- From: David Rogers <david.rogers@wholesaleappcommunity.com>
- Date: Wed, 4 Aug 2010 11:05:54 +0100
- To: "John Carr" <johnc1912@msn.com>, "Marcos Caceres" <marcosc@opera.com>
- Cc: "Perez, Aram" <aramp@qualcomm.com>, <ifette@google.com>, "Karl Dubost" <karl+w3c@la-grange.net>, <Frederick.Hirsch@nokia.com>, <public-privacy@w3.org>
John, Many people will know that the AC Cobra was caught doing 196mph which helped introduce the 70mph limit on motorways in the UK - what was to blame, the driver, the company, the car or the wide empty brand new M1 motorway? Generally it is the misuse or perceived misuse of the technology, not the technology itself. I am a strong proponent of corporate social responsibility, but let's embrace all the good that the technology can bring too rather than jump on the Daily Mail style 'scare the public' band-wagon. It is not helpful to the debate. I think I agree with you on some points and I might add that many companies are acting in a responsible manner in their approach to this topic, which is one of the reasons this workshop was setup in the first place. It is unfortunate also that you were not able to come on the CEOP meeting I coordinated to talk about child protection and privacy issues. There were many striking points that came up from that meeting but the key situation was that our assumptions were changed in terms of the ways that children need to be protected - particularly about the way location services could be abused - i.e. we assumed a much worse situation than is probably going to be the reality (I am happy to talk through the details of this offline with you). Let's also separate child protection (abuse related) from age restrictions. These are two separate issues. As I explained in the meeting - from the age restriction point of view, your attacker is usually the person you are trying to restrict access to (the user) - i.e. 14 year old trying to buy fireworks etc. In the other case, the attacker is a third party. Cheers, David. -----Original Message----- From: John Carr [mailto:johnc1912@msn.com] Sent: 04 August 2010 09:59 To: 'Marcos Caceres' Cc: 'Perez, Aram'; ifette@google.com; 'Karl Dubost'; Frederick.Hirsch@nokia.com; David Rogers; public-privacy@w3.org Subject: RE: Location services and age limit Re: Location in the news I'd hate to get between you and your cows. I'll check with the Cow Liberation Front to see if they have any problems with this, but I surely don't. Seriously, I agree. I guess my point is that the big companies that are rolling out these services should behave more responsibly. They should have worked all this out. That would have been the socially responsible thing to do. The API, as such, is not the primary issue, but can you guys find a way out of the dilemma? We shouldn't have to do this but if we do press for laws on this, will the big companies fight them? Use their lobbying power and their lawyers to try to defeat us or delay things until they have anyway amassed a huge amount of location data which they can analyse and use for commercial purposes? I'm sorry for banging on about the big companies, but to quote Superman "With great power, goes great responsibility". To their great credit, not all big companies are rushing into this market. Only some of them are. -----Original Message----- From: Marcos Caceres [mailto:marcosc@opera.com] Sent: 04 August 2010 09:22 To: John Carr Cc: 'Perez, Aram'; ifette@google.com; 'Karl Dubost'; Frederick.Hirsch@nokia.com; david.rogers@wholesaleappcommunity.com; public-privacy@w3.org Subject: Re: Location services and age limit Re: Location in the news On 8/4/10 9:45 AM, John Carr wrote: > It is absolutely not the case that every company provides a uniform > service in every country in which it operates. Companies have to make > all kinds of adjustments to fit in with local laws, so having variable > ages of majority/consent is not novel. > > In Spain, for example, they have a specific law which says that a > child must be 14 (not 13 as in the USA and many other countries) > before he or she can join, for example, a social networking service > without first obtain verifiable parental consent. So at least to join > MySpace or Facebook in Spain the rule is 14, not 13. > > In Sweden it is absolutely forbidden to advertise certain products, so > they are not advertised within the .se domain - even though I might be > using the .se domain outside of Sweden where that kind of advertising > is allowed. I am a British citizen. I pay my licence fee for the BBC. > Yet if I am in Egypt (and most other countries) I cannot watch BBC > programmes on my laptop. They detect that I am not in the UK. If I try > to play the lottery outside of the UK.....The list of examples like > this goes on and on. > > And by the way, there is only one age recognised globally as being the > age of majority, that is 18 (although it allows for local variation > true enough). Defined by the UNCRC. Also the idea is not to stop any > child under the age of 18 from being the subject of or using a > location service. The idea is that where it is established that such a > person is under that age the supplier of the location service must > first obtain verifiable parental consent. Very do-able if the company > is willing to go to the trouble and expense of setting up the systems. > > Of course it is always possible that bad guys will invent fake ways of > "proving" you are over 18, but does that provide an alibi for inaction? > I don't think so. That way madness lies. You would never do anything > if you anticipated what illegal methods might derail something. No > such fake ways of getting around the UK gambling web sites' > requirements have yet emerged in the UK. Has the odd child managed to > get around the rules? Maybe, but we haven't heard of any cases yet. > > This is about making an effort to get it right. It is not about having > to get it right 100% of the time. That would be unreasonable. It is > not what the law requires in relation to gambling. As with real world > situations you are only required to make reasonable efforts. > > If I had a pound (or a dollar) for every time I had heard the > following, I'd be writing this email from my spare yacht in the Caribbean. > > "Hey guys. I've thought about this a hell of a lot. My reasoned > conclusion is that we should leave things just as they are and do > nothing. We got this right again. Phew! Think of all the money and > effort I just saved us." This still sounds like a legal issue, not an issue with the API itself. As objects in the real world (glue, beer, cigarettes, etc.) cannot check if the person using them is 18, neither can the API. The API is just some dumb bit of code. So, it seems reasonable to go out and get law made for particular services - so long as the law does not restrict me from using the API privately... to track my cows, for instance... or to create widgets that derive my location from the GPS in my phone, etc. It's no one's business what I use the API privately for. -- Marcos Caceres Opera Software
Received on Wednesday, 4 August 2010 10:07:50 UTC