[csswg-drafts] [mediaqueries-5] Consider specifying privacy guidelines for user agents which automatically toggle prefers-color-scheme based on user location data (#4404)

Ajedi32 has just created a new issue for https://github.com/w3c/csswg-drafts:

== [mediaqueries-5] Consider specifying privacy guidelines for user agents which automatically toggle prefers-color-scheme based on user location data ==
Currently, the Media Queries Level 5 spec has this to say about the conditions a user agent may decide to take into account when determining what value to use for [prefers-color-scheme](https://drafts.csswg.org/mediaqueries-5/#prefers-color-scheme):

> The method by which the user expresses their preference can vary. It might be a system-wide setting exposed by the Operating System, or a setting controlled by the User Agent.

One common use case I've seen pop up lately is users wanting their system-wide dark mode setting to automatically toggle based on location-dependent data, such as the position of the sun relative to their current geolocation (i.e. they want to automatically turn on "dark mode" at dusk). If implemented naively without taking privacy into account, such a feature combined with prefers-color-scheme could potentially reveal the user's longitude to all websites with a remarkable degree of precision. (Multiple readings over the course of a year might also be able to determine latitude to some extent.)

In my opinion, this particular privacy concern seems both common enough and significant enough that it may be worth calling out explicitly in the spec to ensure it is properly addressed by user agents which choose to implement that feature.

This is also related to #3488

Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/4404 using your GitHub account

Received on Wednesday, 9 October 2019 15:45:58 UTC