DASWG: Drop Ambient light sensor API for privacy and lack of implementer support #100
Comments
|
All privacy issues brought up to the group's attention have been documented [1] and reviewed with privacy experts [2] with additional mitigations specified [1] on top of the mitigations inherited from the Generic Sensor API [3]. These additional mitigations have been demonstrated [4] to be effective in a real-world scenario. The latest version of the Ambient Light Sensor API has implementer support [5]. Multiple experimental implementations of the earlier version of the API [6] informed the development of the additional mitigations in place in the latest version of the API. The DAS WG is commitment to security and privacy focused and use case-driven specification development and believes ceasing this work would be considered harmful. [1] https://w3c.github.io/ambient-light/#security-and-privacy |
|
Please don't stop this work. It is a very important feature for us and the privacy issues have been addressed from our perspective. |
@Joe-Palmer Would you say more about why it's important for you (and your users)? What does it enable that cannot be done in other ways? |
|
Thanks for asking @samuelweiler 👍 Basically, the inability to determine the ambient brightness has a negative impact on user experience of our service in some cases when used within a browser. I wrote a detailed description of our use case here: w3c/ambient-light#13 (comment) The only other way to determine the ambient brightness is to read the values from the camera settings after auto exposure has taken place (which is the technique we use in our native SDKs). However, this is currently not possible within a browser as being discussed here: w3c/mediacapture-image#209 Considering all sensors, our view is that the ALS is most similar to the motion sensors (although arguably provides a lot less information, especially with the new mitigations in place) so should follow the same permissions model which is to be enabled by default (to prevent dialog box fatigue) but be easily disabled for those who want to. I'm very happy to provide more details on anything if helpful. Thanks for your consideration. |
|
The Director has approved the Devices and Sensors Working Group charter, and took into consideration the input from an experiment conducted by the Advisory Board and the TAG and decided that a chartered Working Group was best suited to address these concerns. These concerns will not be ignored but the discussion should be moved into the individual specification issue tracker where the concerns can be addressed. Moreover, the Director recommended this document be republished as a Working Draft, with a Changes section. See https://lists.w3.org/Archives/Member/w3c-ac-members/2020OctDec/0034.html (member-only link) for the Director's decision. |
|
Not sure where I should be writing this but please redirect me if this is not the place. I work for a company that is very concerned with detecting fraudulent images. Part of this fraud detection requires the use of exif metadata like the camera settings. We use WebRTC so we can include overlays and use character detection. It would be extremely valuable to us and our users to have this feature implemented. Is there any other information I can include to help this case? |
|
@brianhumphreys I think the best place to provide feedback and use cases would be w3c/ambient-light#64. |
Per DAS charter feedback: On the the grounds of privacy, and given a lack of implementer support, we would like the Devices and Sensors Working Group to cease work on the Ambient light sensor API and see it published as a Working Group Note instead.
cc: @dwsinger @pes10k @marcoscaceres
(Originally published at: https://tantek.com/2020/188/b3/das-drop-ambient-light-sensor-api)
The text was updated successfully, but these errors were encountered: