W3C Workshop Agreement? from Tschofenig, Hannes (NSN - FI/Espoo) on 2010-08-13 (public-privacy@w3.org from July to September 2010)

From: Tschofenig, Hannes (NSN - FI/Espoo) <hannes.tschofenig@nsn.com>
Date: Fri, 13 Aug 2010 11:48:13 +0300
To: <public-privacy@w3.org>
Message-ID: <3D3C75174CB95F42AD6BCC56E5555B4502E9BD97@FIESEXC015.nsn-intra.net>

Hi all,

In the tentative writeup of the workshop it says:

"
The two practical proposals that drew most interest and discussions were the Mozilla privacy icon approach and CDT's privacy rule-set idea. Both also drew significant questions about their practical viability and deployability; yet, further investigation and experimentation with both approaches seems worthwhile.
"

I think it should rather say that we should be honest and write:
"
The two practical proposals that drew most interest and discussions were the Mozilla privacy icon approach and CDT's privacy rule-set idea. Both also drew significant questions from the side of browser vendors and big Web service providers about their practical viability and deployability; yet, further investigation and experimentation with both approaches seems worthwhile.
"
We could even mention the names of the persons / companies to make it more clear.

Furthermore, I was wondering about this statement:

"There was widespread agreement that further community-building work on best practices both for specification writers and implementers, and systematic privacy review of W3C specifications would be useful.
"

Was there really such an agreement?

I recall that certain people said that it would have been nice to provide some implementation hints/user interface aspects into the geolocation specification. However, the same people were previously arguing exactly against including such text into the spec at the time when the spec was written.

I don't recall anyone who had argued that there should be a systematic privacy review of W3C specifications, particularly not the guys (browser vendors & big Web service providers) who largely argued against any technical privacy mechanisms in the geolocation / Device API specs. If you take a look at the geolocation API spec today then you will see that there is very little in there about privacy.

So, I am not sure where this widespread agreement has come from (given that I was at the workshop).

Ciao
Hannes

Received on Friday, 13 August 2010 09:36:32 UTC