GeoPriv and the geolocation api.

Mozilla believes that the privacy and security of users is incredibly  
important.  We believe that the user must always be put in the  
position to make safe decisions.

GeoPriv extends the user's decision from simply a "yes/no", to being  
able to express, among other things, retransmit and retention ideas.   
This spec clearly outlines how authorization of geolocation, and  
probably other forms of data, could be transmitted.  However, GeoPriv  
is not the solution to the problem we have.  There are many other  
pieces of private data that pass between the ua and websites - some  
possibly more sensitive than one's geolocation.  We do not have a  
comprehensive web privacy API that protects these bits.  Adding  
GeoPriv to the Geolocation API will add more bits on the wire, more  
complexity for websites and developers, and yield no protection beyond  
a given site's existing privacy policy.

Mozilla does share the concerns voiced in the GeoPriv charter, but  
does not share the idea that creating APIs makes this problem smaller.

Instead, we believe that much of what GeoPriv provides could be  
addressed by a recommended guideline for websites, similar to the Web  
Content Accessibility Guidelines (WCAG).  The WCAG W3C Recommendation,  
backed by Section 508 (in the US), has done much more than any web API  
could have.  It would be interesting to see if there is interest in  
developing a similar recommendation around privacy, analogous to WCAG,  
presented as guidelines to websites.  Mozilla may be interested in  
helping with such a effort.

Doug Turner
Mozilla Corporation

Received on Thursday, 6 November 2008 22:45:40 UTC