- From: ashok malhotra <ashok.malhotra@oracle.com>
- Date: Mon, 08 Mar 2010 12:24:15 -0800
- To: "www-tag@w3.org" <www-tag@w3.org>
Richard Barnes, who is co-chair of the IETF Geoprivacy WG contacted me after reading my comment on the Geolocation action in the minutes. I had a telcon with Richard and Mark Linsner of Cisco and they briefed me on their interactions with the Geolocation WG, and we discussed the model they are recommending.. As you know, the Geopriv folks made a comment on the LCWD of Geolocation. http://lists.w3.org/Archives/Public/public-geolocation/2009Aug/0003.html. The response is at http://lists.w3.org/Archives/Public/public-geolocation/2009Oct/0008.html and includes the words: "Both proposals met significant resistance in the working group and the decision was taken not to adopt either of them." John Morris of the Center for Democracy and Technology also made similar Last Call comments which were also turned down. John responds in http://lists.w3.org/Archives/Public/public-geolocation/2010Mar/0007.html by saying "that the process was deeply flawed, and that the substantive result represents a missed opportunity for the W3C to live up to the high standards that it previously sought to achieve." but he does not want to delay the spec any further The text re. privacy at the start of the WD has been strengthened but the issue continues to rankle. The Geopriv folks have prepared a proposal [1] that includes the ability to transmit user-defined rules along with the location information. A recently published paper on Geolocation and privacy [2] says: "But though these requirements are normative sections of the specification, they are not functional require- ments that directly in influence how the API works. None of these notices are communicated as part of API calls, and none of these requirements are enforced by the user agent (as a practical matter, it is impossible to enforce them, because the API does not provide any way in which this enforcement could be supported). Instead, web sites are expected to use the HTML content of their own pages to make details about collection, usage, storage and access clear to their visitors. The specification does not detail any particular interface or language requirements and no de-facto standards exist. Web sites vary in their implementation of these rules and very often fall short;..." The authors of the paper investigated 22 Websites that used the Geolocation API. They say "Out of 22 instances, not a single web site informed users of their privacy practices with respect to collected location data up front, that is, before they were presented with a prompt for their location. As a result, we suspect that virtually no users encountering the W3C Geolocation API are fully informed about the requesting site's information practices when they decide whether or not to reveal their location." The paper does a good job of surveying the landscape of privacy policy and available privacy models. In the end, it makes four recommendations re. the Geolocation API. Two of these are very similar to the Geopriv recommendations: - To be able to send location information at various granularities. - Add functional requirements to allow machine- and human-readable notices to be sent along with each request for user location. As an alternative they recommend the Geopriv model where privacy rules are transmitted along with the location information. The New York Times article [3] on privacy research features the work of Lorrie Faith Cranor who was the chair of the W3C P3P WG. The direction they are taking is to write software to detect when information is being requested that would compromise privacy. When it detects this, a pop-up appears and warns the user who could abort the request. But this too, would have to be implemented by the browser vendors. Richard and Mark informed me that John Morris from the Center for Democracy and Technology was going to testify before the House Energy and Commerce Committee on Feb 24. They think (fear?) that Congress will impose some rules to protect privacy, like they did with VOIP and 911 calls and we will have to live with them for better or for worse. So, I think this issue will continue and gather momentum. For example, OASIS has started a privacy management mailing list: privacymgmt-discuss@lists.oasis-open.org which a preliminary to forming an OASIS TC. As an architectural principle, sending privacy rules along with the data seems to be gaining adherents. Perhaps we can standardize on that. [1] http://geopriv.dreamhosters.com/w3c/ [2] http://www.escholarship.org/uc/item/0rp834wf [3] http://www.nytimes.com/2010/02/28/technology/internet/28unbox.html?ref=business -- All the best, Ashok
Received on Monday, 8 March 2010 20:25:13 UTC