Re: User Consent and Addresses

Even if I conceded the argument on the basis you lay out, this situation 
is markedly different than the one you describe: the currently specified 
behavior of the "shippingaddresschange" event has a pretty complicated 
interaction with privacy and consent.

If we can't figure out something tenable from a consent perspective with 
the API as currently specified, we need to consider API changes. If you 
are concerned that normative requirements would be ignored by browsers, 
I think we could get by describing a non-normative viable consent 
experience as an existence proof.


On 5/6/16 16:58, Adrian Bateman wrote:
>
> First, we (Microsoft) objected to making such statements in, for 
> example, the Geolocation API. I have no problem with people choosing 
> write recommendations about user experience in a separate document but 
> it shouldn’t be part of an API specification. As an example of one 
> problem, the original language in the Geolocation API wasn’t followed 
> by any implementation and the text had to be retroactively amended to 
> be more realistic considering actual implementations. This suggests it 
> wasn’t helpful to spend time defining the experience.
>
> Another problem with the Geolocation work is that it tried to capture 
> what and not why, which got left behind. In our specs, we should 
> ensure that the security and privacy considerations sections 
> accurately reflect the concerns and leave it up to implementations to 
> determine how to address those concerns.
>
> We shouldn’t spend time in this group trying to decide what user 
> consent might mean including under which geo-specific regulations this 
> might be impacted by.
>
> *From:*Adam Roach [mailto:abr@mozilla.com]
> *Sent:* Friday, May 6, 2016 2:48 PM
> *To:* Adrian Bateman <adrianba@microsoft.com>; Web Payments Working 
> Group <public-payments-wg@w3.org>
> *Subject:* User Consent and Addresses
>
>     *From:*Adam Roach [mailto:abr@mozilla.com]
>     *Sent:* Wednesday, May 4, 2016 3:47 PM
>
>     *Issue A: Interaction between address updates and user consent*
>
>     Section 16.1 specifies that user data, such as shipping addresses,
>     are to be provided to the merchant page only with user consent.
>     It's unclear how this interacts with the behavior of
>     "onshippingaddresschange," which fires every time the user changes
>     their address in a payment app. As a user, I would not inherently
>     expect such actions to be automatically exfiltrated to the
>     merchant web page. We definitely need to think through and
>     document what kind of behavior represents informed user consent in
>     these cases.
>
>
>
> On 5/4/16 20:07, Adrian Bateman responded:
>
>     On Issue A, I very much disagree. This group should not be
>     defining user consent.
>
> I'm trying to understand this assertion. Other specifications that 
> deal with users' private information -- such as the Geolocation API 
> and the Media Capture API -- include treatments of user consent. What 
> is it about the Web Payments WG that would make our specifications 
> exempt from doing so?
>
> -- 
>
> Adam Roach
> Principal Platform Engineer
> Office of the CTO
>


-- 
Adam Roach
Principal Platform Engineer
Office of the CTO

Received on Monday, 9 May 2016 21:02:46 UTC