W3C home > Mailing lists > Public > public-privacy@w3.org > October to December 2015

Re: Status of privacy review of Presentation API?

From: Christine Runnegar <runnegar@isoc.org>
Date: Wed, 11 Nov 2015 10:37:00 +0000
To: Joseph Lorenzo Hall <joe@cdt.org>
CC: "fd@w3.org" <fd@w3.org>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>, Greg Norcie <gnorcie@cdt.org>, "Kostiainen, Anssi" <anssi.kostiainen@intel.com>
Message-ID: <B771893A-D77C-4D3E-B937-99FA3C3524D5@isoc.org>
Hi all,

Thanks for reaching out again Francois. If it would be helpful, we could add this item to our agenda for the call on 3 December 2015 UTC 17.


> On 10 Nov 2015, at 11:10 pm, Joseph Lorenzo Hall <joe@cdt.org> wrote:
> Francois, there is no formal end state for our privacy reviews since
> this is a volunteer effort and one that is evolving (and PING folks
> sort of drift in and out of lines of work). Perhaps we could set a
> time for you and someone directly involved in the spec or
> implementations to sit down with Greg Norcie who did the review? It
> could be that walking through some of the aspects of our questionnaire
> and the responses could 1) expose places that maybe we had
> misunderstandings; or 2) places where the spec could be a bit more
> clear for reviewers (e.g., a form of non-implementing audience for the
> specification).
> best, Joe
> On Fri, Nov 6, 2015 at 11:56 AM, Francois Daoust <fd@w3.org> wrote:
>> Hello Privacy group,
>> I'm not clear as to the status of the privacy review of the Presentation API specification. I see that there has been an initial review led by Greg [1] which was also used to fine-tune the privacy questionnaire, and then a call for volunteers to finalize the review [2], although I did not find something else in the mailing-list. Could you clarify the current status?
>> The Second Screen Working Group had its F2F at TPAC and went over the review at [1]. It seems very focused on audio/video, and we wonder whether that is intended. The Presentation API has two modes of operation:
>> - the 1UA case where a user agent renders the content at the requested URL locally and indeed streams the resulting audio/video to the second screen
>> - the 2UA case where a user agent connects with another user agents to ask it to render the content at the requested URL. No audio/video streaming occurs in that case, but a communication channel gets established between the two user agents.
>> I think the group's idea is to see the 1UA case along the lines of: the second screen is part of the "computer" where the user agent runs, which controls the audio/video link in the same vein as it controls the usual "link" with the main display over some internal bus or a VGA/HDMI/Miracast connection. Is the potential privacy concern around the fact that the audio/video stream could be intercepted, or that the second screen could perhaps be considered as a separate computer that could record the streams?
>> Thanks,
>> Francois,
>> W3C Staff Contact,
>> Second Screen Working Group
>> [1] https://lists.w3.org/Archives/Public/public-privacy/2015JulSep/0120.html
>> [2] https://lists.w3.org/Archives/Public/public-privacy/2015JulSep/0138.html
> -- 
> Joseph Lorenzo Hall
> Chief Technologist
> Center for Democracy & Technology
> 1634 I ST NW STE 1100
> Washington DC 20006-4011
> (p) 202-407-8825
> (f) 202-637-0968
> joe@cdt.org
> PGP: https://josephhall.org/gpg-key
> fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871
Received on Wednesday, 11 November 2015 10:37:33 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:49:31 UTC