RE: PLING - Call to Action....

Hi all,
 
Isn't the privacy ruleset approach similar to a weak audit approach? I mean it's not so useful to specify some future behaviour of a service provider if one is not sure she is confronted to a real threat or not.
The ruleset approach works well with the nice guys, who probably will behave nicely anyway. The bad guys will laugh at the privacy ruleset.
Another thing about auditability is that it involve some notarial recording, here with the "privacy ruleset" there is no record about what the user specified, so no legal enforcement could be achieved: The user terms about her interaction with the service provider will be lost as nobody record it!
This audit approach is not the same as a policy approach which enforce in real time.
 
Let me know your opinion,
 
Jean-Pierre

________________________________

De : public-pling-request@w3.org [mailto:public-pling-request@w3.org] De la part de Renato Iannella
Envoyé : mardi 17 août 2010 02:19
À : pling
Objet : PLING - Call to Action....


Dear PLINGers...

You maybe interested in the outcomes of the recent W3C Workshop on Privacy for Advanced Web APIs - the report [1] states "the W3C staff plans to propose a charter for a Privacy Interest Group... Such an Interest Group could also provide a focal point for privacy-related coordination with other interested standard development organizations".

One of the other interesting activities of the W3C Device APIs and Policy WG - reported from the Workshop -was the development of the "Privacy Rulesets" [2] - a way to describe user privacy preferences.

Clearly, these impact on the future of PLING and our role in W3C.

We should discuss this at the next teleconference (at least) and online now...

Cheers

Renato Iannella
http://renato.iannella.it

[1] http://www.w3.org/2010/api-privacy-ws/report
[2] http://dev.w3.org/2009/dap/privacy-rulesets/