Re: Comments/Questions on Media Capture Streams – Privacy and Security Considerations from Rigo Wenning on 2015-10-28 (public-media-capture@w3.org from October 2015)

From: Rigo Wenning <rigo@w3.org>
Date: Thu, 29 Oct 2015 00:51:06 +0100
To: public-privacy@w3.org
Cc: Eric Rescorla <ekr@rtfm.com>, Martin Thomson <martin.thomson@gmail.com>, Nick Doty <npdoty@w3.org>, Mathieu Hofman <Mathieu.Hofman@citrix.com>, Harald Alvestrand <harald@alvestrand.no>, "public-media-capture@w3.org" <public-media-capture@w3.org>
Message-ID: <9295478.HCZMR7W0kl@hegel>

On Friday 23 October 2015 16:29:42 Eric Rescorla wrote:
> In fact the RTCWEB Security Architecture documents used to require that
> the site opt-in to persistent permissions and there was strong consensus
> to remove that requirement precisely because browsers weren't interested
> in implementing it.

We are repeating the geolocation experience where (mostly US-policy inspired) 
browsers were saying that they would only implement a one time a permission 
request to use your location and they would never ask again. 

My remark that the European Law here requires a permanent beacon to be shown 
as long as one is located was met with rather violent opposition and the 
requirement didn't make it into the Specification. But at the end of the day, 
everybody implemented the constant beacon as they wanted to ship in Europe.  

I predict that if browsers do one time requests on WebRTC and it isn't a legal 
requirement yet in Europe to easily revoke it, it will become a legal 
requirement quickly. And this legal requirement will certainly be worse than 
doing it right in the first place. So while there may be an interest to 
benefit from the weak protections in some intermediate time, the refusal to 
implement will not be sustainable on the long run. It actually adds to the 
transatlantic unease. What is the gain to justify such important tradeoffs?

 --Rigo

Received on Wednesday, 28 October 2015 23:51:30 UTC