- From: Tara Whalen <tjwhalen@gmail.com>
- Date: Wed, 25 May 2016 22:55:39 -0700
- To: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
- Message-ID: <CA+T70AgaHSGfvebYFRzxjvCozM6As__P64n9g75K53VaguRE-w@mail.gmail.com>
PING – informal chairs summary – 28 April 2016 Thank you to Doug Schepers, Ivan Herman, Rob Sanderson and Tim Cole (Web Annotation WG), as well as Ian Jacobs (Web Payments WG), for joining our call. Thanks to Keiji Takeda for acting as scribe. Our next call will be on 26 May 2016 at the usual time. * Web annotation model and protocol privacy considerations The Web Annotation WG has three specifications that they hope to move to CR within the very near future. These are the Web Annotation Data Model [1], the Web Annotation Vocabulary [2], and the Web Annotation Protocol [3]. By way of background, an annotation is basically a set of connected resources, typically a body (e.g., comment or tag) and a target (what the body is “about”). There may be associated metadata, such as who created the annotation. The WG has been coming up with ways to describe particular parts of an item (e.g., a specific element to comment on, not whole website), taking into account such considerations as dynamic web content. Primarily, the privacy considerations raised were those around identity, for example: reputation systems (to reduce spam), or how to get value from an anonymous annotation system. Key issues include support for private annotations, and the risks of online harassment and user tracking across sites. PING discussion began with asking about expected applications for annotations, in order to anticipate what types of data might be in the system; many of the motivations (such as reviewing) were identified in the specification. Note that there is a lot of scope, and one of the difficult questions the WG is working on is: what is the scope of annotation, and what do we expect it to be used for? There is also the issue of private annotations: a person might wish to have private bookmarks, etc., or maybe a specific group, such as a class. People might also wish to publish annotations outside the context of the web content (e.g., posting snippet and comment on Twitter). But if annotations are displayed in the original website, it could be like having a comment section that the website owner cannot control. The WG welcomes comments; there are meetings in May (f2f and I Annotate conference), and the WG would like to get into CR at that stage so they can complete that process before the charter ends at TPAC. * Web Payments specs privacy considerations The Web Payments WG presented a slide deck [4], with a brief overview of the first Public Working Drafts and the privacy considerations they had identified for initial discussion. In brief, the Web Payments WG is looking at how to improve web-based payments with the user agent acting as a mediator in the transaction. For example, users could choose from a variety of payment methods supported by merchants; ideally, there would be low cost to support a range of payment methods, with a better user experience. From a privacy perspective, there could be some gains: for example, if you could keep payment credentials client-side. However, consider the case where a merchant would want to know if the user has installed a certain app -- such as the merchant’s own payment app (which could perhaps offer a discount); how might this information be communicated, if we don’t want the merchant to be able to query the user about which apps they have installed? There is also a desire to avoid leaking credentials; the WG believes that the API will help make it evident when users are sending credentials. Another issue that was raised was fraud -- the WG would like to find a way to enable fraud analytics but in a privacy-friendly fashion. They welcome continued interaction with PING in working through these issues. The WG is scheduling a f2f in July and would appreciate comments in advance of this meeting. Christine and Tara [1] https://www.w3.org/TR/annotation-model/ [2] https://www.w3.org/TR/annotation-vocab/ [3] https://www.w3.org/TR/annotation-protocol/ [4] https://www.w3.org/2016/Talks/ij_ping/
Received on Thursday, 26 May 2016 05:56:07 UTC