15:51:27 <RRSAgent> RRSAgent has joined #privacy
15:51:27 <RRSAgent> logging to http://www.w3.org/2017/06/29-privacy-irc
15:55:04 <weiler> weiler has joined #privacy
15:55:33 <barryleiba> present+ Barry_Leiba
15:56:00 <tara> present+
15:56:15 <barryleiba> meeting number: 316 409 766
15:56:19 <tara> Erm I didn't think you needed one? I reloaded the page and that prompt went away.
15:56:54 <chaals-o> chaals-o has joined #privacy
15:57:29 <weiler> present+ weiler
15:58:52 <tara> Boy I hope we are starting in a few minutes...
15:59:35 <tara> ICANN!
15:59:42 <christine> christine has joined #privacy
16:01:14 <keiji> present+
16:01:25 <chaals-o> present+ chaals
16:01:55 <Zakim> Zakim has joined #privacy
16:02:17 <weiler> present+ weiler, keiji, tara, Barry_Leiba
16:02:47 <weiler> present+ christine
16:02:59 <weiler> present+ chaals
16:04:15 <weiler> present+ npdoty, Peter
16:04:46 <beverloo> beverloo has joined #privacy
16:05:00 <weiler> scribe: christine
16:05:58 <barryleiba> ?
16:06:20 <tara_> tara_ has joined #privacy
16:06:35 <tara_> q?
16:07:30 <christine> Chaals: micro data, spec updated, hope to go to CR within the month
16:07:43 <christine> would like to hear from PING that the changes are sufficient
16:08:15 <chaals-o> -> https://w3.org/TR/microdata Microdata Working Draft
16:08:46 <christine> see privacy considerations section
16:09:16 <tara_> Push API : https://www.w3.org/TR/push-api/
16:09:28 <christine> overview
16:09:52 <tara_> Web Platform Working Group
16:09:54 <christine> peter (Google, Chrome, one of the editors of the API, also involved at IETF work)
16:10:20 <christine> added the security and privacy questionnaire answers to the repository
16:10:31 <christine> some interesting privacy areas
16:10:52 <christine> server cannot see content but size and frequency of interaction
16:11:00 <christine> largest concern (privacy)
16:11:30 <christine> used with notification API - website can send notifications to users (e.g. image) and might be able to get location using id delegation techniques
16:11:32 <fjh> fjh has left #privacy
16:11:57 <chaals-o> q+
16:12:04 <christine> in most browsers not available in incognito mode (not Chrome, but same as other Web APIs re persistent identifiers)
16:12:10 <tara_> ack cha
16:12:14 <christine> also not some other browsers
16:12:43 <christine> chaals: potential to tracker users through the notifications sent to users
16:13:04 <christine> peter: can be intrusive, part of the concern of the notfification API
16:13:26 <christine> in practice, mobile devices and desktop, do not disturb enables users to stop notifications
16:13:26 <tara_> Issue #258: Change Source of Push Service and Privacy Issues: https://github.com/w3c/push-api/issues/258
16:13:41 <tara_> See Change Source of Push Service and Privacy Issues: https://github.com/w3c/push-api/issues/258
16:13:42 <christine> peter: are there specific mitigations you would like to see?
16:14:17 <christine> chaals: essentially comes down to notification API rather than push API, also users might want to collect notifications in a less intrusive way
16:14:23 <christine> peter: provider priority?
16:15:10 <christine> chaals: not really .. more thinking in terms of in notification API implementation, enabling user to pipe notification into this bucket because I am busy doing something else (e.g. teleconference)
16:15:35 <christine> peter: our own experience (Google), introducing notification channels
16:15:47 <christine> one channel per website - gives users control
16:16:13 <christine> other platforms Mac OS, Microsoft are moving in similar directions - more control to users
16:16:27 <christine> from a spec point of view, not sure what could do for benefit of users
16:16:55 <christine> chaals: yes, one thing to say - be aware user may not get push in real time
16:17:16 <christine> like everything else on a mobile - not always true instant delivery and can rely on
16:17:29 <christine> peter; don't make any promises on timing of delivery
16:17:44 <christine> can't guarantee timing
16:18:47 <christine> nick: thanks for coming to talk to us - 2 or 3 things - users visible only option in the subscription, curious seems like an opportunity for privacy - can user agent enforce?
16:19:23 <christine> peter: the intention - push API is a delivery mechanism, doesn't not mandate what developers has to do - at least for first version
16:19:52 <christine> nick: it is a promise being made or UA making a mechanical decision
16:20:14 <christine> peter: in theory, uA may want to display different user prompts
16:20:31 <christine> in all today's implementations - push notifications
16:20:59 <christine> user visiable only property must be set to get the subscription
16:21:14 <christine> nick: are UAs implementing not deliver notifications when tab in background
16:21:31 <christine> peter: browsers does not need to running for notification to be delivered
16:21:53 <christine> nick: if use for background tracking, how enforce?
16:22:29 <christine> peter: mozilla - give a budget based on amount the user uses the website - subscription will drop and lose ability to deliver messages if
16:23:04 <christine> chrome is different - active vs. not active - ..
16:23:49 <christine> nick: seems the goal is to tell the user something is happening - background processing maybe should be written up in specification
16:24:32 <christine> peter: but there are valid reasns for receiving a notification in the background (e.g. calendar update) - but no implementation experience on how to handle from privacy point of view
16:24:45 <christine> nick: seems like then that that feature isnt ready yet
16:24:58 <christine> peter - yes why current implementations are user visible only
16:25:10 <christine> difficult to lock down the specification
16:25:26 <christine> nick: you are trying to think ahead for new cases
16:25:47 <christine> peter: yes, have use cases but not clear how to make clear to user that something has happened in the past
16:26:17 <christine> nicK; why separate method to find out if subscribed? why separate permission state method?
16:26:33 <christine> peter: 2 reasons: permission API was not ready when started this
16:26:54 <christine> websites show own method for notifications
16:27:11 <christine> nick: danger showing without permission state checked first?
16:27:28 <christine> peter: network call could take time ..
16:27:47 <christine> (apologies peter, I don't always hear you clearly)
16:27:50 <chaals-o> q+
16:28:15 <tara_> ack cha
16:28:33 <christine> chaals: if one service channels all your push stuff, what is the reaility of whether you can mitigate in any way?
16:28:44 <christine> peter: comes down to OS restrictions
16:29:03 <christine> don't allow apps to run continuously or if want have to use OS systems
16:29:06 <barryleiba> present-
16:29:07 <barryleiba> barryleiba has left #privacy
16:29:50 <christine> peter: understand not a satifiying answer
16:30:16 <christine> metrics from telefonica, persistently open connection up to 6% of your batter life
16:30:33 <christine> chaals: missing a unit here
16:30:54 <christine> peter: battery duration is decreased by 6%
16:31:39 <christine> chaals: if talk to performance wonks, seems like a big number, users do crazy things that have bigger impacts than that, if they want to move notifications around, would seem a small part of the budget
16:31:50 <christine> peter - no API that prohibits this
16:32:54 <christine> chaals: given that everything goes through a single server - whoever provides the services gets the metadata - time, frequencies, sizes, but packets are encrypted - but still quite a lot there
16:33:04 <christine> nick: one service per website or device
16:33:11 <christine> chaals: device
16:33:34 <christine> if a lot filtering, then the default service endpoint might not be available, e.g. in china
16:35:38 <christine> peter - based on current implementations - no interest to provide multiple backings to user but nothing in spec to prohibit - might want to make this clearer in the spec - but actual choice input service strikes me as a UA deicsion
16:36:05 <christine> chaals: if UA decision, privacy concern - choosing for you and routing through known point
16:37:00 <christine> a consideration if implmentations are done like that, they should be called out that way and explain if forced by OSs or a decision of the group as a trade-off on performance and is that trade-off right or arbitrary
16:37:13 <christine> explain constraints and implications is important
16:37:38 <christine> peter:spec cannot move blame to another actor, clarification is a good thing - would you iterate with me
16:37:47 <christine> chaals: happy to work with you on that
16:38:18 <christine> mulitple considerations go into this
16:38:19 <tara_> q?
16:38:46 <christine> tara: you went through the TAG questionnaire? feedback?
16:39:02 <christine> peter: quite easy to answer it
16:39:36 <christine> one q .. can reply offline - one q was unclear what it meant - rest was clear
16:40:04 <christine> end of July
16:40:28 <christine> thanks peter
16:40:52 <christine> apologies peter
16:40:59 <christine> it was hard to hear sometimes
16:41:21 <tara_> Screen Orientation API: https://www.w3.org/TR/screen-orientation/
16:41:39 <christine> leonie is looking for a review
16:41:47 <beverloo> christine: no problem -- thank you for taking notes!! the connection is not ideal from my side either.
16:42:18 <christine> tara: we need to provide a response
16:42:21 <beverloo> ""3.9 Does this specification allow an origin access to aspects of a user’s local computing environment?"" - it was not clear to us what "allow access" meant. Does the device's choice in push service count as this?
16:42:22 <tara_> Comments on Remote Playback API
16:42:34 <tara_> https://lists.w3.org/Archives/Public/public-privacy/2017AprJun/0025.html
16:42:47 <christine> tara: simon provided views and this is the response
16:43:08 <christine> we should look at the response
16:43:17 <christine> and see if it addresses the issues
16:43:23 <christine> see asks on mailing list
16:43:35 <tara_> PING at TPAC
16:43:41 <tara_> https://www.w3.org/2017/11/TPAC/
16:43:48 <christine> we have a slot
16:43:51 <tara_> We have a 1-day slot on Thursday 9 November
16:43:55 <weiler> q+ to discuss conflicts
16:44:08 <beverloo> "(apologies peter, I don't always hear you clearly)" (re: Nick's question) - websites sometimes show custom UI when the user has yet to make a decision in the UA's permission request UI. Calling subscribe() *may* ask for permission, and then makes a network request to the push service to create a subscription. Distinguishing between whether the user is still seeing the permission prompt and whether the subscription request is still in progress is impor[CUT]
16:44:25 <christine> sam - web security and web authentication at the same time
16:44:37 <chaals-o> [beverloo I think that the device´s choice of service provides access to user data, but not sure about the local computing *environment* ...]
16:44:50 <christine> need to coordinate and structure with those groups
16:45:07 <chaals-o> [... I think the issue there is can you get stuff processed, and I guess the answer is yes?]
16:45:10 <christine> q+
16:45:14 <weiler> ack me
16:45:14 <Zakim> weiler, you wanted to discuss conflicts
16:45:26 <tara_> ack weil
16:45:32 <tara_> ack chr
16:45:53 <tara_> Christine: Closer to the agenda creation, we can coordinate with those groups and have mini combined meetings
16:46:06 <beverloo> [chaals-o: yes, we settled on a careful yes]
16:46:20 <beverloo> [let's continue discussion on the PR (I'll share tomorrow) and/or the bug. I've got to run - thank you once again!]
16:46:20 <tara_> See if there is way to create way for their agenda etc to allow for them to attend PING
16:46:36 <tara_> Christine: may be better to bring PING to their meeting
16:46:42 <tara_> Thanks for bringing it up!
16:47:41 <tara_> Could add the conflict issues to the TPAC questionnaire
16:47:43 <christine> sam: also mention on TPAC questionnaire
16:47:52 <tara_> Watch out for Dreamforce conference - book early!
16:47:56 <tara_> (Is mentioned on the TPAC page)
16:48:33 <christine> micro data?
16:49:00 <christine> sam: trying to recruit security reviewers
16:49:20 <christine> are there people on the call or in the group that would be able and willing?
16:49:35 <christine> nick: how is that being organised?
16:49:54 <christine> sam: going to individuals and asking them if they will do something, not through web SIG
16:50:05 <christine> open q about when we do reviews
16:50:19 <christine> trying to do based on manually generated requests, for now
16:50:52 <christine> nick: my hope would be that there would be a group/list where we could have the results of that to lead to a more common tradition
16:51:13 <christine> do we want people to do GitHub or email or both?
16:51:35 <christine> chaals: sam, want you to do both - make sure there is a record in a forum of what has been down
16:51:38 <christine> done
16:52:04 <christine> and if can get reviewers to do that would be fantastic
16:52:23 <christine> nick: need to do more in privacy group
16:53:01 <tara_> Christine: would like that when we do questionnaire, in annotated section, put in some examples of success stories
16:53:22 <tara_> Example: Battery API with reduced granularity of info (data minimization)
16:53:52 <christine> nick: yes, good and bad examples
16:55:00 <tara_> Christine: Geolocation API -no interest for encrypted channel because rest of the world wasn't protecting the location data very well
16:55:06 <tara_> (as bad example)
16:55:24 <christine> christine ( not sure if I got that right)
16:58:23 <christine> let's use the wiki to document this
16:58:26 <christine> agreed
16:58:32 <christine> microdata
16:58:53 <chaals-o> -> https://www.w3.org/TR/microdata/#privacy-considerations microdata privacy section
16:59:50 <tara_> Very succinct!
17:00:36 <tara_> Next call: July 20 or 27th?
17:01:01 <tara_> 20th - bad choice (IETF & PETS)
17:01:17 <tara_> 27th better choice- pencil it in!
17:01:35 <tara_> Please check the Microdata privacy section, all.
17:02:58 <keiji>  RRSagent, make minutes
17:02:58 <RRSAgent> I have made the request to generate http://www.w3.org/2017/06/29-privacy-minutes.html keiji
17:03:20 <keiji> RRSAgent, make logs public
17:07:14 <keiji> rrsagent, leave
17:07:14 <RRSAgent> I see no action items