- From: Aaron Boodman <aa@google.com>
- Date: Tue, 28 Oct 2008 19:39:08 -0700
- To: "John Morris" <jmorris@cdt.org>
- Cc: "Doug Turner" <doug.turner@gmail.com>, "Thomson, Martin" <Martin.Thomson@andrew.com>, "Jon Ferraiolo" <jferrai@us.ibm.com>, "Andrei Popescu" <andreip@google.com>, public-geolocation <public-geolocation@w3.org>
On Tue, Oct 28, 2008 at 5:52 PM, John Morris <jmorris@cdt.org> wrote: > According to the charter, the objective of this WG is "to define a SECURE > AND PRIVACY-SENSITIVE INTERFACE for using client-side location information > in location-aware Web applications." To simply assert in a spec that any > implementation MUST take privacy into account while being silent on HOW to > do so accomplishes nothing, and will do absolutely nothing to change the > norm - which is to wholly ignore privacy. It is crystal clear from both the > charter and the list discussion that that the spec being proposed will be > used in broad diversity of use cases (not just manual user input of > location), and simply waiving a privacy wand over the whole effort does not > constitute a "secure and privacy-sensitive interface." It constitutes > business-as-usual by leaving privacy for someone else to worry about (and > ultimately for the end user to lose out on). This spec is intended to be implemented primarily by web browsers. I don't see what reason there is to believe that web browser developers would ignore privacy. In fact, as far as I'm aware, all current implementations require user permission before divulging location to applications. This makes sense since any browser which abused users' privacy would quickly lose them. - a
Received on Wednesday, 29 October 2008 02:40:03 UTC