AutoSponge
commented
5 months ago @torgo Really great content here. So many gems. I'd like to offer something that I didn't find in the document but that I think will help support other principles. It could be a separate principle (Data Minimization?) or augment "enable or disable ancillary APIs". Essentially:
(user agents) (API designers) Global opt-out and lack of consent should be indistinguishable to any website from a user agent that is not capable of presenting its user an opt-in or choice to consent.
The wording is difficult and it could even be "softer" and I'd feel it was addressed. Have the ability to globally opt-out could be used against early adopters to fingerprint them, among other groups. I'd like to see something that supports those "most vulnerable" folks. What do you think?
Thanks!
matatk
In the issue title above add the document name followed by the date of this request, then the date of your proposed deadline for comments.
name of spec to be reviewed: Privacy Principles
URL of spec: https://www.w3.org/TR/2024/DNOTE-privacy-principles-20240226/
Current Rec/Note phase? wide review prior to Statement
What and when is your next expected transition? from Note to Statement.. sometime this Summer
What has changed since any previous review? First formal accessibility review
Please point to the results of your self-review: I think this document does not appear to fit into any of the categories listed in the self-review, however I am happy to revisit if I'm wrong.
Where and how to file issues arising? Please fils issues on our repo https://github.com/w3ctag/privacy-principles/
Pointer to any explainer for the spec? I don't think this is applicable
Other comments: We are in new territory here regarding wide review of statement track documents so please feel free to let me know if you'd prefer to this review request to come in another form.