- From: Samuel Weiler <weiler@w3.org>
- Date: Mon, 18 Mar 2019 10:35:23 -0400
- To: www-international@w3.org
I filed an issue on the Payment Request API that some of you might have input on. The API proactively sends some PII (personally identifiable information) before transaction completion in order to calculate shipping costs and sales tax. The API tries to clamp down what is sent pre-completion to only what is needed for those purposes. What it is still sending, though, is still excessive for these purposes in some jurisdictions just in the US - the API "overshares". I imagine that there are similar issues elsewhere in the world, and I wonder if the diversity of the world is so great that it is unreasonable to a priori define a minimal set of data to send that is both sufficient and necessary (and not beyond what is necessary) for all cases. Here a full write-up: https://github.com/w3c/payment-request/issues/842#issuecomment-473907871 Scroll back through that issue to see the full discussion. -- Sam Weiler, W3C
Received on Monday, 18 March 2019 14:35:26 UTC