Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Privacy Principles 2024-02-26 #74

Open
torgo opened this issue Mar 12, 2024 · 2 comments
Open

Privacy Principles 2024-02-26 #74

torgo opened this issue Mar 12, 2024 · 2 comments
Assignees
Labels
REVIEW REQUESTED WD Working Draft. Not yet approaching CR.

Comments

@torgo
Copy link

torgo commented Mar 12, 2024

In the issue title above add the document name followed by the date of this request, then the date of your proposed deadline for comments.

  • name of spec to be reviewed: Privacy Principles

  • URL of spec: https://www.w3.org/TR/2024/DNOTE-privacy-principles-20240226/

  • Current Rec/Note phase? wide review prior to Statement

  • What and when is your next expected transition? from Note to Statement.. sometime this Summer

  • What has changed since any previous review? First formal accessibility review

  • Please point to the results of your self-review: I think this document does not appear to fit into any of the categories listed in the self-review, however I am happy to revisit if I'm wrong.

  • Where and how to file issues arising? Please fils issues on our repo https://github.com/w3ctag/privacy-principles/

  • Pointer to any explainer for the spec? I don't think this is applicable

Other comments: We are in new territory here regarding wide review of statement track documents so please feel free to let me know if you'd prefer to this review request to come in another form.

@torgo torgo added pending This issue needs to get a reviewer assigned to it REVIEW REQUESTED WD Working Draft. Not yet approaching CR. labels Mar 12, 2024
@Helixopp Helixopp self-assigned this Apr 17, 2024
@AutoSponge
Copy link

@torgo Really great content here. So many gems. I'd like to offer something that I didn't find in the document but that I think will help support other principles. It could be a separate principle (Data Minimization?) or augment "enable or disable ancillary APIs". Essentially:

(user agents) (API designers) Global opt-out and lack of consent should be indistinguishable to any website from a user agent that is not capable of presenting its user an opt-in or choice to consent.

The wording is difficult and it could even be "softer" and I'd feel it was addressed. Have the ability to globally opt-out could be used against early adopters to fingerprint them, among other groups. I'd like to see something that supports those "most vulnerable" folks. What do you think?

Thanks!

@matatk
Copy link

matatk commented May 1, 2024

APA WG is happy to sign off on this work; great stuff!

We're keen to hear your thoughts on @AutoSponge's comment above. We think this is an important question, but if you would like to publish an updated version of the Privacy Principles before it's addressed, we would support that.

If you'd like us to file @AutoSponge's comment directly as an issue in the document's repo, we can do that.

Minutes from APA WG call today

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
REVIEW REQUESTED WD Working Draft. Not yet approaching CR.
Projects
None yet
Development

No branches or pull requests

4 participants