Open markvandertol opened 9 years ago
This attribute was something @npdoty brought up (towards the end of the geofencing section of the meeting notes of last years TPAC. I think the idea was that if a website doesn't need the exact location it shouldn't be asking for it, and that user agents could take the includePosition
attribute into account when deciding whether to grant permission for this specific geofence or not.
But having said that, I'm not sure how helpful this is going to be in practice.
Right, the idea was to encourage site developers that don't need precise location information to not ask for it, following the basic principle of data minimization.
I'm not sure if user agents will feel comfortable making a distinction (or a user-visible distinction) between requests that ask for the precise info or not, unless they're also going to use the size of the geo-fence to try to give users some assurance that a fence won't be precise.
When adding a GeofenceRegion to the GeofenceManager it is possible to specify the option
includePosition
. It is unclear to me what advantage it would yield when a webapp adds a new geofence with the option set tofalse
. There is no description why thePosition
attribute isn't added by default to theGeofenceEvent
. The location is known when you breach, so there shouldn't be high costs involved to just add that attribute to theGeofenceEvent
.Is it a security/privacy consideration? The spec only mentions a permission related to geofencing at the moment, but should
includePosition
only be possible when the user also allows sharing of his location, since a Position has a higher accuracy than a geofence?