Re: [webrtc-stats] Stats API should require additional permission / user opt-in (#550)

> these privacy leaks need to be addressed _in the functionality of the standard_

We should first check whether, in our current model, these are leaks.
For audio/video/data, WebRTC assumes pages have access to the content so I do not consider them as leaks.
Isolated streams is a proposal that tries to change this model. With that proposal, we should indeed consider whether stats are leaking and I believe audioLevel does indeed leak information.

In general, stats do not seem absolutely necessary for what the user intends to do.
As such, I would like them to be privacy neutral and we should probably require that.
With regards to decoderImplementation, I think it can be implemented in such a way that it will not provide any more fingerprinting information than say the user agent string, but might still provide a more easy way to get that information. Should we add a requirement along those lines?

I am not a big fan of gating stats on getUserMedia.
Some websites provide a button to report a problem. In that workflow, I could see how a prompt to gather more information might be feasible. It doesn't seem to meet the bar so far though.

GitHub Notification of comment by youennf
Please view or discuss this issue at using your GitHub account

Received on Wednesday, 19 February 2020 16:46:47 UTC