W3C

Pling Teleconference

12 Oct 2010

See also: IRC log

Attendees

Present
Renato Iannella, Rigo Wenning, Ashok Malhotra
Regrets
Thomas Roessler, Hannes Tschofenig, David Chadwick, Marco Casassa-Mont
Chair
Renato Iannella
Scribe
Renato (as Rigo reported)

Contents


First Report from Privacy and data usage control - Rigo

http://www.w3.org/2010/policy-ws/

<rigo> http://www.w3.org/2010/policy-ws/agenda.html

well attended

tbl was there for 2 days (!)

first day - Frederick Hirsch introduced DAP issues

absence of legal people

scribe: in the london workshop

real life issues from a telco....combine FB + AddressBook etc - real issues

everybody who as an AD and Web browser is a "data controller"

data protection directives....developers do not know the boundaries

need clear rules...good behaviour needed

EG: use of MAC address to find me....going beyond "expectations"

Nick Doty paper: simple policy negotiation mechanism

Suggestion: serialise P3P in JSON vocab - combine resulting semantics with Nick's work...

more research in UI....more guidelines....W3C needs to change the paradigm of the hand-off of the UI....

in Privacy...we (w3c) needs to more proactive and making UI more "aware"

Michael Hart paper: simple tagging system - resulting tag cloud was pretty precise

2nd Day - shaped by prez by Hal Abelson

<rigo> http://www.w3.org/2010/api-privacy-ws/papers/privacy-ws-37.html

Asks: "why are we doing all that"

Principle: I expect that this will not harm me....we need to protect these

EG: getting sacked for posting unsavoury photos on SN

Combine with Data Usage Rules - eg bar the HR dept from using this content

Solutions proposed by Yang + Jae (simple approach)

David Chadwick paper: lots of XACML work....complicated

Truth - in the middle

Market in the data-usage control (back end)

At the front end - market not so clear

How to get them to care?

Conclusion: propose a lightweight access to the API

What is the link between all these workshop?

<rigo> http://www.w3.org/News/2010.html#entry-8902

<rigo> http://www.iab.org/about/workshops/privacy

IAB workshop will be "broader"

IETF required a "security" section in all RFCs....perhaps need a "Privacy" section too...

Mac Address issue - rigo to post link to public-policy list

<rigo> http://lists.w3.org/Archives/Public/public-privacy/

MAWG Feedback - RI to respond - "we are not happy" - but will not hold u up....

Meeting closed

[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.135 (CVS log)
$Date: 2010/10/12 12:47:56 $