W3C Logo

Workshop Report
W3C Workshop on Privacy and User–Centric Controls

20–21 November 2014, Berlin, Germany


W3C gratefully acknowledges Deutsche Telekom, for hosting this workshop.

Deutsche Telekom

W3C also thankfully acknowledges the STREWS project and the PRACTICE project for supporting this workshop

strews logo

practice logo

Thanks also to the Mozilla Foundation for their Support

This workshop attracted extensive participation, including browser vendors, researchers, network operators, entrepreneurs, and government representatives.

There were a many excellent and informative papers submitted and presentations given, notably including warnings on how privacy concerns might become even more serious with eye tracking , insights on the future of mobile privacy , views on why the current explanations to users are inadequate , and insights on user interfaces and user management of privacy settings. There were also presentations highlighting the possible need for major changes to the internet, offering a rationale and new architectural view , as well as new approaches.

The group recognized that issues related to implementing and achieving adoption related to privacy and security may be similar to those for accessibility and internationalization.

The workshop accomplished the following:

  1. Participants documented and shared information
  2. The workshop initiated the process of building a community
  3. We synthesized questions to serve as the basis for further proposals and discussion
  4. A concrete set of next steps was documented.

Questions for further proposals and discussion

Bigger Picture Questions

These are questions related to the larger issues related to privacy and user centric controls

  1. How does user control relate to controls?
  2. Can we do more than minor tweaks?
  3. How can we address systemic issues with point standards, for example retention and re-use
  4. Is it possible to have both ads and privacy?
  5. How to enable choice, shift from consent to choice? Is this a legal issue only?
  6. Can we agree standardization related to a general approach to avoid consent dialogs?
  7. Is an incremental approach possible, and if so, what is the first step? Risk assessment or known need?
  8. How can community help each other; For example, what would help the Firefox OS community?
  9. Can we create better regulatory linkages?

Awareness Questions

These are questions related to what we can expect of user understanding and how to raise that understanding.

  1. What are the confidence inspiring metrics for security/privacy?
  2. Can we standardize metrics for security/privacy that inspire confidence?
    • enumerate sources, e.g. frequency, 2nd order effects, confidentiality/security
    • define calculation
    • relate to frequencies (e.g. how often is data collected), visibility (e.g. background tasks), 2nd order effects...
  3. Can we Standardize metrics meters UI (e.g. like Opera)?
  4. Are there cross-platform opportunities or other lessons from Lightbeam/Collusion?
  5. Can we standardize more and better means to make clear privacy consequences and risk/benefit tradeoffs to end users?
  6. How much of a user understanding privacy can be taken as a basis/assumption for controls

Usability Questions

These are questions related to how to create usable controls

  1. Can we agree on requirements and definitions of standardized user interface controls?
  2. Can we outline aspects of effective and usable UI controls?
  3. How to achieve simplicity with fewer, but more meaningful, controls
  4. What type of controls can users manage effectively and find useful. Which do not work? Can we document best practices.
  5. Define type of controls needed rather than layout; too early for standardization since implementers are still experimenting
  6. Users understand Private Browsing mode to include all aspects including online - work to make that a real standard

Next step Questions

These are questions about possible next steps and their priority.

  1. How much commitment is there to making a change?
  2. We know we have success when one can safely send a naked picture of oneself to a friend.
  3. Determine use cases for privacy in context
  4. Follow up with additional workshop
  5. Survey business models with respect to privacy applicability (example is DNT experience)
  6. Revisit P3P to reuse vocabulary definitions for JSON-LD type approach
  7. Create requirements for metrics and then terms, metrics and vocabulary
  8. Summarize user centric design use cases
  9. Document Best Practices for interoperability

Possible work flow:

  • identify use cases; then
  • Identify streams that could contribute to metrics & identify source of information; then
  • Review use cases where using these metrics for controls makes sense; then
  • Implement controls

Next Step Actions

The group devoted a session to discussing possible next step actions leading to the following summary. The group also discussed who might be responsible for these actions. Many were proposed for the W3C Privacy Interest Group, PING. For the security interfaces, however, people also talked about using the Web Security IG as a starting point for further initiatives in the area of security UX.

There was interest among participants of the workshop on joining PING (and the W3C) - information was shared on how to do this, as well as a brief overview of the W3C.

  1. Create a best practices document outlining type of controls that users can effectively use, reflecting experience and noting which do not work (W3C Privacy Interest Group, PING).
  2. Document use cases for privacy controls in context (W3C Privacy Interest Group, PING).
  3. Schedule follow up workshops to maintain community and to learn of new developments and ideas (W3C Team).
  4. Comment on new architectural proposals for new Internet (e.g. pEp) to W3C submission from pEp and others (W3C TAG).
  5. Survey business models with relationship to privacy concerns, alignment, issues etc (W3C Privacy Interest Group, PING).
  6. Revisit the use of W3C PING vocabulary as JSON-LD vocabulary (venue undecided).
  7. Identify use cases where metrics for controls make sense, identify data/information that could contribute to the metrics and identify the source of the information (W3C Privacy Interest Group, PING).
  8. Create Note defining terms and vocabulary relevant to privacy controls (W3C Privacy Interest Group, PING).
  9. Create a task force in the Security Interest Group to explore use cases for browser security interfaces.


This was a successful workshop which resulted in much information sharing, the creation of a nascent community and concrete actions to be considered in the W3C Privacy Interest Group and elsewhere.

The minutes, agenda including links to presentations and list of attendees is here:http://www.w3.org/2014/privacyws/agenda.html

The position papers and expressions of interest are here:http://www.w3.org/2014/privacyws/pp/Overview.html

Questions? Rigo Wenning <rigo@w3.org>