W3C home > Mailing lists > Public > public-geolocation@w3.org > October 2008

Re: wording for the privacy section

From: Aaron Boodman <aa@google.com>
Date: Tue, 28 Oct 2008 19:39:08 -0700
Message-ID: <278fd46c0810281939j7eb4f2dbha77534a26c63de60@mail.gmail.com>
To: "John Morris" <jmorris@cdt.org>
Cc: "Doug Turner" <doug.turner@gmail.com>, "Thomson, Martin" <Martin.Thomson@andrew.com>, "Jon Ferraiolo" <jferrai@us.ibm.com>, "Andrei Popescu" <andreip@google.com>, public-geolocation <public-geolocation@w3.org>

On Tue, Oct 28, 2008 at 5:52 PM, John Morris <jmorris@cdt.org> wrote:
> According to the charter, the objective of this WG is "to define a SECURE
> AND PRIVACY-SENSITIVE INTERFACE for using client-side location information
> in location-aware Web applications."  To simply assert in a spec that any
> implementation MUST take privacy into account while being silent on HOW to
> do so accomplishes nothing, and will do absolutely nothing to change the
> norm - which is to wholly ignore privacy.  It is crystal clear from both the
> charter and the list discussion that that the spec being proposed will be
> used in broad diversity of use cases (not just manual user input of
> location), and simply waiving a privacy wand over the whole effort does not
> constitute a "secure and privacy-sensitive interface."  It constitutes
> business-as-usual by leaving privacy for someone else to worry about (and
> ultimately for the end user to lose out on).

This spec is intended to be implemented primarily by web browsers. I
don't see what reason there is to believe that web browser developers
would ignore privacy. In fact, as far as I'm aware, all current
implementations require user permission before divulging location to
applications. This makes sense since any browser which abused users'
privacy would quickly lose them.

- a
Received on Wednesday, 29 October 2008 02:40:03 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:50:52 UTC