Privacy Interest Group teleconference

20 Sep 2012

See also: IRC log


+, Rigo, npdoty, fjh, spreibus, +1.510.701.aadd, tara, Dom, [Microsoft], joehall, Karima_Boudaoud, +1.207.756.aaee, christine, dsinger, MacTed, Frederick_Hirsch
Hannes_Tschofenig, Erin_Kenneally


<tara> Hi. For some reason, I can't get Skype to get me through the bridge - never get the prompt for the code.

<tara> But I am here on IRC and will do the best I can.

<npdoty> tara, note that the code is 1932 today, not the usual

<tara> I know - never got that far!

<npdoty> also, you might try calling in a few times, Zakim has been acting up the past few days

tara, keep on re-trying

<tara> Twice so far; will keep trying. Thanks!

I had also trouble from a normal phone, seems like there is another large conf going on

<Kboudaou> Kboudaou is Karima

<scribe> scribenick: rigo

scirbe: rigo

<christine> Regrets, Hannes Tschofenig, Erin Kenneally

Introductions of new members and guests

Presentation: Rigo, W3C Legal Counsel

<JC> JC Cannon, Microsoft, online privacy strategy

Christine Runnegar, ISOC

JC Cannon, MS

<npdoty> Nick Doty, W3C

Joe Hall, CDT

Dominique Hazael-Massieux, W3C

<spreibus> Sören Preibusch, U Cambridge

Frederick Hirsch, Nokia, Chair of DAP WG

<tara> Tara Whalen, Office of the Privacy Commissioner of Canada, PING co-chair

Mark Lizar, working on Open Notice

<npdoty> Mark Lizar, Open Notice effort

Mary Hodder: CustomerCommons.org

Permissions on the Web (Guest: Dom)

<christine> Yes chair apologies for the echo

CR: have a guest today, introducing Dom

<dom> http://www.w3.org/2012/Talks/dhm-privacy-www/

DHM: issue coming up in web platform, presented in WWW 2012, basic issue is that the more features we bring to the browser, the more risk we create in terms of privacy and security. Create a hole in the sandbox
... two WGs where this is salient: DAP and WebRTC Working Group. Want to start discussion on make the web as powerful as it needs to be and keep its privacy preserving capabilities
... classical issues: Making possible for web application to access camera on the device.
... creates privacy issues. Pages shouldn't get access to your camera, would open device to spying and surveillance
... one possible solution is to ask for permission, same issue for location dependent services

<spreibus> recently example of Web cam problem: http://news.bbc.co.uk/1/hi/programmes/click_online/9751569.stm

DHM: hard issue ot communicate the issue to the user on what thisis supposed to do
... difficult issues in terms of user interface. Even once you have obtained user permission. And you want the user to be aware that a permission is granted and active, how to do that
... classical issues of DAP
... there is no clear plan to make this future proof
... another issue is linked with fingerprinting. The more features youi provide, the better people can re-recognize your device. Again the camera and its resolution can be revealing, the codecs that is used, any number of capabilities, whether it has a flash or not
... in most cases not a problem, but if you do that on the web, it would be so much information to identify a browser uniquely
... again an issue that every group is facing. The more groups are facing it, the more fingerprinting becomes a palpable issue.
... is fingerprintting the wrong battle?

<npdoty> some people are debating whether fingerprinting is still a battle worth fighting or not

DHM: this needs a permissions model

<fjh> think about media capabilities requests for example

DHM: in many cases people want to have trusted applications that could ignore most of those issues
... some also linked to site-wide authentication, might want to share more information, non trivial problems
... once you get access to more private data, addressbook and calendar, you get more info that allows new types of attack
... creates tensions and difficulties. Some early solutions that emerge, web characteristics has some ??
... another different apporach, system application WG, that group is proposing to take all technology out of the browser context
... leaving aside all the issues on privacy and security. Taking an application logic, platform already provides those barriers, sidelining the issues by taking this platform? approach
... technical groups working on these issues. Went to F2F of the TAG, Unfortunately, the person caring left. Now want to find a person to drive this
... not only on privacy but also on security, mainly that touches W3C WGs
... perhaps someone from this group would be interested. Is a problem that was debated any number of times and there hasn't been a clear outcome so far
... Question?

CR: Excellent presentation

<JC> Rigo: When we discuss UI in tracking protection working group, browser vendors are not open to these discussions

<npdoty> rigo: when this comes up in Tracking Protection or other groups, it's often related to key UI issues

<npdoty> ... are browser vendors ready to talk about UI? that's often been a blocker in past discussions

DHM: UI remains something that browsers compete. So far the approach has been UI based. Not everything can be solved in UI, especially if htere is no solid foundation for the UI to drag on, Inconsistencies that come into play. Need a place where browsers can discuss
... communalities where they could aline
... expressing things to the user is UI, but problems go beyond

JC: do we know whether inconsistency is an issue for consumers

<JoeHallCDT> is JC asking for research results on cross-browser privacy confusion?

<npdoty> there may be some research on this question, if not explicitly with different browsers than with different software platforms in general

<npdoty> JoeHallCDT, yes, I think so, do you have a good source?

<JC> I was asking a general question not specific to privacy

DHM: Web Security UI WG worked on security indicator for browser, it was mixed experience

<JoeHallCDT> npdoty, probably… if we can refine the query a bit!

<npdoty> File->Open didn't require explicit standardization, though, so maybe we could use a lighter weight process to achieve those commonalities

CR: so far we have been unfortunate about UI standardization, but there are also other approaches, can they replace a focus on UI?

<npdoty> dom, are you referring to this doc: http://www.w3.org/TR/wsc-ui/ ?

ML: there is value in looking what possible solutions are

<dom> yes, npdoty

FJH: not everything goes into UI, compositing that mashes, red eye removal is a functionality somewhere on the web without user interaction
... is there informed consent? There is not always an UI

<Zakim> dom, you wanted to mention mobile as another issue with UI and to talk about help on fingerprinting

DHM: another reason why pure UI approaches are difficult is that on mobile devices screen real estate is reduced

<fjh> an example of not having a UI and not getting permission from the user is when you have a composite app that makes externally used apps transparent

DHM: mobile further complicates things
... group asked about finger printing, would be extremely useful if this group could explain what fingerprinting is and what the challenge is and present ways to mitigate while still allowing for deeper integration. I don't think there has been enough discussion so far, What about private browsing mode. It would be great if htis group could work on that

<npdoty> is the suggestion there input to various WGs about what they should keep in mind regarding fingerprinting as they develop new features?

CR: see your clear message to work on fingerprinting and have some good people to work on that

FJH: what question are we answering, we have to get the question right. many players and components, not privacy by design will help, people simplify and this is good engineering. Should we address limitations of service providers

<npdoty> I think JC had also mentioned the possibility of recommendations for deployments/developers and not just spec-writers and browser implementers

<JC> Yes

DHM: agree that finding the right question is part of the problem. On ISP, there are two kind of service providers. One is rather attackers that do not care about privacy, and good guys who lack guidance
... in practice we can not do much about attackers other than making their life as hard as possible and give them less data
... too little effort on service providers who want to do the right things.

<JC> Got it

<fjh> http://www.w3.org/TR/2012/NOTE-app-privacy-bp-20120703/

<dom> (settings work for expressing your preference, but doesn't work for reacting to permissions request AFAICT)

<fjh> what is the incentive to obtain implementation?

<npdoty> rigo: some research experience from PrimeLife about UI, that footsteps are very recognizable

RW: organize Workshop between the DAP and other WGs and the Privacy community

<fjh> maybe that is a rhetorical question.

I think we could organize one in Sophia

<dom> (I think a workshop in Sillicon Valley might actually be better to attract e.g. browser vendors)

<Zakim> npdoty, you wanted to mention November workshop

<JC> What do we do where there is inadequate regulation?

ND: wanted to talk about the workshop question. We are having a workshop end of November in Berkeley, Mostly taling about discussing about what to do after DNT, but may be one opportunity for people in the valley to discuss

<fjh> that is the next logical question

JC, I would start with tears

<dom> (I personally don't think that regulation is the only reward; making the Web a better dev platform is a pretty strong motivation for a number of vendors)

Coordinating and delivering privacy reviews of draft W3C specifications

<dom> [thanks for inviting me, I'll be going now]

<fjh> customers do value privacy I

<npdoty> thx dom!

<tara> Much thanks, Dom!

<npdoty> I think a lot of people in the community can benefit directly from consumer trust in the Web platform

<spreibus> Many thanks, Dom.

<Kboudaou> Thanks dom !

Navigation timing and Web intents suggested

navigation timeing: http://www.w3.org/TR/navigation-timing/

<npdoty> Web Cryptography has just published a first draft

Web Intents: https://dvcs.w3.org/hg/web-intents/raw-file/tip/spec/Overview-respec.html

CR: before going into this, wanted to discuss procedure more generally and how to organize review in a timely fashion

<tara> No - just got kicked off Skype. Back now!

ND: generally it would be great if we could do this. If htere are documents we can provide input to. In IETF the IAB has provided insight, there were lots of requests, but no right expertise in the WG, so faded away.
... we might want to make sure that we only work on documents where we have time and people

FJH: one question with web intents is that once you trust the origin the privacy barriers go low. This is related to explicit intents in WebIntents for example.

CR: thanks for explanation, not visible from title

<npdoty> I think just documenting the different concepts we have around trust for particular origins would be worthwhile

<npdoty> in some groups, we've been referring to an origin-pair as a useful privacy concept

CR: Introducing request wanted to ask for someone working on this

<npdoty> for Web Intents and Navigation Timing, do we have volunteers to help?

<npdoty> I might be able to review on Web Intents, though I have limited time

<npdoty> if someone wants me to help and wants to help me with that :)

CR: if this an issue of expertise? Or is is it generally to get involved in privacy reviews?
... no answer

<npdoty> move this discussion to the mailing list, +1

lets move this discussion to the mailing - list

Proposed candidates for PING review

Privacy considerations

CR: we had discussion in August on Privacy considerations and could include the issues that Dom raised.

<JoeHallCDT> the wall is listening, Rigo, unclear how to respond (talking for myself)

<npdoty> I think we may have a different group of people on the call this time than last time

<Fred> Hello all, thank you for the invitation. Is the CSP spec. something you think needs a review?

FJH: one issue is privacy in general. Should do "something" but has no normative impact.

CR: everybody tired but you get homework

<npdoty> 25 October for the next call? any conflicts?

CR: 25 Oct for a call

<spreibus> fine with me

<JoeHallCDT> wfm

<Kboudaou> fine for me

<npdoty> and it's just before TPAC

<npdoty> 18 October?

<tara> 25 is not optimall, but okay.

<tara> Um optimal. either!

18 October is the next call!

<spreibus> apologies for 18 Oct.

<fjh> regrets, 18 Oct

<npdoty> 18 October, any other major conflicts?

<fjh> s/COt/Oct/

<Kboudaou> me too: will not available on 18 oct.

CR: for homework, watrch for mail from Nick on Workshop in November. Would be good if we could develop a list of issues to discuss. Also should discuss requests for review from other groups. First is navigation timing and web intents
... should continue discussion on privacy considerations on mailing list


<spreibus> many thanks and bye bye -- see you on the mailing list

CR: Adjourned

<Kboudaou> thanks

<fjh> thanks

nick, will you link them from the PING page?

<fjh> s|s/Fred, rather web intent is the most urgent//||

if the script already executed I can't but I can do manual edits. Will do

Now I know why I'm the lawyer and you the engineer :)

Summary of Action Items

[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.136 (CVS log)
$Date: 2012/09/20 17:05:32 $

Scribe.perl diagnostic output

[Delete this section before finalizing the minutes.]
This is scribe.perl Revision: 1.136  of Date: 2011/05/12 12:01:43  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: RRSAgent_Text_Format (score 1.00)

Succeeded: s/Dom/Dominique Hazael-Massieux/
Succeeded: s/Open Notes/Open Notice/
Succeeded: s/?? Customer comments/Mary Hodder: CustomerCommons.org/
Succeeded: s/??/Web Security UI/
Succeeded: s/intention/question/
Succeeded: s/Highlight it here/This is related to explicit intents in WebIntents for example./
Succeeded: s/Fred, rather web intent is the most urgent//
Succeeded: s/COt/Oct/
FAILED: s/COt/Oct/
FAILED: s|s/Fred, rather web intent is the most urgent//||
Succeeded: s|rragent, generate minutes||
Found ScribeNick: rigo
Inferring Scribes: rigo
Default Present: +, Rigo, npdoty, fjh, spreibus, +1.510.701.aadd, tara, Dom, [Microsoft], joehall, Karima_Boudaoud, +1.207.756.aaee, christine, dsinger, MacTed
Present: + Rigo npdoty fjh spreibus +1.510.701.aadd tara Dom [Microsoft] joehall Karima_Boudaoud +1.207.756.aaee christine dsinger MacTed Frederick_Hirsch
Regrets: Hannes_Tschofenig Erin_Kenneally
Got date from IRC log name: 20 Sep 2012
Guessing minutes URL: http://www.w3.org/2012/09/20-privacy-minutes.html
People with action items: 

[End of scribe.perl diagnostic output]