Closed NalaGinrut closed 2 months ago
BTW, this is my personal opinion as the reviewer. And the opinions are possibly aligned in the futures discussion within the PING. Depends on situations.
Hi @NalaGinrut, thank you for the comment.
As we said in the call, this is an example of a specific threat that came up during some brainstorming about what might be important to remember. Indeed, I think it's a nice example of data minimization.
The term "minimally" is to be understood as "at the very least, at least," if you have other terms welcome, please tell me here so I can prepare a PR.
The coordination part is an element of the template that we can emphasize if you want. Anyway, doing the work first is one of the reasons I started publishing the Threat Model.
@simoneonofri Thanks for the feedback!
As I said, the minimalism
in a charter, specifically, may unintentionally imply an improper lowest bar for the newbies or people passing by. So the simplest solution is just to remove it. Say, 'privacy' may refer to ...
and let people find the more formal answer in privacy principles.
It's great appreciated if you could emphasize the privacy self-review first
which is a good way to show the attitude for newbies or people passing by.
Hope this is the minimalism work you could spend time to fix. ;-) Thank you very much!
@NalaGinrut @jyasskin
Again, thank you for the comment and discussion.
PR follows in response to the PING Comment:
Coordination: added the "self-review first". https://github.com/w3c/charter-drafts/pull/539
Feel free to approve or modify.
[cc'ing: @hlflanagan @wseltzer @timcappalli @marcoscaceres @samuelgoto @timcappalli]
I'm fine with the proposed changes.
LGTM++
I LGTM-ed all of the following PRs:
Thanks for putting this together @simoneonofri !!
LGTM3
I merged the PRs. Thank you all
Hi fedid folks! I'm the PING reviewer to help you on improving the privacy considerations. I took weeks to figure out what the group is focusing on, so please correct me if I failed to understand something correctly.
The privacy review principle We follow the exiting privacy principles, specifically, the information flow and individual autonomy.
Here're some parts could be improved:
Here, 'privacy' minimally refers to the appropriate processing of personal information and preventing third parties from unnecessarily learning anything about the end-user's environment (e.g., which wallets are available, their brand, and their capabilities).
My concern here is the word "minimally". Although I guess the word here is to set a lowest-bar, I still hope you could find a better word instead, or just remove it. Because if the charter set the lowest-bar explicitly, people may just follow the minimal way, which is far from the general privacy consideration.
Specific topics out of scope
May I ask these topics are unrelated to the group? Or related but not key things in the group? For later, is there any consensus about the division of responsibilities when there's privacy issues in the future?
In Coordination section
Before seeking the horizontal review, it's better to self-review first, this may save a lot of time for both. It's appreciated if you could mention it.
Thanks!
cc @pes10k @jyasskin