Closed erosman closed 5 months ago
The statement is confusing. But Extension Store Policy is out of scope in WECG. (I added it in charter.md)
As @hanguokai mentioned store issues are out of scope for this group and should be raised with the individual companies.
The proposal was to define what is considered "data collection by extensions".
(I added it in charter.md)
Was it not added to the scope?
Data collection is a concept that is enforced by individual stores, not the WebExtensions platform.
@hanguokai created this PR to reflect consensus from browser vendors on what topics they considered of if scope for the group. If you follow the PR link, @hanguokai links back to a comment by @xeenon on another issue where he summarized consensus reached during meeting discussion.
Privacy Policy and Data Collection
IMHO, the policy would benefit from further clarification as the current wording e.g. "collect" (both on AMO & Chrome web-store) can be misunderstood by the users and developers.
Please consider the following scenarios. There is a difference between "stored" and "collected". In the 2nd & 3rd cases, using the word "collected" is cause for misunderstanding as the extension does not collect user data.
A Password utility extension that stores data remotely
In this case, user data is "collected", sent and stored on a 3rd party site associated with the extension. In fact, any extension that stores user data remotely anywhere associated with the extension, must clearly state so.
A Password utility extension that stores data locally
In this case, user data is not "collected", and not sent and stored on a 3rd party site associated with the extension. The data remains in the browser and is removed if the extension is uninstalled. The extension merely facilitate sending password that user has entered, to the site that user has selected.
A Proxy extension with authentication
Similar to above, data is stored only in the browser and is removed once extension is uninstalled. Extension simply facilitate sending password that user has entered, to the proxy server that user has selected.