W3C home > Mailing lists > Public > public-privacy@w3.org > October to December 2015

Re: Status of privacy review of Presentation API?

From: Joseph Lorenzo Hall <joe@cdt.org>
Date: Tue, 10 Nov 2015 17:10:58 -0500
Message-ID: <CABtrr-WgaDq8rdLvn6xdkV9cVHJ_hPM2oJj3KSbgNFeFSqLKxg@mail.gmail.com>
To: fd@w3.org
Cc: "public-privacy (W3C mailing list)" <public-privacy@w3.org>, Greg Norcie <gnorcie@cdt.org>, "Kostiainen, Anssi" <anssi.kostiainen@intel.com>
Francois, there is no formal end state for our privacy reviews since
this is a volunteer effort and one that is evolving (and PING folks
sort of drift in and out of lines of work). Perhaps we could set a
time for you and someone directly involved in the spec or
implementations to sit down with Greg Norcie who did the review? It
could be that walking through some of the aspects of our questionnaire
and the responses could 1) expose places that maybe we had
misunderstandings; or 2) places where the spec could be a bit more
clear for reviewers (e.g., a form of non-implementing audience for the

best, Joe

On Fri, Nov 6, 2015 at 11:56 AM, Francois Daoust <fd@w3.org> wrote:
> Hello Privacy group,
> I'm not clear as to the status of the privacy review of the Presentation API specification. I see that there has been an initial review led by Greg [1] which was also used to fine-tune the privacy questionnaire, and then a call for volunteers to finalize the review [2], although I did not find something else in the mailing-list. Could you clarify the current status?
> The Second Screen Working Group had its F2F at TPAC and went over the review at [1]. It seems very focused on audio/video, and we wonder whether that is intended. The Presentation API has two modes of operation:
> - the 1UA case where a user agent renders the content at the requested URL locally and indeed streams the resulting audio/video to the second screen
> - the 2UA case where a user agent connects with another user agents to ask it to render the content at the requested URL. No audio/video streaming occurs in that case, but a communication channel gets established between the two user agents.
> I think the group's idea is to see the 1UA case along the lines of: the second screen is part of the "computer" where the user agent runs, which controls the audio/video link in the same vein as it controls the usual "link" with the main display over some internal bus or a VGA/HDMI/Miracast connection. Is the potential privacy concern around the fact that the audio/video stream could be intercepted, or that the second screen could perhaps be considered as a separate computer that could record the streams?
> Thanks,
> Francois,
> W3C Staff Contact,
> Second Screen Working Group
> [1] https://lists.w3.org/Archives/Public/public-privacy/2015JulSep/0120.html
> [2] https://lists.w3.org/Archives/Public/public-privacy/2015JulSep/0138.html

Joseph Lorenzo Hall
Chief Technologist
Center for Democracy & Technology
1634 I ST NW STE 1100
Washington DC 20006-4011
(p) 202-407-8825
(f) 202-637-0968
PGP: https://josephhall.org/gpg-key
fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871
Received on Tuesday, 10 November 2015 22:11:47 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:49:31 UTC