Re: Can you confirm if you want the sensitive data exception for timeouts

> However we don't force them to keep the data, it's just that if they
don't they need to provide a warning about any timeout period.

Yes, I agree Lisa. I was struggling with the idea of a sensitive
information exception, because I think almost  *anything* the user fills
out (Name, Address, age etc...) would fit in that category and would
undermine the SC. So I think it can stand as is for this draft...

> Understanding document should also explain why we don't offer the
alternative approach of prompting the user at the end of the timeout period
with an option to extend.

Yes, I agree. Also, once we establish this new SC, we'll probably need to
do a bit of back and forth with 2.2.1 so people are not confused.  Perhaps
the clarification would be in both understanding docs or even a bit of
adjustment to the language of either/both SCs (without decreasing WCAG 2
requirements).  2.2.1 requires time to be extended up to 10 times the
default. The usual way that is implemented is a warning at the end of the
first cycle "Do you want more time?" So authors may be confused about
saying how much time the user has.... is it the default time out, or is it
the extended time out required under 2.2.1.  which could be confusing (i.e., if
the author announces the extended time at the front, is that extended time
now considered the default time, and will the user expect to be able to
extend THAT, 10 x.

Cheers,
David MacDonald



*Can**Adapt* *Solutions Inc.*

Tel:  613.235.4902

LinkedIn
<http://www.linkedin.com/in/davidmacdonald100>

twitter.com/davidmacd

GitHub <https://github.com/DavidMacDonald>

www.Can-Adapt.com <http://www.can-adapt.com/>



*  Adapting the web to all users*
*            Including those with disabilities*

If you are not the intended recipient, please review our privacy policy
<http://www.davidmacd.com/disclaimer.html>

On Fri, May 5, 2017 at 2:25 AM, Greg Lowney <gcl-0039@access-research.org>
wrote:

> I brought up the case because I felt we should make an explicit decision
> about it, but my preference is to not include an exception in the SC, and
> instead to add wording to the Understanding document explaining the
> rationale as you stated it: if any data cannot be saved, whether to
> security or other reasons, they need to either warn about the timeout ahead
> of time or make the timeout period extremely long.
>
> Speaking of which, the Understanding document should also explain why we
> don't offer the alternative approach of prompting the user at the end of
> the timeout period with an option to extend.
>
>     Greg
>
>
> -------- Original Message --------
> Subject: Can you confirm if you want the sensitive data exception for
> timeouts
> From: lisa.seeman <lisa.seeman@zoho.com> <lisa.seeman@zoho.com>
> To: W3c-Wai-Gl-Request@W3. Org <w3c-wai-gl@w3.org> <w3c-wai-gl@w3.org>
> Date: 5/4/2017 7:57 PM
>
> Hi Folks
>
> on yesterdays call people asked to we'll add the sensitive data exception
> so that we do not  force people to keep sensitive data
>
> However we don't force them to keep the data, it's just that if they don't
> they need to provide a warning about any timeout period.
>
> People need to know how long they have to fill out the form. I do not
> think that goes away just becuse the data is sensitive.
>
>
> Unfortunately the Que was closed and I could not comment, so I am not sure
> how to proceed here
>
> Do we want  the sensitive data exception?
>
> Also can anyone suggest wording for sensitive data that will not create a
> huge loophole for everything?
>
> what I have so far is :
> sensitive information - information that can put users at risk
>
>
> issue on github is : https://github.com/w3c/wcag21/issues/14
>
> All the best
>
> Lisa Seeman
>
> LinkedIn <http://il.linkedin.com/in/lisaseeman/>, Twitter
> <https://twitter.com/SeemanLisa>
>
>
>
>