From 1b73051fee438603b454c0edb5484c6271542701 Mon Sep 17 00:00:00 2001 From: Ian Jacobs Date: Thu, 7 Mar 2024 15:50:22 -0600 Subject: [PATCH] Wondering whether a 1-pager would be useful. --- README.md | 5 ++++ glance.md | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 94 insertions(+) create mode 100644 glance.md diff --git a/README.md b/README.md index 4efe40a1..8229c0ae 100644 --- a/README.md +++ b/README.md @@ -75,6 +75,11 @@ Experts we need input and review from: * TAG and PING chairs and team contacts * WhatWG steering board +## Deliverables + +* [Privacy Principles](https://w3ctag.github.io/privacy-principles/) +* [Privacy Principles for the Web at a Glance](glance.md) + ## Input documents * https://w3cping.github.io/privacy-threat-model/ diff --git a/glance.md b/glance.md new file mode 100644 index 00000000..7dfbc66d --- /dev/null +++ b/glance.md @@ -0,0 +1,89 @@ +# Privacy Principles for the Web at a Glance + +## Status + +This document is designed to be a very short summary of what a reader will find in [Privacy Principles](https://www.w3.org/TR/privacy-principles/). This document reflects no consensus. Ian Jacobs wondered whether it would be helpful. + +## Introduction + +The TAG's [Ethical Web Principles](https://www.w3.org/TR/ethical-web-principles/) state: + +> When we add features to the web platform, we are making decisions that +impact peoples' ability to control their personal data. The overall +goal of privacy on the web is served best when technology and law +complement one another. + +The [Privacy Principles](https://www.w3.org/TR/privacy-principles/) +Note (below called "the document") endeavors to establish shared +concepts as an aid to technical efforts to ensure privacy on the +web. It may also be useful in pursuing alignment with and between +legal regulatory regimes. + +## The Privacy Challenge + +The collection and processing of information in greater volume, with +greater precision and reliability, with increasing interoperability +across a growing variety of data types, and at intensifying speed is +leading to a concentration of power that threatens private and public +liberties. What's more, automation and the increasing computerisation +of all aspects of our lives both increase the power of information and +decrease the cost of a number of intrusive behaviours that would be +more easily kept in check if the perpetrator had to be in the same +room as the victim. An appendix in the document identifies a full set +of high-level threats that inform the subsequent guidance. + +The principles in this document provide guidance to address these +challenges. The principles build on some concepts and terminology +introduced in the first half of the document, such as: **asymmetry** +(the imbalance of power between end users), **privacy labour** (the +effort individuals must exert in order to protect their privacy), +**surveillance** risks, the increased **vulnerability** of some +populations to privacy threats, and **collective privacy** (e.g., +revealing information about group membership). An appendix of "common +concepts" seeks to bolster shared understanding of the model behind +the principles. + +Importantly, the document makes explicit assumptions about browser +duties with respect to the user: protection, discretion, honesty, and +loyalty. The principles assume that the browser (or other user agent) +will act as a trustworthy agent on the user's behalf. + +## The Principles + +The document lists 30 general principles in the following categories: + +* Identity on the Web +* Data Minimization +* Information access +* Sensitive Information +* Data Rights +* De-identified Data +* Collective Privacy +* Device Owners and Administrators +* Protecting web users from abusive behaviour +* Purpose limitation +* Transparency +* Consent, Withdrawal of Consent, Opt-Outs, and Objections +* Notifications and Interruptions +* Non-Retaliation +* Support Choosing Which Information to Present + +Each principle is accompanied by explanatory material, examples, and +guidance for how to adhere to the principle. + +Here are some examples: + +* A user agent should help its user present the identity they want in + each context they are in, and should prevent or support recognition + as appropriate. (Identity on the Web) + +* Sites, user agents, and other actors should restrict the data they + transfer to what's either necessary to achieve their users' goals or + aligns with their users' wishes and interests. (Data Minimization) + +* System designers should not assume that particular information is or + is not sensitive. Whether information is considered sensitive can + vary depending on a person's circumstances and the context of an + interaction, and it can change over time. (Sensitive Information) + +The document includes a summary of all of the principles.