Re: new Privacy Best Practices draft

Anssi

I've updated the draft based on your comments - thanks for the review. See below.

regards, Frederick

Frederick Hirsch
Nokia



On Jul 6, 2011, at 3:32 AM, Anssi Kostiainen wrote:

> Hi,
> 
> On 6.7.2011, at 0.15, ext Frederick.Hirsch@nokia.com wrote:
> 
>> I have created an initial draft of  a Privacy Best Practices document for service providers.
>> 
>> see http://dev.w3.org/2009/dap/privacy-practices/
>> 
>> Proposed changes to improve this document should be sent to the public list.
> 
> 
> Looks good, some comments.
> 
> I believe adding some concrete examples to the document would make it easier to understand for implementers. The target audience is both UA implementers and 3rd party service developers, right?

This was intended for web service providers who create pages that use the DAP APIs. I've updated title, abstract and intro to reflect this.

> 
> Re "User decisions should be made in context at the time of an operation requiring a decision."
> 
> Would it be helpful to give a concrete example of a widely used implicit permission grant via <input type="file"> and/or drag and drop or other deployed mechanism to make this more concrete?
> 

I added contacts/file API examples and well as mentioned drag and drop.

> Potentially also some other points outlined in Robert's blog post could be distilled into the doc:
> 
>  http://weblogs.mozillazine.org/roc/archives/2011/06/permissions_for.html

I disagree with the ask forgiveness approach as some others have commented. Implicit permissions is something we've discussed in this group for some time. I've made that explicit in the draft.

I'm not sure we need to discuss bundling in the best practices draft.

> 
> -Anssi
> 
> (I fixed the [DAP-PRIVACY-REQS] link and did some minor markup adjustments to the doc.)

Thanks

Received on Wednesday, 6 July 2011 18:56:44 UTC