Re: indicating 'private browsing mode' over the net (was Re: Super Cookies in Privacy Browsing mode)

On 29 Jan 2015, at 22:31, "chaals@yandex-team.ru" <chaals@yandex-team.ru> wrote:

> 29.01.2015, 18:41, "Wendy Seltzer" <wseltzer@w3.org>:
>> On 01/29/2015 09:43 AM, David Singer wrote:
>>>>  On Jan 29, 2015, at 15:33 , chaals@yandex-team.ru wrote:
>>>> 
>>>>  Basically +1… more inline
>>>  yay, I think you have it and we’re converging.  Yes, the [priest+doctor | server] clearly knows that it’s Chaals under both personae; but as you say, [he it] is being respectful that in one case they are treating your body and the other your soul, and keeps those considerations separate.
>>> 
>>>  Yes, it’s like encountering your shrink at a party.  He knows it’s you, you know he knows; but he doesn’t expose in this context (the party) what he knows from the other context (the analysis sessions). That is respecting your privacy.
>> 
>> Interesting mix of norms and tech -- and yes, a different privacy threat
>> model from the one many of us are accustomed to considering. Here, we're
>> trusting the server to share our interests
> 
> Actually there is a quid pro quo. We'll give the server data, if they state that they will respect our conditions.
> 
>> and want to help us enforce
>> the contextual boundaries we choose, even if its knowledge could span
>> those boundaries.
> 
> Right.
> 
>> This model is a better match with the Web Origin security model -- where
>> an origin site is presumed to have control of the web application
>> security, and the end-user must choose to trust the origin (with limited
>> user-side overrides) or not visit the site.
> 
> Yeah. And a better match with a lot of reality I think. 
> 
> The idea that you will use services in private mode without any of the convenience tracking and cookies give isn't one I would like a corporate security policy to be reliant on.
> 
> But the idea that you'll treat each other with respect, because it is in both parties' interest, is how people successfully collaborate from a scale of 1-on-1 to global geopolitics.

Except that there's currently a big power imbalance between users and service providers, with the latter tending towards a "take it or leave it" approach, as noted just above, by David. 

> 
>> I wonder what sorts of feedback could help to reinforce to end-users
>> that their trust was in fact merited.
> 
> The obvious one is reputation management, which can be done by browsers, third parties, 

Right, and a key factor here is that a third party agent is not economically obliged to prioritise the service provider's interests - so their inclusion in the value chain can help re-balance power in favour of the end user community. 

FYI, ISOC has a project called ToSBack/2 which we hope will form part of a similar kind set-up; it's based on a back-end repository in which we track and highlight changes to Terms of Service, over time. Our hope is that third parties will use the resulting data to produce added value, for instance by building up a reputation score that reflects service providers' adherence to the terms they offer (or alerts users when the terms change in some new and privacy-eroding way...).
It's not an identical scenario to the one we're discussing here, but there are definitely parallel in the approach.

> 
> If we developed some specific terms, you could go beyond that, but I doubt we would ever agree on them. 
> 
> On the other hand, using such a mode, in conjunction with a privacy-friendly regulatory environment and the sort of warning systems that currently protect us against malware, phishing and spam might be enough for a lot of people - and a motivator for competing services to find ways of demonstrating that they too are equally deserving of people's trust…
> 
> Which would probably be a step forward.
> 
> cheers
> 
> --
> Charles McCathie Nevile - web standards - CTO Office, Yandex
> chaals@yandex-team.ru - - - Find more at http://yandex.com

Received on Friday, 30 January 2015 10:07:52 UTC