15:56:14 RRSAgent has joined #privacy 15:56:14 logging to http://www.w3.org/2017/04/20-privacy-irc 15:56:17 Zakim has joined #privacy 15:57:13 tink has joined #privacy 15:58:42 christine has joined #privacy 16:01:28 Hello all. Giving a moment for folks to join... 16:03:14 present+ weiler 16:03:28 scribenick: weiler 16:03:39 Thanks, Sam! 16:03:49 LCPolan has joined #privacy 16:03:51 present+ Léonie 16:04:03 present+ 16:04:06 present+ 16:04:11 present+ 16:04:15 present+ 16:04:20 present+ 16:05:06 npdoty has joined #privacy 16:05:07 nick are you on the webex? 16:05:35 I gave up 16:07:19 topic: UI events 16:07:50 johanes: Input Events.... editing appls that sit on top of browser. 16:08:27 https://w3c.github.io/uievents-code/ 16:09:03 ... idea is to provide a consistent event before anything has changed in text edittng area. 16:09:08 https://github.com/w3c/uievents-key/ 16:09:39 ... level 1: only for things e.g. formatting/menus. 16:09:49 ... level 2 includes that + character inputs. 16:10:14 q? 16:10:47 ... invites questions re: privacy implications. all of this is stuff that j/s already has access to, but it was impractical before. 16:11:01 ... keystrokes easiest now; context menu/touchbar harder now. 16:11:53 q? 16:12:17 q+ on fingerprinting 16:12:56 q+ 16:13:02 ack np 16:13:02 npdoty, you wanted to comment on fingerprinting 16:14:05 npdoty: re: fingerprinting. some things will be hard to mitigate (e.g. how users type certain words). will this reveal details re: keybaord layout? - that's very persistent, avail. across origins. 16:14:37 ... or touchbar configuration. 16:15:05 johannes: some characters only on certain (language) layouts. 16:15:45 ... ideas is to have more of abstraction. not say HW kbd v. soft kbd for example. 16:16:41 ... some have suggested ADDING this info. 16:17:36 ntdoty: we've talked to accessibility people re: this (e.g. did this come from a kbd or voice input)? 16:19:23 leonie: user population for voice stuff has grown; less identifying. 16:19:28 to be clear, we *haven't* talked to accessibility group, but would be interested in their expertise 16:19:45 [a larger "anonymity set"] 16:20:32 q+ 16:20:34 npdoty: this is a privacy impl. re: revealing some of users capabilities (e.g. ability to type or not). 16:22:06 christine: @@ 16:22:21 [+1 to Christine - note the privacy advantages as well as disadvantages in privacy considerations] 16:22:44 s/@@/Sounds like there are some potential privacy improvements in this - they should be noted in the privacy considerations section/ 16:22:51 ack chr 16:23:31 ack chaa 16:23:49 autocomplete library information is an interesting privacy question too 16:23:54 chaals: would be useful to do some testing w/ real input systems (e.g. predictive input systems / Swype) 16:24:57 johannes: w/ mobile devices, have less information. often guessing at user's intent. 16:25:20 zakim, who's here? 16:25:20 Present: weiler, Léonie, wseltzer, tara, keiji, johanneswilm, chaals 16:25:22 On IRC I see npdoty, LCPolan, christine, tink, Zakim, RRSAgent, tara, keiji, chaals, johanneswilm, anssik, weiler, terri, lukasz, wseltzer, plinss, dustinm, jyasskin, mounir, 16:25:22 ... schuki, adrianba, Mek, hadleybeeman, mkwst, dveditz, trackbot 16:25:31 was this useful? what's the timeline? 16:26:37 present+ christine, Lisa, npdoty 16:27:06 johannes: useful. chrome almost ready to ship. webkit has shipped or will soon. 16:27:18 and is the spec at CR? 16:28:05 chaals: no, but hoping for soon. still in fpwd exclusion period, maybe? 16:28:31 ... wanting wider review. thinking it's ready for CR. 16:28:41 zakim, who's here? 16:28:41 Present: weiler, Léonie, wseltzer, tara, keiji, johanneswilm, chaals, christine, Lisa, npdoty 16:28:44 On IRC I see npdoty, LCPolan, christine, tink, Zakim, RRSAgent, tara, keiji, chaals, johanneswilm, anssik, weiler, terri, lukasz, wseltzer, plinss, dustinm, jyasskin, mounir, 16:28:44 ... schuki, adrianba, Mek, hadleybeeman, mkwst, dveditz, trackbot 16:29:09 [Thanks Johannes for turning up] 16:29:15 topic: HTML5.2 16:29:54 https://lists.w3.org/Archives/Public/public-privacy/2017AprJun/0001.html 16:30:02 -> https://w3c.github.io/html/changes.html#changes HTML changes section 16:30:04 leonie: 6 incremental updates to 5.1 since Sept. we suggest focusing on the changelog. 16:30:55 ... how could we make reviews easier? (make changelog more useful?) 16:31:26 christine: for me, THIS (talking to us on this call) is the best. 16:32:34 chaals: walking us through the changelog... 16:32:36 this change log is definitely more useful than trying to read every github commit, say. but it's still a little tricky to understand the reasoning or implications 16:32:56 https://w3c.github.io/html/changes.html#changes-wd4 16:33:22 -> https://github.com/w3c/html/commit/3a0f88b79b68a219fa6b7a2f523e2fe731ab1cba change in security creator context 16:35:03 can you speak to "allowed to use"? 16:35:55 ... impacts possible from how users interact w/ forms 16:35:56 data: as a separate origin seems like a security/privacy improvement 16:37:30 -> https://github.com/w3c/html/commit/c309da8f13200e229aaa43a14f13793c8ad9ea49 commit for "allowed to use" 16:38:13 -> https://github.com/w3c/html/issues Open HTML issues 16:38:42 ... no label here re: privacy, but we do label other areas. 16:39:14 ... we haven't found many things that we thing implicate privacy 16:39:25 -> https://github.com/w3c/html/issues/369 describe ping attribute 16:39:29 leonie: there a label, mostly unused. 16:39:57 The "privacy" label on the HTML repo is not attached to any issues at the moment. 16:40:14 chaals: ping attr allows a link on a page to send a msg somewhere else. purpose is for user tracking. if we were to define that, you should look! was in html5; subsequently removed. 16:40:34 ... waiting. would be helpful to look at it now. 16:42:05 -> https://www.hixie.ch/specs/pingback/pingback pingback, used for blog references, not exactly what I am thinking of... 16:42:57 right, pingback is an entirely different technology 16:43:13 -> https://html.spec.whatwg.org/multipage/semantics.html#links-created-by-a-and-area-elements links, including a description of the ping attribute 16:43:13 we're talking about a ping attribute on an a element, I think 16:43:31 ... The @@ WG has PING in their specification. 16:43:57 ... if you follow a link, other links get told 16:44:35 -> https://html.spec.whatwg.org/multipage/semantics.html#hyperlink-auditing explanations of what happens, and why 16:45:42 chaals: spec says user agent should tell user what it's doing. but what do UA's actually do today? 16:47:31 s/@@ WG/whatwg/ 16:48:04 q? 16:48:42 yoav has joined #privacy 16:50:20 npdoty: I can see where this makes sense for user, but if UAs are never are exposing this to user... may want to answer the Q of whether this is ever being implemented for the user's benefit before we standardize it. 16:50:31 +1 on determining what UAs are actually doing 16:50:42 s/makes sense/might make sense/ 16:51:13 I'm concerned that even though the reasoning should support the user, it's possible that it would just make it easier to add several tracking services to a link, all without the user actually understanding it 16:51:29 I'm glad that the WHATWG spec writes it as an explicitly optional feature 16:51:44 Leonie: may 26 is cutoff for CR. comments sooner appreciated. 16:53:11 chaals: would be helpful if PING could help of think re: what gets submitted w/ forms. what does it make sense to expose to a user? (e.g. not meaningless strings) 16:53:43 q? 16:53:49 I'm curious whether there has been any attempt to show *when* a page is communicating back to a server 16:54:11 -> https://github.com/w3c/html/labels/privacy Issues tagged as privacy 16:54:19 [and provide UA features to stop such communication?] 16:54:52 chaals: no. 16:55:08 [are there plugins that can do that, on a per-page basis?] 16:58:37 We're coming to the last two minutes... 17:00:22 chaals: should look at page-to-page messaging within the browser. follows same-origin policy, which might not mean much. 17:00:36 rrsagent, make log public 17:00:40 rrsagent, draft minutes 17:00:40 I have made the request to generate http://www.w3.org/2017/04/20-privacy-minutes.html weiler 17:01:27 tara: Next call 18 May. 17:01:41 rrsagent, draft minutes 17:01:41 I have made the request to generate http://www.w3.org/2017/04/20-privacy-minutes.html weiler 17:01:45 [Look at Service Workers, in the context of being able to know when information is being transferred - but the key problem is actually knowing what information is being transferred - is it just icons for the page, or privacy-sensitive information added by the user's interaction with the page. This is also the issue with forms, ever since they have been part of the web. 17:02:28 rrsagent, draft minutes 17:02:28 I have made the request to generate http://www.w3.org/2017/04/20-privacy-minutes.html weiler 17:02:46 chair: tara, christine 17:02:58 yeah, it's Service Workers and more meaningful offline apps (and things like background requests) that made me bring it up 17:03:40 I think it will always be difficult to describe what information is being transferred (since it's so easy to obfuscate), but whether I'm connected or not is a sharper distinction that users might make choices based on 17:04:09 Sure, except without an understanding of what information has been gathered and is being transferred, that's pretty meaningless. 17:05:05 a request to service.example.com/update?feqad might be a hash of the user interaction patterns, or a request for the next meaningless comment that should appear now I scrolled 17:06:03 My phone shows me when data is going up and down, but it's almost useless even when I lock it down to a single page that is the only thing allowed to communicate… 17:06:16 …and I actually care enough to try and understand that. 17:06:35 [ref. wseltzer's comments about atypical users :) ] 17:06:48 rrsagent, draft minutes 17:06:48 I have made the request to generate http://www.w3.org/2017/04/20-privacy-minutes.html weiler 17:07:25 title: Privacy IG meeting 17:07:26 rrsagent, draft minutes 17:07:26 I have made the request to generate http://www.w3.org/2017/04/20-privacy-minutes.html weiler 17:07:48 rrsagent, this is Privacy IG meeting 17:07:48 I'm logging. I don't understand 'this is Privacy IG meeting', weiler. Try /msg RRSAgent help 17:07:59 zakim, this is Privacy IG meeting 17:07:59 got it, weiler 17:08:02 rrsagent, draft minutes 17:08:02 I have made the request to generate http://www.w3.org/2017/04/20-privacy-minutes.html weiler 17:08:12 rrsagent, help 17:08:41 Meeting: Privacy IG meeting 17:08:45 rrsagent, draft minutes 17:08:45 I have made the request to generate http://www.w3.org/2017/04/20-privacy-minutes.html weiler 17:09:17 s/title: Privacy IG meeting// 17:09:19 rrsagent, draft minutes 17:09:19 I have made the request to generate http://www.w3.org/2017/04/20-privacy-minutes.html weiler 17:12:53 zakim, list attendees 17:12:53 As of this point the attendees have been weiler, Léonie, wseltzer, tara, keiji, johanneswilm, chaals, christine, Lisa, npdoty 17:12:55 rrsagent, draft minutes 17:12:55 I have made the request to generate http://www.w3.org/2017/04/20-privacy-minutes.html weiler 17:13:26 zakim, dismissed 17:13:26 I don't understand 'dismissed', weiler 17:13:30 zakim, go away 17:13:30 I don't understand 'go away', weiler 17:13:38 zakim, you are excused 17:13:38 I don't understand 'you are excused', weiler 17:14:00 zakim, leave 17:14:00 leaving. As of this point the attendees have been weiler, Léonie, wseltzer, tara, keiji, johanneswilm, chaals, christine, Lisa, npdoty 17:14:00 Zakim has left #privacy 17:14:09 rrsagent, leave 17:14:09 I see no action items