- From: Chris Butler <cbutler@dash.net>
- Date: Sat, 7 Jun 2008 18:47:01 -0700
- To: "Alec Berntson" <alecb@windows.microsoft.com>, <public-geolocation@w3.org>
Hi Alec.
I think that you make a good point about the 'fuzzing' of user location.
I wonder what the best way to do this though is.
In the case of just giving city level information, here are some
options:
* Lat/lon of a geocoded center of the city
* Geocode-able city name
* Bounding box of the city
The last option sounds like the best since it is non specific and
doesn't give any single point as the location...
Thoughts?
Thanks.
Chris Butler | Content Platform Evangelist, Dash Navigation | Office:
408-543-2939 | Mobile: 415-577-9130 | Fax: 408-400-0939
-----Original Message-----
From: public-geolocation-request@w3.org
[mailto:public-geolocation-request@w3.org] On Behalf Of Alec Berntson
Sent: Friday, June 06, 2008 11:32 AM
To: public-geolocation@w3.org
Subject: Geolocation: Security and Privacy
One of the most important aspects of the geolocation API spec (IMO) will
be the privacy and security requirements. The user's current location is
probably the most one of the most sensitive pieces of personal
information available. The references in the draft spec point to a few
solid approaches that I would like to highlight (and build on):
Opt-out by default
By default, no page can access the users location
UI to alert the user
There needs to be an alert when a page requests the user's location
There needs to be some form of status UI indicating when location
data is being accessed
Least privilege
The user should be given the option to allow access to a page (or
domain) for
Just this once
Just this session
Always
Data 'fuzzing'
User can control how much resolution to give to a page
Add noise to the data if more accurate information is available
than is requested
Logging
Keep a log of what information was given out to whom
Hope that kicks off some discussion!
-Alec
Received on Sunday, 8 June 2008 22:30:07 UTC