RE: ACTION ITEM: Review of security and privacy issues paper

Hi Rich and All,



Attached is a new version of the Web Security and Privacy Technologies issue paper. As a result of Rich's feedback:



I added the following to the section, "Challenges for People with Cognitive Disabilities".

*     may be afraid to trust a web site, thus causing them to cancel a transaction

o  Note: This is of particular concern for efforts to personalize web sites so they conform to users' accessibility preferences. (E.g., users may be asked whether they trust a web site in order to pass such preferences.) See:

o  IndieUI<http://www.w3.org/WAI/intro/indieui>

o  Global Public Inclusive Infrastructure (GPII)<http://gpii.net/>

I added the following to the section, "Challenges for People with Cognitive Disabilities," below "The scope of the problem is vast because, for examples, people with disabilities:"

*     may be unable to become accustomed to a web security and privacy technology because there are multiple versions of it across websites.



I added the following to the section, "Ease-of-Use Ideas".



*     Develop and use a consistent interface, such as common sets of vocabulary and iconography, across web sites.



The above was an alteration of the following, which had already existed.

*     Develop and use common sets of vocabulary and iconography across web security and privacy technologies.

Also, it generalizes Rich's point, specific to CAPTCHA UIs, to all security and privacy technologies.

John

John Rochford<http://profiles.umassmed.edu/profiles/display/132901>
UMass Medical School/E.K. Shriver Center
Director, INDEX Program
Instructor, Family Medicine & Community Health
www.DisabilityInfo.org
Twitter: @ClearHelper<https://twitter.com/clearhelper>
[Facebook Button]<http://www.facebook.com/pages/New-England-INDEXShriver-CenterUMass-Medical-School/227064920160>[Twitter Button]<https://twitter.com/NEINDEX> [WordPress Logo] <http://www.disabilityinfo.org/blog/>





-----Original Message-----
From: Richard Schwerdtfeger [mailto:schwer@us.ibm.com]
Sent: Monday, August 03, 2015 9:18 AM
To: public-cognitive-a11y-tf <public-cognitive-a11y-tf@w3.org>
Subject: ACTION ITEM: Review of security and privacy issues paper



The research was excellent. I would add the following, the first of which was discussed in the IndieUI effort and will be encountered as we move to a more personalized web where the user's personal needs and preferences may be passed to a site so that it may provide essential access.



Under "Web security and privacy technologies often block people with cognitive and/or physical disabilities who may not be able to:"

a bullet needs to be added that states:



When authentication occurs a user may be asked whether they trust the site to be able to pass personal, accessibility-related, preferences to the site. This was discussed in IndieUI work. A user may be afraid to trust a new site and it could cause them to cancel a transaction.  The act of asking the question may create concern for any impaired user and for the mature market this may cause even greater concern.



Under "Many people with cognitive disabilities:" add a bullet:

Users may not be familiar with how to operate the captcha form as its look and feel vary from site to site.





A solution for the last one would be a consistent personalized appearance

across web sites. Different forms of authentication, such as a a NFC

device with a security key is a way to provide simplified consistent

access and avoid varying captcha UIs.







Rich Schwerdtfeger