- From: Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Wed, 7 Apr 2010 08:37:27 -0400
- To: ext Alissa Cooper <acooper@cdt.org>
- Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, W3C Device APIs and Policy WG <public-device-apis@w3.org>
Alissa Thanks for this revision, to summarize to see if I understand: 1. Removed categorization of requirements since you suggest this document should be focused on what impacts API directly, as opposed to the content of policy itself or user defined policy. Thus this is now roughly limited to UA-Functionality. This gives the document and work more focus, which I think is good. 2. removed use cases due to the change in focus. However, I wonder if this is always appropriate, since for example the minimization use case demonstrates a case where the API should be able to return minimal data, etc. 3. Changed the table from "information with data" to "user expectations", which does not imply a solution, appropriate to requirements. Changed "sharing" to "disclosure" (same intent?) What next steps are needed for APIs for notice, consent, control and access? Will notice be handled by the commons privacy license idea? Maybe we should capture what is removed in a new User Policy Preferences document now, so it isn't forgotten? I updated the editors draft with this revision, see http://dev.w3.org/2009/dap/privacy-reqs/ Previous versions are visible in the CS history http://dev.w3.org/cvsweb/2009/dap/privacy-reqs/Overview.html (previous version at http://dev.w3.org/cvsweb/~checkout~/2009/dap/ privacy-reqs/Overview.html?rev=1.8&content-type=text/html; %20charset=iso-8859-1 ) Frederick Hirsch Nokia On Apr 6, 2010, at 5:43 PM, ext Alissa Cooper wrote: > I've tried to streamline the privacy requirements document per > ACTION-153 (I think this also closes out ACTION-112 that I took at the > F2F). The text attached below reflects a number of changes: > > -- I removed the use cases, since they were about user and > application > policies, not about API requirements. I think we will be able to use > them later when we get to defining how the user expectations/ > preferences/policies will work. I also removed the discussions under > the individual privacy elements that were about policies rather than > API requirements. > > -- I re-ordered the remainder of the text so that it's more clear > which pieces of the privacy work are going where. > > -- I changed the table that shows the breakdown of how we're dealing > with the various elements of privacy, and I added in the ones that > were missing from the table. > > I tried not to alter much of the text otherwise. John and I definitely > have some more substantive issues with some of the language in this > doc, but for the purposes of streamlining I mostly left the text as it > was. He and I will send comments to the list about our outstanding > issues (before or after FPWD, as appropriate). > > I know this is a little late for the Wednesday call, but if it's > possible for one of the editors to post the text below, it will be a > lot easier to read (I don't have editorial access). > > Cheers > Alissa > > > <privacy-reqs-01.html><ATT00001..txt>
Received on Wednesday, 7 April 2010 12:38:39 UTC