Home E-mail Subscribe

On privacy protection in Web applications and browser APIs

2009-06-22 · browsers, standards

Culled from a recent exchange I had on twitter, the following are some randomly ordered thoughts on privacy protection in Web applications/APIs intended for location-based services (LBS).

  • we really don’t want each of N different location-aware applications on a device showing their own Nth-different “location sharing active” dialogs to users
  • nobody questions the intentions of any of the proposed LBS privacy-protection solutions; they instead question whether the proposed solutions would actually have the intended effective if implemented
  • there are legitimate concerns that some LBS privacy-protection proposals, despite intentions, would risk creating a situation ultimately harmful to users
  • any proposal being advocated should be judged on its technical merit, not on its intentions
  • advocacy is bad when it means continuing to dogmatically promote a particular well-intentioned-but-unproven solution even after that proposed solution has been legitimately and seriously questioned
  • any effective solution must start with not trying to pressure (bully) browser vendors into implementing a particular proposal, but instead working with browser vendors (rather than in isolation from them) to develop a general solution that’s actually workable
  • building a specific privacy-protection mechanism into one particular API is not a solution to the general problem of protecting user privacy across different classes of applications
  • when legal requirements for privacy protection in applications are not in line with market realities and implementation/user practicalities and/or are not enforceable, the market is going to rightly ignore them

One Response to “On privacy protection in Web applications and browser APIs”

  1. karl Says:
    June 22nd, 2009 at 8:06 am

    I feel a lot of anger and frustration in this list.

    Some of the items seem fine to me. I would not have written them like this ;). I disagree strongly with the last one, not because of the rationale but the form. It’s an unproven affirmation. There will be cases where it will be indeed the case and some not. :)

    About geolocation privacy, the issue has hit the fan already ;) Advertising the user’s location is one way to make aware the user (or users in developping countries) of a mobile device. Blocking access to the location is *not always* a solution either. Sometimes the solution will be in how long the data can be kept, sometimes the solution will be in how the data will be used.

    Repeat after me 1000 times: It is not a privacy issue, but a lack (or very thin) opacity issue. The network makes the access to information very quick and easy. There’s no need or no use to block it. There is need to be able to slow down the stream at will.