W3C home > Mailing lists > Public > whatwg@whatwg.org > March 2008

[whatwg] Geolocation API Proposal

From: Aaron Boodman <aa@google.com>
Date: Fri, 21 Mar 2008 09:51:28 -0700
Message-ID: <278fd46c0803210951r673f19b3y4bef5fbe5bedbf2b@mail.gmail.com>
On 3/21/08, Shyam Habarakada <shyamh at microsoft.com> wrote:
> If the container page/site is able to access location via any of these mechanisms, there is little to nothing that the user-agent can do to prent that site from forwarding the information to an ad provider. In other words, the privacy concerns around location cannot be solved with just technical solutions and would require the implementation and adherence to policies that protect the end-user.

There's a difference between a page forwarding private info to third
parties and the third parties just getting the private info for free.

In our proposal, we mention getting user permission before sharing the
location details with the application, or even giving them an option
to provide only approximate location. That is another reason why it is
useful to have an explicit method to start the API.

Perhaps you could do something similar with the HTTP mechanism, but I
don't know how, exactly.

Another issue with the HTTP headers approach is that it doesn't seem
like a natural fit for offline-enabled web apps that want to use the
location info offline.

- a
Received on Friday, 21 March 2008 09:51:28 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:01 UTC