Hi Nick > Jeffrey's proposal can be a good starting point for that, certainly, but I > think this should work like the TAG's Design Principles - it's a living > guidance document, and it should make it clear what is being assessed by > the PING review process. If new types of privacy concerns arise, they > should be added to the document. > > > +1 for keeping such documents regularly updated. I believe that’s also a > motivation behind the existing "Self-Review Questionnaire: Security and > Privacy” doc (also published by the TAG) including a final question to > users about what updates would be helpful. > Thanks for flagging it. Indeed that was among the goals of this question. At the same time I wonder if on some occasions it would not be useful to understand it as "we feel that our particular API is a special case and gives rise to these additional issues that we would like to flag...". So for example years ago that would be the case of sensors. Cheers LukaszReceived on Wednesday, 25 September 2019 07:24:39 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:49:38 UTC