- From: Christine Runnegar <runnegar@isoc.org>
- Date: Wed, 24 Jun 2015 04:37:18 +0000
- To: Joseph Lorenzo Hall <joe@cdt.org>
- CC: Chaals from Yandex <chaals@yandex-team.ru>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Thank you Charles and Joe for starting the discussion in the lead up to the call on Thursday. In preparing to discuss this document, everyone, please do not forget the work already undertaken by Hannes, Frank and Nick on privacy considerations, SPA and fingerprinting. (You will find these on http://www.w3.org/Privacy/) Christine and Tara > On 22 Jun 2015, at 9:43 pm, Joseph Lorenzo Hall <joe@cdt.org> wrote: > > We have done some work that we'll send to PING this week (hopefully > before Thursday's call) on this questionnaire... some of it will get > to your critique, Chaals, but let's definitely slot in a discussion of > this questionnaire, how PING should respond (I'd hope with a > coordinated voice back to TAG), etc. > > On Mon, Jun 22, 2015 at 10:56 AM, <chaals@yandex-team.ru> wrote: >> Hi, >> >> The questionnaire: https://w3ctag.github.io/security-questionnaire/ seems overly focused on security. >> There should be a section at the beginning of the threats on "inviting users to expose themselves". >> >> Users are generally unaware of where their data goes, and are often not really able to understand the implications of a privacy policy even if one exists. They are generally prepared to give up information in exchange for some service, but inviting them to do so without being very clear (in terms a seven-year old can understand, although to be fair many 4 year-olds can use the web) of the consequences, effectively puts them at risk. >> >> I would like to see a specific discussion of the fact that users are poor at anticipating the long-term cumulative consequences of repeatedly giving up small amounts of information. >> >> I think the questions on e.g. location information are valuable, but they seem to be phrased far too atomically. >> >> One way to think of sensitive material is to consider how hard it is to replace, if an unfriendly party has it - your name is harder to change than your passport, which is harder to change than a credit card, which is harder to change than a certain amount of cash. >> >> Another is to consider the cost of an unfriendly party having it. >> >> Someone may use your credit card to spend your money. The cost of lost cash is fairly simple to calculate. But authenticating to an online service like a social network as you, and developing a reputation for things that you would not do, can be very damaging. Even worse is something that compromises the security of your possessions (e.g. knowing when you are not at home) or your person (e.g. knowing where you are, whether you are alone, with relative strangers, or in a group of friends and family) - all of which is magnified by having personal information - age, gender, etc… >> >> cheers >> >> Chaals >> >> -- >> Charles McCathie Nevile - web standards - CTO Office, Yandex >> chaals@yandex-team.ru - - - Find more at http://yandex.com >> > > > > -- > Joseph Lorenzo Hall > Chief Technologist > Center for Democracy & Technology > 1634 I ST NW STE 1100 > Washington DC 20006-4011 > (p) 202-407-8825 > (f) 202-637-0968 > joe@cdt.org > PGP: https://josephhall.org/gpg-key > fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 >
Received on Wednesday, 24 June 2015 04:38:56 UTC