W3C home > Mailing lists > Public > public-privacy@w3.org > January to March 2020

Re: Input on threat model from browser privacy summit slides

From: David Singer <singer@apple.com>
Date: Fri, 21 Feb 2020 10:17:50 -0800
Cc: Matthew Finkel <matthew.finkel@gmail.com>, Nala Ginrut <mulei@gnu.org>, public-privacy@w3.org
Message-id: <CDB7045C-8031-4D76-848C-3F53BAEED7B3@apple.com>
To: Joshue O Connor <joconnor@w3.org>

> On Feb 21, 2020, at 10:12 , Joshue O Connor <joconnor@w3.org> wrote:
>> "Yes, but...". I'll make a stronger statement and say "user
>> customizable preferences should either 1) not cause a reduction in the user's
>> privacy, or 2) explicitly warn users if adjusting that setting will reduce
>> their privacy".
> +1.  Also note it would be just weird if turning on some a11y customisation did have the unwanted side affect of compromising their privacy. But this is what we need to make sure doesn't happen. Weirder if they were told this was the case beforehand.

The obvious way this happens is that turning on any option — not just accessibility — differentiates you from the default of the population and if it’s detectable, increases your fingerprint surface. Is that something we need to warn about?

David Singer
Manager, Software Standards, Apple Inc.
Received on Friday, 21 February 2020 18:18:08 UTC

This archive was generated by hypermail 2.4.0 : Friday, 21 February 2020 18:18:09 UTC