Re: [meetings] Agenda Request - Review Working Group Charter Changes (#52)

The charter is not ready for submissions for at least the following reasons. 

At the moment one would have to follow WICG, PATCG, Privacy CG, PING, Federated Id, IWA BG, TAG reviews, Privacy Taskforce, and numerous IETF groups to contribute fully to the debate. Those working for large organisations will find this easier than smaller ones. A small number of the more active people in this group are fortunate to be able to have a job that provides them the mandate and therefore time to engage so fully across these groups. However they do not represent the majority of participants at W3C or the wider web community. 

All W3C members need to be in a position to understand the boundaries of a group. They do fund them via their membership fees after all. If defined well then members can be certain concerning the likely output from the group. However if defined poorly we find problems. Most recently the Decentralized IDentifiers (DID) and Payments groups received Formal Objections to their work. Those familiar with DID will likely agree that the charter was the root cause of the issues. i.e. The Formal Objections should have related to the charter not the eventual output of the group. 

Over the past 26 months I have observed a repeated problem concerning the definition of 'privacy'. As an example; what constitutes 'inappropriate'? There are many different views. We need to agree one. I have argued that something is either lawful or not. It should be easy to define privacy in relation to GDPR for the reasons that @timcowen points out. Anything that is not required by law is irrelevant and potentially anti competitive.

There is then the issue of data sharing. This must be based on the "what" not the "who". Just because the charter does not mention specific words such as 'party', it is clear from the other content in the charter that proposers intend to advance a position where only web browsers can perform certain data processing. I disagree with that position. There are many examples where privacy is achieved without such a restriction. For example; the payments industry. Such a restriction merely serves to concentrate features into the web browser and is thus anti competitive.

@timcowen has raised an innovative suggestion concerning FRAND terms for the data needed to implement a standard. There is nothing that would prevent such a clause being part of the charter therefore providing all web participants the certainty that should they wish to implement independently the standards of the group those that worked on them have already agreed to not only licence the intellectual property related to patents but also access to the necessary input data from their products. As a concrete example I would know that if Google and Mozilla joined the Working Group that they would licence me the data needed to implement the standard outside of a web browser and there would be no need to negotiate such an agreement with them in the future. However Apple if they did not join the group would be under no such obligation. This concept is identical to intellectual property associated with patents and seems very important where functionality is desirable to implement outside the web browser to avoid the web browser becoming a chokepoint.

Rather than cycling through the minutia of specific text the principles raised need to be dealt with clearly and visibility before this charter goes to the membership. There needs to be a short 200 word set of principles to make it clear to the members the boundaries of the group and how these familiar but yet to be resolved issues will be addressed by the group. Leaving the membership and participants to work these things out from references to cross-site in other documents is not very helpful and likely ambiguous leading to many different understandings of the same document. The minutia can then be added once these principles are clear.

-- 
GitHub Notification of comment by jwrosewell
Please view or discuss this issue at https://github.com/patcg/meetings/issues/52#issuecomment-1167805503 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 27 June 2022 19:43:22 UTC