Intended usage notification from Thomson, Martin on 2009-03-26 (public-geolocation@w3.org from March 2009)

From: Thomson, Martin <Martin.Thomson@andrew.com>
Date: Thu, 26 Mar 2009 15:39:28 -0500
To: <public-geolocation@w3.org>
Message-ID: <E51D5B15BFDEFD448F90BDD17D41CFF10591069A@AHQEX1.andrew.com>

I'd like to suggest a change that would require specification. It just occurred to me that the notification mechanism is lacking.

Currently, when a site (or page) acquires location information, the typical user interface explains that the site wants location and offers the user an option: yes/no. This notification does not provide sufficient additional information for the user to make an informed decision.

I have no concrete suggestion, so consider this as requirements input. Maybe this can be entered as an issue.

When asked, the user needs to rely on information from the site to make this decision, information that might only be available from a linked privacy policy, or from the context of the page, or something else.

If the site were able to provide a small snippet of information that could be provided by the browser alongside its prompt:

The site http://example.com/ wants to use this information for the following purpose:
"We need your location so that we can find services near you."
or "Your wife thinks that you are cheating her, we're tracking you at her request."
or "We are tracking your whereabouts because we think you are a drug dealer."
Allow this request: [ yes ] [ no ]. [x] Remember this choice.

Maybe this could also allow a link to the site privacy policy as it applies to location.

A second notification would be required if the description of the usage changes at all. This would allow sites to partition their usage and would allow UAs to restrict usage to those that are important to it.

In anticipation of the expected response to this - I don't expect that multiple notifications will be common - such a thing would badly damage user experience.

Such a thing would be quite useful to establish user expectations. This could help with the privacy story.

Cheers,
Martin

------------------------------------------------------------------------------------------------
This message is for the designated recipient only and may
contain privileged, proprietary, or otherwise private information.
If you have received it in error, please notify the sender
immediately and delete the original. Any unauthorized use of
this email is prohibited.
------------------------------------------------------------------------------------------------
[mf2]

Received on Thursday, 26 March 2009 20:40:12 UTC