W3C home > Mailing lists > Public > public-geolocation@w3.org > March 2009

Re: Intended usage notification

From: Greg Bolsinga <bolsinga@apple.com>
Date: Thu, 26 Mar 2009 13:53:14 -0700
Cc: "Thomson, Martin" <Martin.Thomson@andrew.com>, public-geolocation@w3.org
Message-Id: <243892E5-F052-405D-959A-9791E3CAF220@apple.com>
To: Doug Turner <doug.turner@gmail.com>

On Mar 26, 2009, at 1:47 PM, Doug Turner wrote:

> Hi Martin,
> Bad sites will lie, a few will probably do the "right" thing, and  
> everyone else will just be confused.  Can't sites just use existing  
> APIs to keep the user informed of what they are trying to do?
> Doug
> On Mar 26, 2009, at 1:39 PM, Thomson, Martin wrote:
>> I'd like to suggest a change that would require specification.  It  
>> just occurred to me that the notification mechanism is lacking.
>> Currently, when a site (or page) acquires location information, the  
>> typical user interface explains that the site wants location and  
>> offers the user an option: yes/no.  This notification does not  
>> provide sufficient additional information for the user to make an  
>> informed decision.
>> I have no concrete suggestion, so consider this as requirements  
>> input.  Maybe this can be entered as an issue.
>> When asked, the user needs to rely on information from the site to  
>> make this decision, information that might only be available from a  
>> linked privacy policy, or from the context of the page, or  
>> something else.
>> If the site were able to provide a small snippet of information  
>> that could be provided by the browser alongside its prompt:
>> The site http://example.com/ wants to use this information for the  
>> following purpose:
>>  "We need your location so that we can find services near you."
>> or    "Your wife thinks that you are cheating her, we're tracking  
>> you at her request."
>> or    "We are tracking your whereabouts because we think you are a  
>> drug dealer."
>> Allow this request: [ yes ] [ no ].  [x] Remember this choice.
>> Maybe this could also allow a link to the site privacy policy as it  
>> applies to location.
>> A second notification would be required if the description of the  
>> usage changes at all.  This would allow sites to partition their  
>> usage and would allow UAs to restrict usage to those that are  
>> important to it.
>> In anticipation of the expected response to this - I don't expect  
>> that multiple notifications will be common - such a thing would  
>> badly damage user experience.
>> Such a thing would be quite useful to establish user expectations.   
>> This could help with the privacy story.
>> Cheers,
>> Martin
>> ------------------------------------------------------------------------------------------------
>> This message is for the designated recipient only and may
>> contain privileged, proprietary, or otherwise private information.
>> If you have received it in error, please notify the sender
>> immediately and delete the original.  Any unauthorized use of
>> this email is prohibited.
>> ------------------------------------------------------------------------------------------------
>> [mf2]
Received on Thursday, 26 March 2009 20:53:54 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:50:54 UTC