Present: Dan, Pete, Wendy, Robin, Don, Christine Regrets: Amy
Privacy Principles A11y feedback
Dan: Discussing APA feedback, in particular thinking about making the doc more accessible to readers. Maybe start with principles then adding depth. (This is feedback we've received a few times, not A11y specific.)
Dan: They suggest some wordking...
Jeffrey: we've talked about this... it's in the design principles... (After this piece of the discussion, Jeffrey found "A web app should not be able to distinguish between the user rejecting permission to use a sensor/capability, and the sensor/capability not being present.")
Pete: we should be careful - there are places where we want affirmative "no"s for legal purposes.
Jeffrey: Good point. We don't want the site to retaliate against people who said "no".
Don: trend of plug-ins that will nag you if you DON'T have the privacy settings turned on... we want to make it harder for sites to collect info that will help them put extra work on users.
Robin: why can't we all just get along?
Jeffrey: I think there is space to say something to spec authors here.
Dan: separate principle under non-retaliation?
Jeffrey has filed #418
Robin: do we want to block on that?
Jeffrey: I think back burner is fine.
Wendy: modularity and composability don't appear anywhere in our doc - and these are sometimes in tension with the higher-level protections... Not asking for any changes to the doc.
Dan: i18N feedback: w3c/i18n-actions#85 (comment)
Dan: so i18n are looking for a name check...
Robin: we've had this conversation -- half people say one thing half say another... I think we should just go for it?
Dan: OK
Dan: next step is to ask the team to send a WBS to ask for approval to move to statement. We need to say we've addressed horiz review feedback. I think we have and can show that.
Robin: I want to ship! Happy to help.
Robin: triage of the remaining issues... that are not back burnered?
we agree that Robin and Dan will work on Friday on writing and sending a transition request, pending resolutuon of a few additional issues
we agree to close
we agree overtaken by events, closing
it's going to be taken up in societal impacts questionnaire so closing
Jeffrey: still something interesting... interesting tension still exists... applicable to EME as well... on the other hand, we talked about moving UA duties to 2nd doc... happy with either back burner or close.
we agree to put in back burner
Pete: i think we discussed this somewhere else... Will review async.
Robin: close all the copy-edit issues, any objection? We've done lots of copy editing. [no objection]
Christine: don't think this needs to be open
Robin: agreed
no objections, we closed
Robin: i can remove appendix B
agreed
Robin: we decided to do more.. can we back burner?
agreed
Jeffrey: Don already did a PR for this so going to close.
agreed
Robin: 363 has merged
Jeffrey: I think we can close.
agreed
Robin: the PR has landed...
Pete: fine closing it.
Jeffrey: we added API designers ... no objection to close
agreed
Jeffrey: edited... PR369 ... was merged... marked backburner
Christine: there's no perfect definition
Jeffrey: works for me
Pete: fine to close, though I still feel it's not useful to say "everything may be sensitive"
Don: some feedback to this document was yes sensitive info but there is also commercial information that we want to process that isn't sensitive. We say "you can't tell/ predict" whether info is sensitive -- for example we don't know how a future machine learning system will make sensitive inferences from data originally categorized as non-sensitive. From our PoV you have to realize the limits of anyone's ability to detect sensitiveness or vulnerability in advance.
Pete: I think we should remove sensitive information...
Jeffrey: the kinds of info people highlight e.g. cc numbers, identifiers... it's a little weird to say that all information is the same and you should treat it all as equally ssensitive.
Robin: it's valuable to say "system designers should not assume that info isn't sensitive"...
some debate
Don: example of landlord who wants to use a platform to help them make prejudiced decisions on who to rent to -- if you build in a set of safeguards in advance then a platform will fall back to using alternate data points to enable the prejudiced decision. This info also sensitive because of the anticipated follow-on reactions by the landlord and by the plaform that enables their decision.
Jeffrey: as way to cut bits out of the document - we should focus on saying surprising things. everyone agrees that CC, geo, are worth protecting... we could not mention it in the document.
Jeffrey: "Everyone agrees that some information is sensitive but in reality all information is sensitive."
Pete: i think we should cut the last section. "when considering..."
Robin: I will write the PR.
Jeffrey: I also added 418 to the backburner...
Pete: can we short term back burner?
Christine: is there a simple PR we could make?
we agree to just add the TAG for user agents
Jeffrey: does a PR
Robin: there is an open PR... PR416...
Dan: close 397 on that basis?
agreed
Christine: could we say "meaningful transparency"...?
Robin: I think we can back burner and add it to the list of things for when we take the UA related things out of the document after statement.
agreed
Robin: I think we have addressed this in the document... as discussed...
agreed to close
https://github.com/w3ctag/privacy-principles/pull/417/files
we take a look at it and agree to merge
https://github.com/w3ctag/privacy-principles/pulls
we agree to back burner