Re: Status of privacy review of Presentation API?

We will be there!

On Wed, Nov 11, 2015 at 5:37 AM, Christine Runnegar <runnegar@isoc.org> wrote:
> Hi all,
>
> Thanks for reaching out again Francois. If it would be helpful, we could add this item to our agenda for the call on 3 December 2015 UTC 17.
>
> Christine
>
>> On 10 Nov 2015, at 11:10 pm, Joseph Lorenzo Hall <joe@cdt.org> wrote:
>>
>> Francois, there is no formal end state for our privacy reviews since
>> this is a volunteer effort and one that is evolving (and PING folks
>> sort of drift in and out of lines of work). Perhaps we could set a
>> time for you and someone directly involved in the spec or
>> implementations to sit down with Greg Norcie who did the review? It
>> could be that walking through some of the aspects of our questionnaire
>> and the responses could 1) expose places that maybe we had
>> misunderstandings; or 2) places where the spec could be a bit more
>> clear for reviewers (e.g., a form of non-implementing audience for the
>> specification).
>>
>> best, Joe
>>
>> On Fri, Nov 6, 2015 at 11:56 AM, Francois Daoust <fd@w3.org> wrote:
>>> Hello Privacy group,
>>>
>>> I'm not clear as to the status of the privacy review of the Presentation API specification. I see that there has been an initial review led by Greg [1] which was also used to fine-tune the privacy questionnaire, and then a call for volunteers to finalize the review [2], although I did not find something else in the mailing-list. Could you clarify the current status?
>>>
>>> The Second Screen Working Group had its F2F at TPAC and went over the review at [1]. It seems very focused on audio/video, and we wonder whether that is intended. The Presentation API has two modes of operation:
>>> - the 1UA case where a user agent renders the content at the requested URL locally and indeed streams the resulting audio/video to the second screen
>>> - the 2UA case where a user agent connects with another user agents to ask it to render the content at the requested URL. No audio/video streaming occurs in that case, but a communication channel gets established between the two user agents.
>>>
>>> I think the group's idea is to see the 1UA case along the lines of: the second screen is part of the "computer" where the user agent runs, which controls the audio/video link in the same vein as it controls the usual "link" with the main display over some internal bus or a VGA/HDMI/Miracast connection. Is the potential privacy concern around the fact that the audio/video stream could be intercepted, or that the second screen could perhaps be considered as a separate computer that could record the streams?
>>>
>>> Thanks,
>>> Francois,
>>> W3C Staff Contact,
>>> Second Screen Working Group
>>>
>>> [1] https://lists.w3.org/Archives/Public/public-privacy/2015JulSep/0120.html
>>> [2] https://lists.w3.org/Archives/Public/public-privacy/2015JulSep/0138.html
>>>
>>>
>>>
>>
>>
>>
>> --
>> Joseph Lorenzo Hall
>> Chief Technologist
>> Center for Democracy & Technology
>> 1634 I ST NW STE 1100
>> Washington DC 20006-4011
>> (p) 202-407-8825
>> (f) 202-637-0968
>> joe@cdt.org
>> PGP: https://josephhall.org/gpg-key
>> fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871
>>
>



-- 
Joseph Lorenzo Hall
Chief Technologist
Center for Democracy & Technology
1634 I ST NW STE 1100
Washington DC 20006-4011
(p) 202-407-8825
(f) 202-637-0968
joe@cdt.org
PGP: https://josephhall.org/gpg-key
fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871

Received on Wednesday, 11 November 2015 16:26:58 UTC