Privacy review of the Remote Playback API - comments

Following the Chair's request for comments I have three comments to raise:

1)   In the section "Disabling remote playback", consider to add the requirement that the monitoring of devices must not occur if the feature is disabled by the user, thus "If the disableRemotePlayback attribute is present on the media element, the user agent MUST NOT monitor availability, play the media remotely or present any UI to do so.

2)   It is unclear if the callbackId is derived from a unique identifier on the Callback device (e.g. a hash value of a MAC address). Is there any reason why this could not be generated for each session by the UA? It would still be unique across all callback devices on the network but different devices on the same network could have a different set of unique devices and thus reducing the potential for device fingerprinting.

3)   Does the RemotePlaybackAvailabilityCallback object include a human-readable name to identify the Callback object? E.g. "kitchen speaker", "bedroom TV", "Medical device"? Would this also be exposed outside of the UA? Privacy implications would vary depending on where this human-readable name is disclosed, if any.
Simon


The ICO's mission is to uphold information rights in the public interest. To find out more about our work please visit our website, or subscribe to our e-newsletter at ico.org.uk/newsletter.  

If you are not the intended recipient of this email (and any attachment), please inform the sender by return email and destroy all copies without passing to any third parties.

If you'd like us to communicate with you in a particular way please do let us know, or for more information about things to consider when communicating with us by email, visit ico.org.uk/email

Received on Wednesday, 25 January 2017 13:09:20 UTC