sandandsnow
commented
2 years ago This is a tricky issue. Just as we don't want sites out there being security vulnerable, we don't want them to be privacy vulnerable. A bad privacy design or implementation should not be supported just because there are sites that depend on that implementation, irrespective of whether there is an alternative. I understand transitions can't always be quick and they may not be easy, and a smooth way forward is the goal, but I don't want legacy to be an obstacle to better privacy design.
jyasskin
torgo
This came up in some discussion around the draft Privacy Principles. We want to evolve the web toward improved privacy, and we're trying to write down the principles that guide new APIs to do what we want, and the removal of old APIs that don't do what we want. At the same time, we can't break the Web, and shouldn't break websites' valid use cases until we've developed replacement APIs and they've had adequate time to migrate.
I'd like to write down a principle saying that, even if one of the other principles (probably in the Ethical Web Principles, Privacy Principles, or a similar document) changes to advise against some existing API, that folks don't have to worry that browsers are going to break them immediately.
I speculate that this document is the right place to put such a principle since it guides API evolution. I'm happy to draft the text once y'all confirm that or suggest a different place.