W3C home > Mailing lists > Public > public-geolocation@w3.org > October 2008

Re: Location privacy concerns

From: Ian Hickson <ian@hixie.ch>
Date: Thu, 23 Oct 2008 20:23:44 +0000 (UTC)
To: John Morris <jmorris@cdt.org>
Cc: public-geolocation@w3.org, Alissa Cooper <acooper@cdt.org>
Message-ID: <Pine.LNX.4.62.0810232020570.1041@hixie.dreamhostps.com>

On Thu, Oct 23, 2008 at 7:36 PM, John Morris <jmorris@cdt.org> wrote:
> Based on the initial spec, it appears that the privacy of the location 
> information conveyed in accordance with the spec is being treated 
> separately from the conveyance of the information itself.  Some of the 
> list discussions suggest that that privacy controls associated with the 
> location information should be handled independently by the UI.  And, as 
> the privacy and security considerations section of the spec is blank, 
> we're guessing that privacy controls are assumed to be handled elsewhere 
> or at best later.

Could you elaborate on the exact scenario through which a user's privacy 
can be violated?

As I understand it, the user has full control over whether a site has 
access to this information or not, and would thus only give the 
information to a site that the user trusts to not abuse the information. 
If the user doesn't trust the site not to abuse the information, then it 
doesn't matter what privacy theory is passed along with the location, the 
site can't be trusted to make abuse it (by definition).

This seems equivalent to all other private information a user gives a site 
access to, such as credit card details, social security numbers, 
preferences, etc. The information is held under the terms of the site's 
privacy policy, and the user makes a decision as to whether to provide the 
information based on whether they trust the site operator or not.

If you could provide a concrete example of a scenario that involves a 
privacy violation that you are concerned about that would be very helpful.

Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
Received on Thursday, 23 October 2008 20:24:21 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:50:52 UTC