG).


>
> That being said, there was the suggestion at this meeting that other
> stakeholders could play a role. For example, civil society groups like
> Consumer Reports might evaluate browsers or web sites in how they handle
> permissions and having a common rubric might make those evaluations viable
> or more effective. Or researchers can keep track of where the system is
> falling short.
>

...but on the other hand, PING+TAG would be a bit confined, so not clear
how to meaningfully manage 'engagement'. Thinking of it, such edge-cases
might be rare. But if there many be any, I would not feel comfortable not
thinking of this in advance. Alternatively, to simplify: designate a task
force composed out of TAG/PING members, so people know where to "call" (but
then - how to actually contact is a separate issue).

I think we should not exclude the possible evolution on the permissions
front (both their meaning, potential expansion, and so).

Kind regards
Lukasz


>