W3C home > Mailing lists > Public > public-device-apis-log@w3.org > January 2019

Re: [deviceorientation] Add API for requesting permission to receive device motion / orientation events (#57)

From: Rich Tibbett via GitHub <sysbot+gh@w3.org>
Date: Thu, 31 Jan 2019 10:55:41 +0000
To: public-device-apis-log@w3.org
Message-ID: <issue_comment.created-459302243-1548932140-sysbot+gh@w3.org>
I'm exasperated by the level of cognitive dissonance in this discussion.

The 3 recommendations to resolve all fingerprinting or key logging ability in this API and to prevent a breakdown of all existing web developer code are as follows:

* **Obfuscation**: Add a random constant in the range [-0.05, 0.05] to all `deviceorientation` data and [-0.005, 0.005] to all `devicemotion` data. Optionally adjust that value during idle periods of inactivity for dynamic obfuscation (when e.g. the device is placed on a table).

* **Quantization**: Round all sensor data to a discrete set of values. For `deviceorientation` round the data emitted to e.g. 2 decimal places. For `devicemotion` round the data emitted to e.g. 4 decimal places.

* **Frequency**: Optionally, reduce sensor data frequency from 60Hz to e.g. 30Hz.

Why are these solutions, that do not impact the footprint of this API, still not being seriously considered? Even if that turns out to be an interim solution it presents a more positive development of this API than the disruptive, backward-incompatible changes being considered.

How would these updates not strike the correct pragmatic balance of resolving all privacy concerns while protecting access for legitimate users?

If these low-impact fixes for the original reported issue continue to be ignored this is what a responsible deprecation process for established Web APIs looks like: https://developers.google.com/web/updates/2018/09/chrome-70-deps-rems#deprecation-policy

Nobody has ruled out a permissions approach for this API if that is the least-worst acceptable solution. I'm just surprised that there is such little interest in progressively experimenting and fixing issues according to the recommendations of all studies in to the issues.

GitHub Notification of comment by richtr
Please view or discuss this issue at https://github.com/w3c/deviceorientation/issues/57#issuecomment-459302243 using your GitHub account
Received on Thursday, 31 January 2019 10:55:42 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:34:27 UTC