- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Thu, 18 Oct 2012 07:54:46 -0400
- To: David Singer <singer@apple.com>
- CC: public-privacy list <public-privacy@w3.org>, WebID XG <public-xg-webid@w3.org>
- Message-ID: <507FEE06.10706@openlinksw.com>
On 10/18/12 3:12 AM, David Singer wrote: > On Oct 17, 2012, at 19:50 , Kingsley Idehen <kidehen@openlinksw.com> wrote: > >> On 10/17/12 2:17 AM, David Singer wrote: >>> On Oct 16, 2012, at 20:40 , Henry Story <henry.story@bblfish.net> wrote: >>> >>>> But that is not yet transparency I am looking for. Because you could go to a site and click mistakenly on "accept cookies forever", and you could easily forget about it later. What is >>>> needed I was arguing is the ability to be able to see in your URL bar that you are using cookies >>>> and be able to switch it off easily. Then you would be made aware constantly of your identity at >>>> a site. >>> The problem is that many, if not most, sites use cookies, and a warning that is almost always on gets ignored. >>> >> David, >> >> Yes, and that's a function of the current UI/UX patterns. The very patterns that Henry is trying to bring to the attention of browser developers. Fixing existing broken UI/UX patterns are the key to bringing the "identity" issue into clearer context for browser users. >> >> To conclude, this is a problem that can be solved by browser vendors stepping to the plate and delivering functionality desperately sought (knowingly or unknowingly) by browser users. There are no browser users that seek to knowingly compromise their rights to online privacy. > > I think we are at cross-purposes. You seem to be making the rough suggestion that browser vendors aren't indicating which sites set cookies because they want to drag their feet, rather than responding to my point. > > To reiterate: > a) a warning that a site uses cookies will rapidly be ignored, and hence useless and meaningless to users (who takes any notice of a red lamp that's always on?) > b) the more problematic uses of cookies are from sites that are not the primary one the user visits, and a warning that comes on when *any* site included in the page uses them is almost certain to come on 99% of the time > c) many cookies are nothing to do with privacy > > David Singer > Multimedia and Software Standards, Apple Inc. > > > I am talking about "identity" and all of the constituent aspects relevant to browsers. Cookies are identifiers, they are part of the "identity matrix" . Privacy is ultimately about self calibration of one's vulnerability. This fundamental principle is realm agnostic. A browser should put me in position to know: 1. my current login identity at any given point in time 2. nature of all identifiers used to construct my identity -- this includes cookies. The browser has all the data, it just needs to improve the UI/UX based on a better understanding and appreciation of identity, in a manner that's fully controlled by the end-user. We can only start solving this problem by accepting the fact that end-users should possess full control over their identity when working with browsers. We should be rapidly moving away from today's surreptitious identity patterns which operate of the false assumption that the browser application developers know best, when in fact they don't. Identity is inherently nebulous. Thus, it's always best controlled by the Referent (ultimately an end user) of identifiers. -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca handle: @kidehen Google+ Profile: https://plus.google.com/112399767740508618350/about LinkedIn Profile: http://www.linkedin.com/in/kidehen
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Thursday, 18 October 2012 11:55:11 UTC