- From: Andrei Popescu <andreip@google.com>
- Date: Tue, 4 Nov 2008 14:33:32 +0000
- To: Alissa Cooper <acooper@cdt.org>
- Cc: public-geolocation <public-geolocation@w3.org>
Hi Alissa, On Fri, Oct 31, 2008 at 9:58 PM, Alissa Cooper <acooper@cdt.org> wrote: >> If I understand this right, you are proposing that a client (e.g. a >> Web page) using the API would also get a UsageRules object, in >> addition to the Position object. Further to Ian's question, could you >> please clarify how would the client be constrained to obey the rules >> in the UsageRules object? > > > The client would not be constrained to obey the rules Ok, but this answer leaves me scratching my head, too: how exactly is adding the UsageRules object going to protect the user's privacy? In the answer to Ian's questions you propose a UI where the user agent prompts the user to specify values for these rules (e.g. isRetransmissionAllowed). But the UA has absolutely no idea whether these rules will actually be observed, so this doesn't help at all against a malicious application. Right? So the only sites that will observe these rules are the well-behaved ones, which probably don't need these rules anyway. Or is there something that I am still missing? > well). Every client is not going to use every piece of data it receives via > an API call. But that doesn't mean sending that data is not worthwhile for > clients that will make use of the data. > Right, but I thought you were talking about a privacy protection mechanism that was actually going to help against malicious Web sites. It seems this is not the case? Thanks, Andrei
Received on Tuesday, 4 November 2008 14:34:38 UTC