- From: Adam Roach <abr@mozilla.com>
- Date: Fri, 6 May 2016 16:48:06 -0500
- To: Adrian Bateman <adrianba@microsoft.com>, Web Payments Working Group <public-payments-wg@w3.org>
Received on Friday, 6 May 2016 21:48:37 UTC
> *From:*Adam Roach [mailto:abr@mozilla.com] > *Sent:* Wednesday, May 4, 2016 3:47 PM > > *Issue A: Interaction between address updates and user consent* > > Section 16.1 specifies that user data, such as shipping addresses, are > to be provided to the merchant page only with user consent. It's > unclear how this interacts with the behavior of > "onshippingaddresschange," which fires every time the user changes > their address in a payment app. As a user, I would not inherently > expect such actions to be automatically exfiltrated to the merchant > web page. We definitely need to think through and document what kind > of behavior represents informed user consent in these cases. > On 5/4/16 20:07, Adrian Bateman responded: > > On Issue A, I very much disagree. This group should not be defining > user consent. > I'm trying to understand this assertion. Other specifications that deal with users' private information -- such as the Geolocation API and the Media Capture API -- include treatments of user consent. What is it about the Web Payments WG that would make our specifications exempt from doing so? -- Adam Roach Principal Platform Engineer Office of the CTO
Received on Friday, 6 May 2016 21:48:37 UTC