W3C home > Mailing lists > Public > public-bpwg@w3.org > September 2008

ISSUE-278 (adam): 3.3.2 Inform user about use of PIM information [Mobile Web Applications Best Practices]

From: Mobile Web Best Practices Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Thu, 18 Sep 2008 12:05:54 +0000 (GMT)
To: public-bpwg@w3.org
Message-Id: <20080918120554.825235F74D@stu.w3.org>

ISSUE-278 (adam): 3.3.2 Inform user about use of PIM information [Mobile Web Applications Best Practices]


Raised by: Adam Connors
On product: Mobile Web Applications Best Practices

Bryan comments:

Under "3.3.2 Inform the User About Use of Personal Information and Degrade Gracefully if Permission is Denied":

Similar to the comment to "4.3.1 Inform the User About Automatic Use of Networks", the earlier version (20080522) guidance on personal information disclosure should be restored:

"The following information should be disclosed:

- the types of personal information (data or contextual information, e.g. location) that will be used by the application

- what personal information will be exchanged via the Internet, and how it will be secured "

While the new text in the current draft is also useful (re API-based prompts), I believe developers need to disclose the *intended* use of personal information as well, since:

- the information may not be obtained through device API's or the API's may not provide any prompt

- the user may want to decide not to begin using the application (or at least, not at this time)

The method of disclosure may vary (as with the network usage recommendation, perhaps through a "help" menu/page), but equally important is *what* types of information should be disclosed.

Adam Comments:

->-> Happy to enumerate these. I think it's *very* important that we agree on where / when this sort of information is imparted -- there is another issue on this. 

->-> The crucial difference is to the best of my knowledge all PIM data access is preceded by a native prompt. So we really are talking about: "If your app uses PIM data it should declare it's usage in the T&C's or Help pages or on a privacy tab." This feels separate to the main application flow, do we think it should be in this document? What was the view on such things in BP1, I imagine there were similar cases.
Received on Thursday, 18 September 2008 12:07:41 UTC

This archive was generated by hypermail 2.4.0 : Friday, 25 March 2022 10:09:52 UTC