[privacy] Updated "Web Applications Privacy Best Practices" editors draft from Frederick.Hirsch@nokia.com on 2012-06-19 (public-device-apis@w3.org from June 2012)

From: <Frederick.Hirsch@nokia.com>
Date: Tue, 19 Jun 2012 22:03:19 +0000
To: <public-device-apis@w3.org>
CC: <Frederick.Hirsch@nokia.com>
Message-ID: <8E282181-DD33-4E15-AFDD-DAA5A00B1250@nokia.com>

I have updated the "Web Applications Privacy Best Practices" editors draft to add a new best practice on active consent.

See <http://dev.w3.org/2009/dap/privacy-practices/> (Note you may have to empty the cache if previously loaded, to update the references)

The new practice reads as follows (practices have been renumbered):

[[
Best Practice 6: Active consent should be freely given, for specific data, and be informed.

Active consent is where user action is taken to also give permission, avoiding the need for consent dialogs. Such active consent should be freely given, for specific data, and be informed. Thus the user should be able to cancel the operation, know which data is shared, and have adequate information at the time of the action regarding the intended use of the data [CONSENT-EU-WP187]. The web application should provide the user with information on intended use in conjunction with device API usage.

Examples of active consent include selecting contact fields to share, electing to create a picture by clicking on the camera shutter, and so on. Active consent can improve usability and be less disruptive than consent dialogs, and can also meet privacy requirements if appropriate criteria are met.
]]

The new informative reference is

[CONSENT-EU-WP187]
WP189, Opinion 15/2011 on the definition of consent. EU Article 29 Data Protection Working Party, 01197/11/EN WP187. 13 July 2011. URL:http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2011/wp187_en.pdf

Background material is available in this document shared earlier: <http://lists.w3.org/Archives/Public/public-device-apis/2011Oct/att-0091/dap-privacy-wp187.pdf>

Please indicate any suggestions on the list.

Given that this Best Practices document was last published 4 August 2011, I think it is now time to publish as a WG Note, including this addition, and I suggest we start a CfC to agree on this publication.

Thanks

regards, Frederick

Frederick Hirsch
Nokia

This should complete ACTION-470

Received on Tuesday, 19 June 2012 22:04:04 UTC