Re: [w3ctag/design-reviews] WebXR Hand Input API Specification (#568) from Asanka Herath on 2020-11-24 (public-webapps-github@w3.org from November 2020)

From: Asanka Herath <notifications@github.com>
Date: Tue, 24 Nov 2020 06:50:13 -0800
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/568/733022404@github.com>

The security/privacy self review states:

> Data returned from this API, MUST NOT be so specific that one can detect individual users. If the underlying hardware returns data that is too precise, the User Agent MUST anonymize this data (ie by adding noise or rounding) before revealing it through the WebXR Hand Input API.

Could you elaborate a bit more on how an implementation should evaluate a noising or rounding strategy? I.e. how should an implementation evaluate anonymity?

Would there be recommendations around minimum fidelity for sensor readings?



-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/568#issuecomment-733022404

Received on Tuesday, 24 November 2020 14:50:26 UTC