- From: Thomas Roessler <tlr@w3.org>
- Date: Thu, 12 Aug 2010 12:42:49 +0200
- To: Robin Berjon <robin@berjon.com>
- Cc: Thomas Roessler <tlr@w3.org>, public-privacy@w3.org
On 11 Aug 2010, at 16:06, Robin Berjon wrote: > Hi, > > just a few notes going through the report, which is overall good. I wanted to make edits directly but Google Docs seems to be flaky right now so I'm sending them here. > > As much as I love stupid acronyms, I'm not sure that Privacy Interest Group is the best naming choice. It's all bikeshedding afterwards, but maybe Privacy Research/Review Interest Group? That is a wonderful discussion to have when a specific charter is on the table. The workshop report didn't aim to decide on the name. > One thing that was mentioned as part of Google's paper and discussed was how to handle granting access when many (too many for current mechanisms) privacy (and security) impacting APIs were used. I think that this should be reflected as it is likely to be a work item for someone, and is (IMHO) an important architectural issue since what works for one or two APIs breaks down when there are too many. "(lack of) integration of individual privacy decisions when they occur as part of a complex, e.g., augmented reality related, interaction." Can you suggest a specific edit? > I'm not sure what "and that, privacy controls should be kept as close to the mobile device as possible" intends to capture. Presumably, that relying on parties in the network for privacy protection leads to less assurance than relying on the browser directly. > I think that part of what's core to Aza's approach is not just what is needed for users' understanding of policies, but also reflecting what matters to users. That's why there's a difference between sharing data with third parties and selling it to them users seem to care that someone's making money off their backs. "The fundamental idea of this approach is to isolate a number of parameters that matter for users privacy decisions and are understandable, and to provide users with actionable choices." > Deirdre's remark that the icons would fail for the same reason as P3P did was, I thought, somewhat tempered in the discussion that followed the presentations. I'd be happy to see an edit of that text. :) > Speaking of the final discussion, it doesn't seem to be captured at all in the report is that intentional? I think that the main points of the final discussion are captured in the conclusion section; I didn't capture it as a "discussion" narrative. If the report is missing major pieces, I'd welcome specific additions.
Received on Thursday, 12 August 2010 10:42:54 UTC