The spec currently reveals monitor labels to sites through getScreenDetails. As the spec notes, this has a very high privacy risk for reidentifying people. I think thats true in the case the spec identifies (i.e., a serial number in the device label), but I think its probably true even if there are no serial numbers included (the number of people who are using any two specific kinds of different monitors is going to be very small as a % of web users, and i bet you're close to a unique identifier if someone is using three or more monitors).
The spec should either specifically descibe how implementors should "sanitize" device labels so that they are not privacy harming, or otherwise address the high risk of re-identification here
This issue is being filed as part of the requested PING privacy review #106
The spec currently reveals monitor labels to sites through
getScreenDetails. As the spec notes, this has a very high privacy risk for reidentifying people. I think thats true in the case the spec identifies (i.e., a serial number in the device label), but I think its probably true even if there are no serial numbers included (the number of people who are using any two specific kinds of different monitors is going to be very small as a % of web users, and i bet you're close to a unique identifier if someone is using three or more monitors).The spec should either specifically descibe how implementors should "sanitize" device labels so that they are not privacy harming, or otherwise address the high risk of re-identification here