- From: Lukasz Olejnik (W3C) <lukasz.w3c@gmail.com>
- Date: Tue, 9 May 2017 20:27:47 +0200
- To: David Singer <singer@apple.com>
- Cc: Rob van Eijk <rob@blaeu.com>, Nat Sakimura <sakimura@gmail.com>, "public-privacy@w3.org" <public-privacy@w3.org>
- Message-ID: <CAC1M5qqN9FSqoob+MnTHeHvqCgsz+13_kW36zUJ7m0GYeK9PUw@mail.gmail.com>
Hello, 2017-05-08 19:30 GMT+02:00 David Singer <singer@apple.com>: > > > On May 6, 2017, at 3:46 , Rob van Eijk <rob@blaeu.com> wrote: > > > > >> is there a ‘paradigmatic review’ which would help educate the > community what it’s like to think about privacy issues? > > Obviously, scholars and standardization bodies have been working on this > toping since many years. > > I think we’re at cross purposes. I am wondering if there is some value of > having a short session at TPAC where we take a recent spec. that’s worked > its way through the consortium, and went through PING for privacy review, > and explain to the consortium “how did we do the privacy review of this > spec.”. Demonstrate how to go about thinking of a privact review, and how > ot write a privacy considerations section. We somehow need to get it to > the point that the privacy experts are verifying that the privacy > considerations section, and the privacy thought in the specs., are good, > not that we’re doing privacy-thinking post-facto. We have to have ‘good > privacy’ part of the design process, not part of the review. > I'm kindly volunteering to provide a well-researched perspective on a case-study basis we made: https://blog.lukaszolejnik.com/battery-status-not-included-assessing-privacy-in-w3c-web-standards/ (paper here: http://lukaszolejnik.com/AssessingPrivacyWebStandardsIWPE17.pdf ). To make the story short. It's sometimes pretty challenging to go through all the possible risks. But I kindly offer the case study of Battery Status API as a blueprint. Perhaps you may find some additional perspective in a different work here: - https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/ - https://blog.lukaszolejnik.com/privacy-of-ambient-light-sensors/ I would risk saying that I have a pretty structured way of work. But structured does not mean we cans find an "ultimate solution". It's a process. So we're speaking about privacy review process. My question is - is there any document by AC or TAG devoted to the aspects on the process level? > > So I would like to work through an example spec. and how the privacy > considerations ended up being written, as a way to show/teach people how to > fish for themselves. The model where a small interest group does the > privacy review post-facto is unsustainable, IMHO, for two reasons (a) the > group is too small and (b) ‘wide review’ stage is waaay too late to be > thinking about privacy implications. > My take is that some point experts still need to be involved, at least in the medium term. Editors may not always have aligned interests towards privacy. It's also not always their focus. Best regards Lukasz
Received on Tuesday, 9 May 2017 18:28:22 UTC