- From: Henning Schulzrinne <hgs@cs.columbia.edu>
- Date: Tue, 16 Jun 2009 09:34:51 -0400
- To: Rigo Wenning <rigo@w3.org>
- Cc: Andrei Popescu <andreip@google.com>, public-geolocation@w3.org, Thomas Roessler <tlr@w3.org>
I'm not sure I fully understand the proposal; here's my understanding: A link leads to a structured data object that describes the privacy policy. The format could be P3P or something geo-specific. Operating on that assumption, I think this is generally a good idea, as simply referring to the usual privacy statement does not work well: - It's almost impossible to render on small devices or on screen readers (imagine trying to have the privacy statement read aloud to you before deciding whether to submit location information or running Babelfish on such a statement) - It's far too long for people to read (sometimes that seems intentional). - It's written in legalese that's barely understandable to lawyers, let alone non-native speakers of English (even assuming that it's written in English). - It can change at any time and changes are not detectable by users, so that users may believe that they are submitting their information under one set of conditions, but are actually not, even assuming the highly unlikely case that they did read the original privacy statement. (There are exceptions for extremely high-profile companies like Facebook, but such public scrutiny is very unlikely for the vast majority of web sites.) I believe there are studies that show that users just don't read these statements, so there's clear quantitative evidence that this "user interface" is not working. Conversely, a structured format makes it easy for clients to - render important information in a device-appropriate way, including non-visually or iconically - it can be rendered in other languages - it is easy to detect if the information has changed - it is possible for UAs to automatically flag problematic things (for example, a user could set a policy "never submit location information to a company that uses this material for advertisements" and then raise an alert before agreeing to do that) This idea is hardly novel or radical: This is the basic idea behind standardized disclosure forms on nutrition labels and credit card statements, and has been proposed for other contracts more generally, for pretty much the same reasons. A good example of this discussion can be found at http://www.nytimes.com/2009/05/24/opinion/24gibson.html I'm not sure what happened to the idea, but I believe the Obama administration has proposed something similar for mortgage contracts. If one can reduce the essentials of food and contracts to a structured rendition, I don't see why this would be all that much more difficult for basic privacy constraints. It is clear that any such information, whether a 25-page statement or a structured one, can be a lie. But it's a lot easier to catch liars when they are forced to be succinct and precise, rather than employ weaselwords. Given the small number of participants, claiming majority consensus when the same three or four people are always speaking up against any such idea seems a bit thin. Who elected or appointed you as community representatives? (The basic problem in all standards organizations is that they are vendor-driven; consumers/users are almost never represented. I realize the difficulty of achieving that, but we should be well aware of the built-in biases of these processes, particularly from a public policy perspective.) Henning
Received on Tuesday, 16 June 2009 13:35:29 UTC