- From: Eric J. Bowman <eric@bisonsystems.net>
- Date: Tue, 30 Dec 2014 19:37:51 -0700
- To: Daniel Appelquist <appelquist@gmail.com>
- Cc: TAG List <www-tag@w3.org>, Ian Jacobs <ij@w3.org>
Would it hurt to discuss liability? Website owners can't be held liable for content visitors contribute to their sites, why make them liable for the privacy of content visitors access on their sites? Isn't serving HTTPS taking responsibility for visitor privacy, thus incurring liability if that privacy is violated by a third party? (Assuming I mean implementing ubiquitous HTTPS for privacy, vs. just using HTTPS to collect data my TOS assures users won't be used. The latter is privacy I'm willing to guarantee. The former, isn't.) While that may be fine for large content providers (YouTube, banks) with legal departments, the equation is different for small businesses serving "brochure" content that doesn't need encryption. Does providing that encryption come with a liability cost, elevating the potential expense of hosting brochure sites to that of hosting bank sites? If so, is it an interim effect which diminishes with HTTPS adoption? Will HTTPS achieve enough ubiquity to mitigate this potential liability? Or, would this potential liability drive content providers to the likes of Facebook, at the expense of independent Web Developers? -Eric
Received on Wednesday, 31 December 2014 02:38:13 UTC