- From: Jon Ferraiolo <jferrai@us.ibm.com>
- Date: Wed, 29 Oct 2008 09:52:29 -0700
- To: "Aaron Boodman" <aa@google.com>
- Cc: "Andrei Popescu" <andreip@google.com>, "Doug Turner" <doug.turner@gmail.com>, "John Morris" <jmorris@cdt.org>, "Thomson, Martin" <Martin.Thomson@andrew.com>, public-geolocation <public-geolocation@w3.org>
- Message-ID: <OFA0F9916A.3A6EA45E-ON882574F1.005B941C-882574F1.005CB21E@us.ibm.com>
I agree with Ian and Aaron (and probably a few others) that implementation
of security and privacy protection should be left to the "user agent",
which in practice usually will consist of the browser team, the device
manufacturer and the operator working together. All three of these
organizations have strong motivation to implement strong security and
privacy protection (for both legal and commercial reasons). Browser today
already include many features to address security and privacy concerns. The
user agent teams will be sensitive to their needs to add location support
in a manner that doesn't cause trouble to users or themselves.
In terms of meeting the charter requirement "to define a SECURE AND
PRIVACY-SENSITIVE INTERFACE", my view is that it would be sufficient to
include fuzzy language in the specification that says that the user agent
MUST or SHOULD include a security manager component that provides
appropriate security and privacy protection to the end user.
Jon
"Aaron Boodman"
<aa@google.com>
To
10/28/2008 07:39 "John Morris" <jmorris@cdt.org>
PM cc
"Doug Turner"
<doug.turner@gmail.com>, "Thomson,
Martin"
<Martin.Thomson@andrew.com>, Jon
Ferraiolo/Menlo Park/IBM@IBMUS,
"Andrei Popescu"
<andreip@google.com>,
public-geolocation
<public-geolocation@w3.org>
Subject
Re: wording for the privacy section
On Tue, Oct 28, 2008 at 5:52 PM, John Morris <jmorris@cdt.org> wrote:
> According to the charter, the objective of this WG is "to define a SECURE
> AND PRIVACY-SENSITIVE INTERFACE for using client-side location
information
> in location-aware Web applications." To simply assert in a spec that any
> implementation MUST take privacy into account while being silent on HOW
to
> do so accomplishes nothing, and will do absolutely nothing to change the
> norm - which is to wholly ignore privacy. It is crystal clear from both
the
> charter and the list discussion that that the spec being proposed will be
> used in broad diversity of use cases (not just manual user input of
> location), and simply waiving a privacy wand over the whole effort does
not
> constitute a "secure and privacy-sensitive interface." It constitutes
> business-as-usual by leaving privacy for someone else to worry about (and
> ultimately for the end user to lose out on).
This spec is intended to be implemented primarily by web browsers. I
don't see what reason there is to believe that web browser developers
would ignore privacy. In fact, as far as I'm aware, all current
implementations require user permission before divulging location to
applications. This makes sense since any browser which abused users'
privacy would quickly lose them.
- a
Attachments
- image/gif attachment: graycol.gif
- image/gif attachment: pic18612.gif
- image/gif attachment: ecblank.gif
Received on Wednesday, 29 October 2008 16:53:29 UTC