Privacy Interest Group

28 Jul 2016

See also: IRC log


wseltzer, tara, weiler, christine, Andrey_Logvinov, Barry_Leiba, marta, mikeoneill, terri
Tara and Christine


<scribe> scribe: weiler

<scribe> scribenick: weiler

tara: newcomers, please introduce yourselves.

Barry Leiba: work for Huawei; IETF veteran.

<npdoty> agenda here: https://lists.w3.org/Archives/Public/public-privacy/2016JulSep/0010.html

Andrey_Logvinov: Yandex, working on wake lock API

Craig Spiezle: <inaudible>

Mike: wants to talk re: an issue in webappsec

Wake Lock API privacy considerations

tara: introduced Andrey to talk about wake lock API

<tara> https://www.w3.org/TR/wake-lock/

andrey: concern that lock can keep screen awake and burn battery. other things (video) do this, too.

barry: what's the privacy issue?

<npdoty> presumably the hidden video hack is a bug, not functionality to maintain

<tara> https://github.com/w3c/wake-lock/issues/78

andrey: no privacy issue. but another device could see that the device is awake. could create a side channel. Not sure if danger is real.

npdoty: other APIs have some limitation re: "only applicable when the screen is on", so as to prevent surreptitious / background abuse.... geolocation, camera/microphone.
... if they can keep screen on w/o user realizing it, could have implications for these other APIs

andrey: is it correct that APIs should not be allowed to wake device/screen -- they just prevent locking, they don't enable wake. right?

npdoty: my concern is that keeping a wake lock that keeps the screen on might make it easier to extend other API capabilities in unexpected ways

<wseltzer> Secure Contexts

wendy: is this a feature that should be available only in secure contexts?

andrey: maybe

<npdoty> christine++

<Zakim> wseltzer, you wanted to ask about secure contexts

christine: latest version of spec talk basically re: battery. need to thing about nick's concern... there are privacy implications. users may not be aware of background tasks e.g. tracking location because wake lock has been enabled for other applications. need to think re: wendy's Q.
... cross-origin linking: not sure if that's a risk or not. should look at it.

andrey: something we should consider.

tara: to andrey: any other questions for the group? looking for comments by end of Aug?

<marta> can you resend the link please?

<npdoty> do you have any particular questions for us?

<npdoty> Wake Lock API editor's draft is here: https://w3c.github.io/wake-lock/

Andrey: no further Q. (no comment on deadline.)

<marta> I can do it

christine: would someone on call take task to compile PING's feedback to group re: privacy considerations?

<npdoty> can we get the deadline for comments in the minutes?

tara: vibration API - deferred.

Fingerprinting Guidance for Web Specification Authors

<npdoty> https://lists.w3.org/Archives/Public/public-privacy/2016JulSep/0016.html

npdoty: made some updates on fingerprinting guidance doc over the last month.
... big changes, trying to address comments received: title [is that such a big change?], added examples,

<tara> Re: Wake lock - email list said "We would appreciate to receive your feedback before the end of August"

<tara> "the preferred method for feedback is to file issues in our github repository: https://github.com/w3c/wake-lock/issues"

npdoty: (e.g. re: battery status, sensors, proximity, flash plugins, ...), updated research section.

<npdoty> https://github.com/w3c/fingerprinting-guidance/issues

npdoty: everything else was clarification/wording.
... seven open issues. edits to date address five. need input on two. asked TAG for input on their comments.

<mikeoneill> q

npdoty: if this group agrees on the "pending review" items, we can close them.

mikeoneill: @@ ... protocol has a header origin policy. server says "random", and client bounces it back. spec says that rules of third party header should follow cookies
... if interested in this, looks at webappsec. does this need to be talked about? e.g. should there be an API so user can see if fingerprinting is happening?

<npdoty> http://w3c.github.io/fingerprinting-guidance/#clearing-all-local-state

npdoty: this keeps coming up. might be moved to a different doc. heard two suggestions: #1 should avoid unnecessary new mechanisms. #2 enable clearing at the same time as cookies
... don't think users care re: difference

mikeoneill: info should be there for browsers to offer privacy add-ons. @@ .. if recommendation comes out for a a new API re: fingerprinting risks, it should covered by permissions API.

npdoty: you can control your user agent w/o an API
... could you review this section of the doc? it's not making UI suggestions now; maybe it should.

mikeoneill: I'll look over the weekend.

tara: recap: you're waiting for comments on a couple of issues, and want us to review the rest.
... privacy questionnaire.

Privacy questionnaire

tara: christine not answering, so moving on.


<tara> https://github.com/w3c/encrypted-media/issues/221#issuecomment-233498615

<tara> https://w3c.github.io/encrypted-media/#privacy

<christine> apologies all - computer crashed

tara: joe hall says that EME is going to PR in a few weeks. privacy section has been fleshed out. they'd like some review. if you missed that, I'm sure they'd appreciate comments - don't wait to joe to ask.

<npdoty> EME has a very lengthy priv/sec considerations section, which looks interesting and will take some effort to review

Fingerprinting Guidance for Web Specification Authors

chrisinte: we asked the IAB if they'd like to give up any feedback

Privacy questionnaire

christine: I'm hoping things will be quieter in august, so I'm going to try to shepherd our work on this (which is not the same as the TAG's self-review questionnaire). Nick/Greg had input. Wendy moved the draft to github.

<wseltzer> https://github.com/w3c/ping

christine: expect to hear gentle encouragement next week. thanks to barry, Kathleen(?), Joe Hall for volunteering to be maintainers for self-review questionnaire.
... will use github for that.

<npdoty> sorry, is that github repo to be used for multiple documents?

<wseltzer> The TAG Privacy/Security Self Review


<tara> 1] https://github.com/w3c/webrtc-pc/issues/687

<tara> https://github.com/w3c/webrtc-pc/issues/688

tara: Stefan from WebRTC has added some responses to our comments.

<tara> https://github.com/w3c/webrtc-pc/issues/689

<tara> https://github.com/w3c/webrtc-pc/issues/690

tara: four issues that they'd like for us to look at.
... this hasn't gone to the group yet.

christine: volunteer to respond to these?

<christine> q_

nopoty: confused: are these things we already raised?

tara: they responded to two of our issues w/ suggestions and others are Q to us.

mike: deadline?
... I'll look over the next week
... what happened over media streams (fingerprinting issue)?

npdoty: this doc is now separate from media streams doc. at least a couple of these issues are more relevant to media stress so have been closed on this doc.


<npdoty> it looks like gnorcie was already involved in many of these threads, so joe and greg may be able to handle further discussion on those

<wseltzer> https://www.w3.org/2016/09/TPAC/

tara: we have a mtg on 20 Sept; it does not overall with webappsec this time.

<wseltzer> remember to register!

christine: we need to plot our agenda. I will not be there. If we work on privacy questionnaire before then, could make progress there.

<npdoty> is remote participation feasible for that meeting?

tara: welcome agenda suggestions. want to use our time effectively.

<npdoty> +1 for webex/phone at TPAC, thanks

christine: Kepeng asked if we could change the time of our call.
... proposal is 1400UTC

<npdoty> what about 9 hours earlier, rather than 2 hours earlier?

barry: the people with the issue may not be on the call. fine with me.

wseltzer: hard to accommodate global participation in conference calls, but we try. but Kepeng did cite time.

craig: I'm west coast and don't mind 7am. some of my WGs alternate timezones.
... 3/4pm west coast, sometimes. we have people in australia.

<npdoty> 7am Pacific Time is rough for me; I would typically prefer a midnight call, but alternating seems like one possible compromise

<wseltzer> https://lists.w3.org/Archives/Public/public-privacy/2016JulSep/0018.html

christime: nothing to report from IETF. sent out a summary; it had some suggestions of things we could do as a group. e.g. 2x calls/months: one for reviews/docs, one for information sharing. could try to get researchers to give seminars

<wseltzer> ^ notes from PING@IETF

christime: could extend invites more broadly. could have a PING blog.
... should we form a task force to standardize incognito/private browsing mode?

<npdoty> these sounds like cool activities, if we have enough active interest/participation in doing them

mikeoneill: we could take a more active role in giving input to APIs in earlier stages of their development

weiler: (back to mtg time) we could try an experiment. seems to be some support for alternating.

<christine> 25 Aug works for me

<npdoty> 25 August works for me too

tara: next call on Aug 25

<npdoty> (if we want to start alternating or fortnightly calls, should we look for mid August or mid September?)

<barryleiba> Thanks, everyone

tara: may look at 2nd call starting in September
... probably not change time this time, but will consider and announce it.

Summary of Action Items

Summary of Resolutions

[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.144 (CVS log)
$Date: 2016/07/28 16:58:11 $

Scribe.perl diagnostic output

[Delete this section before finalizing the minutes.]
This is scribe.perl Revision: 1.144  of Date: 2015/11/17 08:39:34  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: RRSAgent_Text_Format (score 1.00)

Succeeded: s/Logvinov:/Logvinov: Yandex, working on wake lock API/
Succeeded: s/that lock and/that lock can/
Succeeded: s/is is/ is it/
Succeeded: s/@@/my concern is that keeping a wake lock that keeps the screen on might make it easier to extend other API capabilities in unexpected ways/
Succeeded: i|https://lists.w3.org/Archives/Public/public-privacy/2016JulSep/0016.html|Topic: Fingerprinting Guidance for Web Specification Authors
Succeeded: s/want/wait/
Succeeded: s/@@/Kepeng/
Succeeded: s/participation/participation in conference calls, but we try/
Found Scribe: weiler
Inferring ScribeNick: weiler
Found ScribeNick: weiler
Default Present: wseltzer, tara, weiler, christine, Andrey_Logvinov, Barry_Leiba, marta, mikeoneill, terri
Present: wseltzer tara weiler christine Andrey_Logvinov Barry_Leiba marta mikeoneill terri
Got date from IRC log name: 28 Jul 2016
Guessing minutes URL: http://www.w3.org/2016/07/28-privacy-minutes.html
People with action items: 

[End of scribe.perl diagnostic output]