- From: Rigo Wenning <rigo@w3.org>
- Date: Tue, 19 May 2009 00:39:17 +0200
- To: Lars Erik Bolstad <lbolstad@opera.com>
- Cc: Thomas Roessler <tlr@w3.org>, Doug Turner <doug.turner@gmail.com>, public-geolocation@w3.org
- Message-Id: <200905190039.19995.rigo@w3.org>
Dear Lars Erik, a "must" on 1/ mainly gets you out of the troubled waters of European data protection at low cost. For me 2/ is a special explanatory subgroup of 1/ All this can be derived from the requirement to have the user's consent when acquiring location data as required by two EU Directives and subsequent transposed national law. As there is always new data sent over, the legal requirements are not met with a one time permission for data disclosure for an unforeseeable future. So Thomas' suggestions are rather straightforward requirements, that I think, will prevent subsequent troubles of implementers of the API Specification in the social arena and spare Participants and Implementers a lot of trouble with data protection officials. This is a real monetary advantage that has to be seen against the implementation cost. Best, Rigo Wenning (as Privacy Activity Lead) On Monday 18 May 2009, Lars Erik Bolstad wrote: > > 1. User agents must inform the user when Web applications acquire > > location information based on a consent granted previously. > > > > Example: A user agent shows a specific icon in the status bar > > when the web application that the user currently interacts with > > has acquired location information. > > > > 2. When location information is passed to a web application, a > > user interface for revoking the relevant permissions must be > > easily and obviously available. > > > > Example: By clicking on a status bar indicator for location > > information, the user gets access to a dialogue that permits > > revocation of the location authorization. > > > > 3. User agents should limit the scope of authorizations in time > > by asking for re-authorization in certain intervals. As a > > general guideline, authorizations related to location information > > should not be considered valid for more than one week. Often, a > > shorter time will be appropriate. > > > > </add> > > Thomas, > > I think these are very good proposals for privacy protection on the > UI level. > I personally think we should leave out specific examples of how > this could be implemented in user agents, that should be left to > the creativity of the implementors. > > I also agree with hixie that the "must"s in the first two > requirements should be "should"s.
Received on Monday, 18 May 2009 22:40:02 UTC