- From: Ian Hickson <ian@hixie.ch>
- Date: Thu, 26 Mar 2009 22:05:45 +0000 (UTC)
- To: "Thomson, Martin" <Martin.Thomson@andrew.com>
- Cc: Greg Bolsinga <bolsinga@apple.com>, Doug Turner <doug.turner@gmail.com>, public-geolocation@w3.org
On Thu, 26 Mar 2009, Thomson, Martin wrote:
>
> This is not intended to be binding, so liars will be free to do that.
Then what's the point?
The good sites aren't the ones that are going to be a privacy risk for
users. The ones that are the problem are the malicious sites that are
going to, I dunno, sell the location of rich people using their site to
organised thieves. And those are the very sites who will lie.
In other words, there are two kinds of sites, and two kinds of prompts:
Prompts that are honest Prompts that are lies
Sites that are The prompt doesn't Won't happen, since
trustworthy and matter, since the user the sites are honest
won't do anything won't be screwed (by definition)
bad with the data either way
Sites that want Won't happen, since The prompt doesn't
to abuse your the sites are dishonest matter, since it is
location data (by definition) a lie
> This establishes a common expectation from users.
That's the problem. It leads users to believe a prompt that can just as
easily be a lie.
It would be the equivalent of teaching users to give their credit cards to
random strangers based purely on the excuse the strangers give, instead
of training users to look for other clues, such as the reputation of the
site, to make their decision.
--
Ian Hickson U+1047E )\._.,--....,'``. fL
http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,.
Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Thursday, 26 March 2009 22:06:40 UTC