- From: David Singer <singer@apple.com>
- Date: Fri, 13 Aug 2010 08:50:23 -0700
- To: "Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com>
- Cc: public-privacy@w3.org
- Message-Id: <79C0A553-938A-468D-927A-85F4D0879DFF@apple.com>
well, I 'worried' about the fact that we commit 'inadvertent' privacy problems (e.g. "link visited", the poster child) and that perhaps we should be more systematic about asking "does naive implementation of this spec. lead to privacy problems?". This is NOT writing privacy rules, policies etc. into the specs, which I think is much harder; it's owning up to our part in the overall complex. On Aug 13, 2010, at 1:48 , Tschofenig, Hannes (NSN - FI/Espoo) wrote: > Furthermore, I was wondering about this statement: > > "There was widespread agreement that further community-building work on best practices both for specification writers and implementers, and systematic privacy review of W3C specifications would be useful. > > " > > Was there really such an agreement? > > I recall that certain people said that it would have been nice to provide some implementation hints/user interface aspects into the geolocation specification. However, the same people were previously arguing exactly against including such text into the spec at the time when the spec was written. > > I don't recall anyone who had argued that there should be a systematic privacy review of W3C specifications, particularly not the guys (browser vendors & big Web service providers) who largely argued against any technical privacy mechanisms in the geolocation / Device API specs. If you take a look at the geolocation API spec today then you will see that there is very little in there about privacy. > > So, I am not sure where this widespread agreement has come from (given that I was at the workshop). > > Ciao > Hannes > David Singer Multimedia and Software Standards, Apple Inc.
Received on Friday, 13 August 2010 15:50:56 UTC