- From: Ian Hickson <ian@hixie.ch>
- Date: Wed, 13 May 2009 19:58:47 +0000 (UTC)
- To: Thomas Roessler <tlr@w3.org>
- Cc: Rigo Wenning <rigo@w3.org>, Doug Turner <doug.turner@gmail.com>, public-geolocation@w3.org
On Wed, 13 May 2009, Thomas Roessler proposed adding: > > [...] Therefore, user agents must take steps to limit the risk of > inadvertent location disclosure, even after permission to share location > has been granted by the user: > > 1. User agents must inform the user when Web applications acquire > location information based on a consent granted previously. [...] > > 2. When location information is passed to a web application, a user > interface for revoking the relevant permissions must be easily and > obviously available. [...] These should all be "should"s at the most, and should probably actually be non-normative suggestions. There's no point requiring particular UI. It's not needed for interoperability. If a browser vendor finds a better way of protecting the user than the suggestions in the spec, then the browser vendor should be allowed to do it. Similarly, if the browser vendor wants to target users who don't care about their privacy, then they should be allowed to do so. Let the legal system protect the user. Our specs have no weight, they are but recommendations. Requirements that constrain the UI are eventually going to be ignored, and once a vendor has ignored one set of requirements, it's only a small step to ignoring the ones that actually matter for interoperability, and then the spec becomes a waste of time. Let's not make that mistake. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Wednesday, 13 May 2009 19:59:25 UTC