Re: geolocation privacy statement strawman


I think we should revive this thread and encourage people to express
their opinion on the wording proposed by Doug (slightly modified to
include a suggestion from Martin):

Privacy considerations for implementers of the Geolocation API:

User Agents must not send geolocation data to websites without
expressed permission of the user. Browsers will acquire permission
through a user interface which will include the document origin URI.
All permissions should be revocable, and applications should respect
revoked permissions.

Some User Agents will have prearranged trust relationship that do not
require such user interfaces. For example, a User Agent will present a
user interface when performs a geolocation request.
However, a voip telephone may not present any user interface when
using a geolocation to perform an E911 function.

Privacy considerations for recipients of location information:

The two primary concerns regarding recipients of geolocation data are
retention and retransmission. Sites must only use private information
for the task for which it was provided to them and must dispose of it
once completed, unless expressly permitted to do so. Users must be
allowed to update and delete location information that they have
posted. Recipient of location information should not retransmit the
location information without the userís consent. Care should be taken
when retransmitting and use of HTTPS is encouraged. Furthermore, a
clear and accessible privacy policy should be made available to all
users that details the usage of location data.


Received on Wednesday, 25 March 2009 14:18:32 UTC