Re: privacy questionnaire

Hi Mike,

Thanks, those are both great suggestions.

If you'd like, you can actually edit the wiki directly:
https://www.w3.org/wiki/index.php?title=Privacy_and_security_questionnaire&action=edit&section=2

I don't want to create a situation where I'm the "gatekeeper" on all edits
- while it'd be nice to reach a consensus on list before editing, everyone
has the ability to edit the questionnaire. (Just please put in a small edit
summary)


On Sat, Aug 15, 2015 at 4:41 PM, Mike O'Neill <michael.oneill@btinternet.com
> wrote:

> Hi Greg,
>
>
>
> I think it would be a good idea to mention consent expiry in the
> questionnaire. Cookies and the DNT exception API have this capability,
> while some other recent APIs do not. For example it is a pity that there is
> no built in expiry for localStorage or indexedDB even though the prototype
> implementations for them did.
>
>
>
> How about this amendment to para 9 in the privacy section:
>
>
>
> 9. Can the user easily, preferably through an element of the GUI, revoke
> consent granted to a particular feature? Once consent has been given is
> there a mechanism whereby it is automatically revoked after a reasonable or
> user configurable period? Explanation: Consent should not be a one time
> affair, but an ongoing process. A user might forget they have given it or
> someone else may have given it for them, so it should not be granted for
> perpetuity.
>
> Example: If a user must clear all cookies and cache to turn off consent
> granted to their webcam, this is a poor consent model.
>
>
>
> Mike
>



-- 
/***********************************/

*Greg Norcie (norcie@cdt.org <norcie@cdt.org>)*

*Staff Technologist*
*Center for Democracy & Technology*
1634 Eye St NW Suite 1100
Washington DC 20006
(p) 202-637-9800
PGP: http://norcie.com/pgp.txt

Fingerprint:
73DF-6710-520F-83FE-03B5
8407-2D0E-ABC3-E1AE-21F1

/***********************************/