At the end of Friday's meeting I was given an action to draft a note
that the TAG may want to send to the DAP WG,
the Geolocation WG and possible others. I don't know if this was
recorded as a formal action as we were in the process of adjourning. I
have nevertheless prepared a draft for the TAG's consideration. See below.
I will miss 3 telcons due to vacation, etc. If the TAG can agree on the
wording, as below or suitably amended,
feel free to send the note. Please copy Rigo Wenning and Thomas Roessler.
Draft TAG Note Re. User Policy
The W3C Policy Languages Interest Group maintains a Wiki which contains
real world cases where personal information has been compromised due to
inadequate policy or poor/nonexistent enforcement:
http://www.w3.org/Policy/pling/wiki/InterestingCases. One of these cases
describes how Virgin Mobile used photos that it found on Flickr in a
national advertising program. The photos appeared on large billboards,
much to the surprise of the owner and the subject.
In the public mind, issues related to the management and protection of
user information in Web Applications, Device access over the Web and
Services provided over the Web loom large and must be addressed. The
TAG, therefore, urges WGs working in these areas to include in their
architecture the ability to include policy information to control access
to user data, retention of user data and related concerns. It should
be possible to include policy information in API calls in a flexible
manner, perhaps using an extension mechanism.
There has been some dialog in this area. The IETF GeoPriv WG has
requested the W3C Geolocation WG to add additional support for user
privacy. See:
http://lists.w3.org/Archives/Public/public-geolocation/2009Aug/0006.htmlThere is a discussion thread on this subject on the Geolocation Mailing
list:
http://lists.w3.org/Archives/Public/public-geolocation/2009Jun/thread.html#msg98
--
All the best, Ashok
