PING - informal chairs' summary - 11 July 2013 from Tara Whalen on 2013-08-21 (public-privacy@w3.org from July to September 2013)

From: Tara Whalen <tjwhalen@gmail.com>
Date: Wed, 21 Aug 2013 11:51:01 -0700
To: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Message-Id: <EB553B51-0FA2-4262-9A61-6C06F07AA8AE@gmail.com>

Informal chairs' summary - 11 July 2013

Many thanks to Frank Dawson for providing us with an excellent overview of the Specification Privacy Assessment document.

Thanks very much to Joe Hall and Nick Doty for scribing.

The next call will be on 22 August 2013 at the usual time.

* Discussion of privacy guidance documents

The chairs noted that the progress on these documents has not moved forward as quickly as anticipated due to the workload of the Tracking Protection WG, in which many PING members participate.

- Fingerprinting Guidance for Specification Authors [Editor: Nick Doty]

[1] http://w3c.github.io/fingerprinting-guidance/

Nick Doty has made excellent progress on this document, which is intended to serve as guidance for specification authors about the privacy implications of browser fingerprinting. We discussed the fingerprintability of User Agent Strings and the possibility of identifying a user over time with a UA string plus IP address. It was proposed that PING gather use cases for UA strings (e.g. device optimisation) and consider in which circumstances their fingerprintability could be reduced. In particular, given that the entropy and fingerprintability of these strings has increased with their complexity, how might we reasonably reduce the fingerprintability without impairing their usefulness?

One suggestion was to decrease diversity that does not affect functionality. However, it was also noted that in the mobile area, US strings are widely used to understand what kind of device is being used as well as for access and authentication, so “it seems the horse if out of the barn”. Nick observed that every browser is now using Gecko.

We also discussed passive vs. active fingerprinting from the perspective of how easy or difficult it might be to address these types of fingerprinting. Active fingerprinting is more likely to be detectable even if not preventable and there are things that the user could do to prevent this type of fingerprinting (e.g. disabling JavaScript).

It was suggested that there should be some outreach to the larger community, to see who could provide insights into fingerprinting and/or as to what functionality would be needed across the browser; Nick will follow up with Joe Hall about some of the academic work, and email public-privacy and w3c-internal lists about working groups with knowledge of the usage of user agent strings. Rob kindly offered to help with the compilation of use cases for UA strings.

Feedback on the draft fingerprinting guidance is welcome and requested.

- Specification Privacy Assessment (SPA) [Editor: Frank Dawson]

[2] http://yrlesru.github.io/SPA/

This document seeks to provide a methodology for undertaking systematic privacy reviews of W3C specifications, and guidance for writing privacy considerations. Frank published this on github (with some assistance from Nick Doty and Art Barstow) and provided a thorough walkthrough of the document during the call. This overview generated a great deal of discussion among participants. This included a debate over the value of data flow analysis, which some found helpful for clarifying privacy problems, but there was also some concern over whether this approach sufficed to identify privacy issues in certain cases. Frank observed that he found the data flow approach helpful and that the PIA approach generally is getting a lot of support, but also acknowledged that this approach may be more for engineers who may not have a background in basic privacy theory (such as the Fair Information Principles). There was also discussion around the document's logic diagram that outlines whether or not a specific assessment is needed; Frank noted that engineers more readily worked with privacy when it was made more quantifiable and measurable. Also of note was a desire to not overburden specification authors with demands concerning privacy considerations, and to be as pragmatic as possible. It was suggested that the SPA might be tested by applying it to some specifications currently under review - namely, getUserMedia and Encrypted Media Extensions. The SPA document is under further development and further comments were solicited on the mailing list.

* Volunteers were requested for assistance on the three privacy guidance documents, as well as for getUserMedia [led by Hannes Tschofenig] and Encrypted Media Extensions [led by Wendy Seltzer]

Link to the minutes: http://www.w3.org/2013/07/11-privacy-minutes.html

Christine and Tara

Received on Wednesday, 21 August 2013 18:51:32 UTC