W3C

- DRAFT -

Privacy Interest Group Teleconference

25 Jun 2015

See also: IRC log

Attendees

Present
christine, +1.613.304.aaaa, tara, +1.202.407.aabb, fjh, +1.646.283.aacc, WSeltzer, +44.793.550.aadd, Hannes, mike_oneill, Chaals, [IPcaller], Katie_Haritos-Shea, Simon, Lake
Regrets
npdoty, Karima
Chair
SV_MEETING_CHAIR
Scribe
Lake

Contents


<trackbot> Date: 25 June 2015

<christine> Hello Wendy, are you here?

<christine> A very big thank you!

<tara> Christine, have you set up the conference already?

<christine> regrets Karima

<tara> Scribe?

<tara> Thanks, Wendy, for doing logistics work!

<gnorcie> testing 123

<mike_oneill> thanks

This is Lake - actual first time on IRC!

<tara> http://www.w3.org/TR/2015/WD-mediacapture-streams-20150414/#privacy-and-security-considerations

<tara> Last call on this document coincided with our PING call.

<tara> Katie had provided comments previously.

<tara> Useful to have further comments at this stage.

<tara> Homework from last call :-) was to come ready to discuss this document.

MediaCapture status: comments from email list

-no comments

<tara> No comments on email list between then and now, but Joe and Greg (CDT) indicated that they intended to review.

<mike_oneill> +q

<wseltzer> scribenick: Guest77

<wseltzer> scribe: Lake

Mike O: raised concern with cross-origin passing

<tara> Mike: Device ID as drive-by identifier; fingerprinting threat, can be passed cross-origin

Greg: agrees with fingerprinting comment; "mixed content" - need stricter definition

<SimonRice> +q

<wseltzer> [Note that WebAppSec is working on Mixed Content spec -- and would welcome comments]

<tara> CDT comments: https://lists.w3.org/Archives/Public/public-privacy/2015AprJun/0079.html

<wseltzer> Mixed Content, in CR

Mike: any third party script can see IP address

'Not limited to a single origin'

<SimonRice> Section 9.3.1 Attributes references the use of persistent identifiers

<tara> Q: how do they protect device iD?

Q: How do they protect device IDs? Why should a platform know how many devices/of which class, without seeking authorization

<tara> Christine: how do you know number of device/class of devices w/out authorization?

<christine> +q

Greg: Does consent carry forward across session? Do you have to revoke consent? Should be easy to revoke

Mike: Or built-in sunset with defined lapse period
... Don't want to rely on people to remember to go back to revoke/clear

Simon: Why wouldn't identifier change btw sessions?

<Zakim> wseltzer, you wanted to comment on permissions and to comment on mixed content

<wseltzer> http://www.w3.org/TR/permissions/

<tara> Wendy - two relevant specs - Mixed Content spec (see above); + Permissions API. Goal would be for other specs like Media Capture to use these as guidance.

Wendy: Mixed content spec and Permissions API - both aim to give guidance re: mixed content handling, permissions. Comments on persistence of permissions should also be directed to these specs
... pushback from browser developers - while they don't want to standardize UI, often using dropdown to control permissions

Christine: spec should go further - recommend platforms devp'rs don't use persistent identifiers
... indicate that permission is persistent?

Mike: interface should indicate that persistent permission is in use, with potential privacy risk

<wseltzer> [ some browsers have "door-hanger" notifications]

<SimonRice> Correction: The comment "interface should indicate that persistent permission is in use, with potential privacy risk" was from mike_oneill

Comments to be summarized to be sent to MediaCapture authors

<tara> https://w3ctag.github.io/security-questionnaire/

<tara> (Thanks, Christine, for filling in the background!)

PING to work with TAG on draft privacy questionnaire

<tara> Thanks Greg & Joe for work on this!

<tara> CDT comments: https://lists.w3.org/Archives/Public/public-privacy/2015AprJun/0068.html

CDT comments: compared draft to questions prepared by Nick; found largely focused on confidentiality, etc,

Pulled out privacy-specific list

Privacy section mirrors the security considerations section

To help people think about broader privacy questions

Need group input to flesh out privacy questions

<chaals> [+1 to having a privacy thing that isn't just an addendum to security issues]

<christine> +q

Christine: especially tricky issues/ new insights?

<SimonRice> +q

Greg: some issues hard to clearly slot as either security v. privacy

<mike_oneill> +q

Simon: data itself v uses of data; how use decisions impact individuals

Greg: doesn't really address as of now; could work this distinction in

<christine> +q

Mike: Security Qs don't address limits on persistence as of now; also should address same origin policy

<tara> Same origin policy limited in providing privacy guarantees

Mike: when you give permission to other 'principal', establishing relationship btw person and entity; should be discussed more

Greg: open to changing same origin language

<Zakim> Ryladog, you wanted to say (I cannot talk now) do we have questions about 'holding' and controlling data?

Katie: data controller responsibilities covered?

Should tell spec writers what responsibilities are for data controllers

Christine: Support this idea in principle, but what about legal responsibilities?

<tara> Christine: data controller language strays into legal requirements, which can be problematic for W3C spec

<mike_oneill> +q

<SimonRice> +q

<Ryladog> +1 to agree with you...but to identify that the technology developed have "a" responsibility

But, room to make recommendations for platform developers: 'don't use persistent IDs...'

<Ryladog> =!

<Ryladog> +1

Can achieve Simon's ask if frame in terms of data minimization, not legal responsibility

Mike: ISO standard could be useful; could import terms

<SimonRice> ICO Privacy Impact Assessment Code of Practice page https://ico.org.uk/pia and https://ico.org.uk/media/for-organisations/documents/1595/pia-code-of-practice.pdf

Simon: See annex 1 and 2; questions for new tech projects. Could help flesh out privacy questions

<christine> +q

<mike_oneill> where is it?

Christine: F2F Ping meeting next month alongside IETF; who's attending? Could devote to questionnaire

<wseltzer> [I'll be there]

<wseltzer> Prague

<tara> Sadly, I will not be there.

PING's role/efficacy in the W3C

<christine> +q

Christine: Would like to have stronger impact on W3C work, through good, quick, consistent advice

And, through joint work with TAG

Questionnaire will go out at TAG finding

-as

Other suggestions, to help produce standards that are more privacy protecting?

<mike_oneill> +q

Wendy: Goal is to make privacy review necessary part of spec dev't

<wseltzer> ... and to bring people together to do that work

<wseltzer> ... Thanks to all who are working here!

<tara> Yes, thanks for all the pro bono privacy work!

Mike: ISO spec as starting point for common terms

Christine: useful to have common terms; common though for standards bodies to use their own terms. Terms need to be legible to W3C standards authors

<tara> Next call?

Next call: after F2f at end of July, or August?

<mike_oneill> bye

<tara> trackbot, end meeting

Summary of Action Items

[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.140 (CVS log)
$Date: 2015/06/25 17:15:42 $

Scribe.perl diagnostic output

[Delete this section before finalizing the minutes.]
This is scribe.perl Revision: 1.140  of Date: 2014-11-06 18:16:30  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: RRSAgent_Text_Format (score 1.00)

Succeeded: s/Q:/Christine:/
Succeeded: s/want to consider/while they don't want to standardize UI, often/
Succeeded: s/Simon:/Mike:/
Found ScribeNick: Guest77
Found Scribe: Lake
Default Present: christine, +1.613.304.aaaa, tara, +1.202.407.aabb, fjh, +1.646.283.aacc, WSeltzer, +44.793.550.aadd, Hannes, mike_oneill, Chaals, [IPcaller], Katie_Haritos-Shea
Present: christine +1.613.304.aaaa tara +1.202.407.aabb fjh +1.646.283.aacc WSeltzer +44.793.550.aadd Hannes mike_oneill Chaals [IPcaller] Katie_Haritos-Shea Simon Lake
Regrets: npdoty Karima

WARNING: No meeting chair found!
You should specify the meeting chair like this:
<dbooth> Chair: dbooth

Found Date: 25 Jun 2015
Guessing minutes URL: http://www.w3.org/2015/06/25-privacy-minutes.html
People with action items: 

WARNING: Input appears to use implicit continuation lines.
You may need the "-implicitContinuations" option.


[End of scribe.perl diagnostic output]