- From: Karl Dubost <karl@w3.org>
- Date: Thu, 12 Jun 2008 16:27:08 +0900
- To: Alec Berntson <alecb@windows.microsoft.com>
- Cc: "public-geolocation@w3.org" <public-geolocation@w3.org>
Le 7 juin 2008 à 03:32, Alec Berntson a écrit : > Opt-out by default > By default, no page can access the users location no access by default geo-location access always required (opt-in) opt-out (mandatory feature) I would add a system where in some predefined areas, on services I have chosen opt-in to be hidden. Track me when I'm walking in this isolated region (emergency), but you will be unable to access my data when I'm in this urban area. This predefined areas can be set on the device, not on the service. > UI to alert the user > There needs to be an alert when a page requests the user's location > There needs to be some form of status UI indicating when location > data is being accessed +1 > Least privilege > The user should be given the option to allow access to a page (or > domain) for > Just this once > Just this session > Always And to remove during a session or Always. I'm used to deny cookies by default, and it's always a pain to go through preferences to authorize them again for a specific site. > Data 'fuzzing' > User can control how much resolution to give to a page > Add noise to the data if more accurate information is > available than is requested See http://lists.w3.org/Archives/Public/public-geolocation/2008Jun/0054 > Logging > Keep a log of what information was given out to whom +1, a log on the device. The log can't be transmitted nor accessed through Web page scripts. I'm adding another one: Identified Geolocation We might want to send geolocation to a site to know where we are, but we don't necessary want to be identified. I send to your service my geodata, but this and only this. It becomes even more critical with mobile phone. -- Karl Dubost - W3C http://www.w3.org/QA/ Be Strict To Be Cool
Received on Thursday, 12 June 2008 07:27:45 UTC