W3C

- DRAFT -

Privacy Interest Group Teleconference

01 Dec 2016

Agenda

See also: IRC log

Attendees

Present
wseltzer, tara, npdoty, weiler, jim_lim, lake_polan, mary_hodder
Regrets
Chair
tara
Scribe
npdoty

Contents

<tara> Oops - somehow WebEx kicked me off!

<tara> That is not helpful!

<tara> Ah - okay now.

<scribe> scribenick: npdoty

<tara> Requests for reviews:

<tara> Screen Orientation API

<tara> https://lists.w3.org/Archives/Public/public-privacy/2016OctDec/0030.html

<tara> IndexedDB API

<tara> https://lists.w3.org/Archives/Public/public-privacy/2016OctDec/0031.html

<wseltzer> warning, danger lies there

<tara> WebPref: https://lists.w3.org/Archives/Public/public-privacy/2016OctDec/0035.html

wseltzer: brainstorming on how can we get the privacy reviews done for these specs
... have talked to a few groups that need a real privacy/security considerations explanation in their specs
... that is, not just "there are no privacy or security considerations"
... as a small group, we have trouble keeping up with all the specs
... working on self-review guidelines and then review that just focus on their answers to those questions, could be a more rapid response
... and start talking with the person who did that self-review and knows the spec technically
... so that we can get into more detailed questions about cross-origin or sensors with that person

tara: 1) some specs we are getting people who provide the answers to the self-review questionnaire but more of that could improve the review; 2) late-stage specs that haven't looked at the questionnaire may be an issue

wseltzer: sure, 2) is more on W3C, and is getting spread with education and tooling
... for our reviews on these calls, could we get champions of issues to take the next step of reading and highlighting anything htat looks concerning

tara: we had tried to identify an individual who would solicit comments and move things forward

<tara> nick: it helps to have the groups fill out the questionnaire but there is more work to be done.

<tara> nick: reviewer does have to review the spec in some detail to find the relevant info

tara: +1, reviewer has to look at the spec itself, not just self-review responses
... to add their own level of analysis or catch issues

<tara> nick: when we have assigned people, have we followed up?

tara: we have had people who would manage responses, but had more of a problem that the group itself didn't contribute answers to compile

wseltzer: can we use Github issues as a way to put pressure on both the WGs and PING?
... e.g. open a privacy review issue that can't be closed without conducting a privacy review (either by PING or someone else, like a WG member), and PING can point out with comments if a review is not sufficiently detailed
... Github is where work is being moved. Director is asking for a disposition of issues at transitions, and groups typically point to their Github issue list

tara: in terms of getting the process happening earlier, is there anything formal / involved with Github, to get this to happen sooner?

wseltzer: having the questionnaires in better shape would help a lot
... questionnaire should point out that you should have a priv/sec section and it should address your responses to this (per dsinger)

npdoty: I only see a timeline request on 1 of the 3 requests that we're looking at
... can someone follow-up with those groups to ask about their timeline?

tara: Web Payments likely to come back with a group of changes in January

<wseltzer> [for example, I note that Screen Orientation doesn't even mention "privacy". that should be an automatic push-back.]

<tara> I will go track down deadlines.

https://www.w3.org/wiki/Privacy/Privacy_Reviews

npdoty: wiki is out of date, but it's becoming clear that as the review requests come in more quickly, we either need more volunteers within PING, or need to find ways for reviews to happen within groups

<wseltzer> https://github.com/w3c/screen-orientation/issues/96

weiler: how likely are we to get effective reviews from the group itself?

npdoty: it might be rare to get comprehensive reviews from the author or someone in the group already, but could get quite detailed expertise if they're willing to recruit security/privacy people from their own organizations to conduct a review

weiler: that suggests that maybe we should mention in questionnaires that they may need to ask for expertise not already within the WG

wseltzer: Web Perf a particular area of privacy concern because the focus of the APIs is to gather very detailed data, which could be used for fingerprinting and the like
... since they're currently revising lots of them, important that they at least have privacy considerations described
... in some cases just describing features that are already implemented
... privacy issues can either note that we can't recommend it as implemented, or note the privacy issues for potential implementers who can mitigate in some ways

User Data Controls in Web Browsers

wseltzer: can successfully point out research results that changed certain features

<tara> User Data Controls in Web Browsers

<tara> https://gist.github.com/mnot/96440a5ca74fcf328d23

tara: additional context on mnot's shared doc on user data controls?

wseltzer: Mark shared this document as an evolution from previous conversations with PING
... expanded from just private browsing modes to looking at different modes more generally
... describe those modes so that other specs can reference how they should behave in those different modes
... could adopt this as a PING note for ongoing work
... and could modify questionnaires/reviews to refer to this document and these modes more specifically
... another privacy review request from dsinger on VTT privacy/security considerations

<tara> npdoty: looking at IndexDb spec

npdoty: IndexedDB group refers to "clear browsing data" and how their spec's data should be handled
... and I think it would be useful to have a formal description/categorization of the different features across browsers, as opposed to refering to a single name of a feature

Browser Fingerprinting

tara: nice seeing our group note out there in the wild, being pointed to by Princeton researchers

:)

<tara> 1. status of document

<tara> 2. met with EFF folks about directions

<tara> Status: needs revisions to make it more actionable for people writing browser specs

<tara> What are common sources of fingerprinting (so people can easily identify them)

<tara> May also need to weigh pros and cons -- explicitly note that *these* are the factors that are the most concerning, to go into the weighing process

<tara> Intend to add them by the end of the year and get PING feedback

<tara> EFF feedback:

<tara> 1. Some fingerprinting work could benefit from prioritizing how we fix those issues.

<tara> Since some fingerprinting happens at implementation, versus specs, we can ID the bugs

<tara> Making FP detectable is helpful (sometimes prevented)

<tara> 2. Sometimes we are getting into UI/UX issues

<tara> Like - how much information is overload?

<tara> Might be helpful to have a meeting to discuss these user-facing issues -- write up some advice

<tara> 3. Coordination -- we talk about clearing information (e.g., cookies...) but also there is a separate effort in IETF space, about rotation (e.g., of IP address)

<tara> We might want to talk about these things at the same time.

<tara> If your IP address rotates at same time at the cookie, then they can be tracked together, but otherwise it may be equivalent to clearing.

<tara> So this is a place where we could coordinate layers and groups.

<weiler> ach weile

<tara> Sam: how might we cross that layer boundary?

<weiler> s/r//

<tara> npdoty: IAB folks had talked about number rotations; EFF can help link us up with folks working in that layer of the problem

<tara> Use our networks to connect these discussions.

tara: great, plenty of work to do there :)
... Privacy Questionnaire question out to Christine, who is currently managing that

AOB

npd has a workshop on January 12th

<weiler> Wendy and I are also busy on 12 Jan

<tara> Tentatively Jan 19 but need to consult with Christine.

npdoty: post-election responses?, besides our work still being important

weiler: might be a key recruitment point on encouraging participation in privacy/security and standardization

+1

tara will follow up on the list with decided time for next meeting

and follow-up on ongoing work items over the holiday

tara: thank you all for your hard work

trackbot, end meeting

Summary of Action Items

Summary of Resolutions

[End of minutes]
Minutes formatted by David Booth's scribe.perl version 1.148 (CVS log)
$Date: 2016/12/01 17:56:20 $

Scribe.perl diagnostic output

[Delete this section before finalizing the minutes.]
This is scribe.perl Revision: 1.148  of Date: 2016/10/11 12:55:14  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: RRSAgent_Text_Format (score 1.00)

Succeeded: i/certain features/Topic: User Data Controls in Web Browsers
FAILED: s/ach weiler//
Succeeded: s/ach weile//
Found ScribeNick: npdoty
Inferring Scribes: npdoty
Default Present: wseltzer, tara, npdoty, weiler, jim_lim, lake_polan, mary_hodder
Present: wseltzer tara npdoty weiler jim_lim lake_polan mary_hodder
Agenda: https://lists.w3.org/Archives/Public/public-privacy/2016OctDec/0048.html
Found Date: 01 Dec 2016
Guessing minutes URL: http://www.w3.org/2016/12/01-privacy-minutes.html
People with action items:
[End of scribe.perl diagnostic output]