- From: Samuel Weiler <weiler@w3.org>
- Date: Wed, 27 Jan 2021 07:41:35 -0500 (EST)
- To: Matthew Finkel <matthew.finkel@gmail.com>
- cc: public-privacy@w3.org
On Tue, 26 Jan 2021, Matthew Finkel wrote: >> This page shows _open_ privacy review issues: >> >> https://w3c.github.io/horizontal-issue-tracker/?repo=w3cping/tracking-issues > > Ah! Thank you, Sam! This isn't what I was imagining, but I think it's better in > some ways. Is there any place where PING tracks privacy risks/considerations > that are flagged in the spec but a tracking issue is not created? For example, a > draft already says that some new functionality could be incorporated into a > browser fingerprint, but an issue is not created for it, for whatever reason? Our[*] self-review questionnaire and Nick's excellent fingerprinting doc are the repositories for such knowledge. They track _types_ of privacy harm, though they're not complete catalogs of fingerprinting surface or other individual "leaks" in the platform. https://w3ctag.github.io/security-questionnaire/ https://w3c.github.io/fingerprinting-guidance/ If you see something that isn't identified in those documents, open an issue against one of them? (There are some open issues already, including a request to add ephemeral fingerprinting. If you or anyone else have some cycles and want to wield a pen, feel free to write some text... https://github.com/w3c/fingerprinting-guidance/issues ) -- Sam [*] We publish the Questionnaire jointly with W3C's TAG.
Received on Wednesday, 27 January 2021 12:41:40 UTC