Re: [w3ctag/design-reviews] DeviceOrientation Event Specification (Issue #928) from Daniel Appelquist on 2024-03-11 (public-webapps-github@w3.org from March 2024)

From: Daniel Appelquist <notifications@github.com>
Date: Mon, 11 Mar 2024 03:25:07 -0700
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/928/1988078258@github.com>

Hi @anssiko - thanks for sending this our way and thanks for the additional metadata.  
  
We're largely happy from an architectural point of view and I appreciate this is an update to an existing spec and that there is multi-implementer consensus - so great! 
  
In line with generally tightening up our privacy-related guidance, we have just updated our wording in the Design Principles about [exposing identifying information about devices](https://w3ctag.github.io/design-principles/#device-ids) and I'd like to draw your attention to it:  In our new guidance in 9.1, we say "A web app should not be able to distinguish between the user rejecting permission to use a sensor/capability, and the sensor/capability not being present."  From our read on the current spec, it's not clear what the behaviour is if a user rejects permission. Can you clarify?

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/928#issuecomment-1988078258
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/928/1988078258@github.com>

Received on Monday, 11 March 2024 10:25:11 UTC