The DAP Perspective

An Action-Packed Adventure

Robin Berjon, DAP co-chair, Vodafone

Frederick Hirsch, DAP co-chair, Nokia

W3C Privacy Workshop, London

2010-07-13

DAP — Device APIs and Policy

or Death to All Privacy?

the largest and most thorough assault on users' privacy ever undertaken by a single working group.

The Hit List

Chartered Deliverables

Giving arbitrary web pages (and widgets) access to a user's:

personal information
personal space
personal communication
personal system

Saving the Day

The Good Guys

Privacy and security by design
Policy framework for access to security-critical APIs
Privacy framework and considerations for all APIs

Dark Days

Are You Paranoid Enough?

Fingerprinting/footprinting
Code embedding
Connected runtime

Principles

How We Roll

No Bolt On: Privacy is like security, by design
Asynchronous security and privacy entry points
Data minimisation
Integration with common UI paradigms

Various Approaches Beyond Design

Mad Scientists?

Policy access control language
Privacy ruleset integration
User-mediated resource provider acquisition (Powerbox)

Join Us

And We Shall Rule The Galaxy

Refine and review use cases
Find the simplest, webbiest approach to privacy
We can use your help!

Thanks!

We'll Be Here All Week

Home page: http://www.w3.org/2009/dap/
Specs in progress: http://dev.w3.org/2009/dap/