Re: [battery] Mitigating potential privacy-invasive usage from Lukasz Olejnik via GitHub on 2016-11-02 (public-device-apis-log@w3.org from November 2016)

From: Lukasz Olejnik via GitHub <sysbot+gh@w3.org>
Date: Wed, 02 Nov 2016 12:34:09 +0000
To: public-device-apis-log@w3.org
Message-ID: <issue_comment.created-257851736-1478090048-sysbot+gh@w3.org>

Hi

@anssiko you are right, let's go with top-level and secure  contexts. 
I am happy with my other suggestions to the spec and mitigation 
strategies... I'd also like to remind my other more concrete 
suggestion about minimizing the output. They're included in [my 
report](http://lukaszolejnik.com/SensorsPrivacyReport.pdf) (which begs
 for an update, as well as converting it into a Note even?). I.e. to 
propose reporting of only certain levels, such as _"low" "medium" 
"full"_, etc. 

Also, since high-level sensors won't provide too much details by 
design, why not considering to split Battery in a high/low-level 
sensor fashion? Thank you also for the historical perspective.

However, the issue is that if someone wants to profile the user based 
on his device battery use, the situation is still somewhat tricky. 
Let's say that an **Honest Ahmed Bicycle Service** (HABS) observes 
that, say, people on Friday night tend to be a bit in a rush to get 
back home, and when their devices are low on battery they would tend 
to agree to pay more for a service... In those cases, even minimized 
data could reveal actionable insight.
 

Thad said, on the technical side - I made sure that the wording in 
suggestions/considerations was adequate and it was leaving enough room
 for vendors.



@cpeterso 

Thank you for a the context behind FirefoxOS motivations. I agree 
about user awareness. Browsers should offer sane settings by default. 
I'm also unsure about the real use cases for 
chargingTime/dischargingTime. Sounds like the real need for those is 
not clear. How about (@anssiko ?) sanitizing/removing those or make 
them optional? If not, I would still suggest to vendors to think 
whether these are needed, and how the actually reported values should 
be processed... Designing  general privacy-vetted strategies APIs  for
 browsers sounds just exciting.



-- 
GitHub Notification of comment by lknik
Please view or discuss this issue at 
https://github.com/w3c/battery/issues/5#issuecomment-257851736 using 
your GitHub account

Received on Wednesday, 2 November 2016 12:34:16 UTC